InfoWorld security quiz: Test your network security smarts

I reiterate a lot of topics in this blog, if only to drive home the most salient points that should be incorporated into any organization’s network security defense plan. Have you been paying attention? Take the short quiz below to find out.

Reach each question, then write down your answer or make a mental note. Click the question, and you’ll be taken to the correct answer.

1. What is the biggest contributing factor in the frequency of software hacks?
2. What is the biggest computer security threat in most environments?
3. What is the single best way to lower your network security risk?
4. What security software is the best at lowering your network security risk?
5. What is a safe password length?
6. What is the safest way to enter your password on an untrusted system (such as a conference computer)?
7. What are the best tools for catching previously unidentified hackers, malware, and trusted insiders carrying out unauthorized actions?
8. Can cloud apps be trusted?
9. What security risk lifecycle should you follow when find too many unmanaged assets at your organizations?
10. What is the best way to “fix” the Internet?

Got your answers? Then read on for the solutions to each question.

Next: Question 1: What is the biggest contributing factor in the frequency of software hacks?

Question 1: What is the biggest contributing factor in the frequency of software hacks?

Answer: The most popular software in its operational niche — whether they’re browsers, document formatting, Web servers, and so on — gets attacked the most. Bank robbers target banks because that’s where the money is, and hackers go after popular software for the same reason.

Question 2: What is the biggest computer security threat in most environments?

Answer: The biggest threats are social-engineering attacks that dupe end-users into executing Trojan horse programs. Users are prompted to install a “needed” program, such as a fake antivirus, a patch update, or a viewing app, which results in the installation of malware that gives unauthorized outsiders access to internal data and networks.

Question 3: What is the single best way to lower your network security risk?

Answer: Prevent end-users from installing Trojan horse programs. How you do that is the bigger question, but good defenses include blocking your end-users from installing unauthorized software, discouraging casual elevated logon use, and using antimalware software.

Question 4: What security software is the best at lowering your network security risk?

Answer: Application control products — aka whitelisting software — if appropriately implemented, are easily the No. 1 way to reduce malicious risk in most environments. These offerings, which include Bit9’s Parity, Microsoft AppLocker, Coretrace Bouncer, and McAfee Solidcore, will prevent unauthorized software from being installed and executed. Although these products can’t prevent every malicious threat, they protect you against the most significant attacks.

Question 5: What is a safe password length?

Answer: It depends on the system and threat, but in general, the bare minimum character length that’s acceptable in most current security audits is 8. At 10 characters or more, passwords start to become resilient against most attacks, although several experts and guidelines recommend 12-character minimums. Elevated accounts should use 15-character or longer passwords. All passwords should be changed at maximum of every 90 days. Check out this blog entry for more information on good password-security practices.

Question 6: What is the safest way to enter your password on an untrusted system (such as a conference computer)?

Answer: Trick question — never enter your password on a system that has not remained under your total control from day one. This means never picking up email from hotel computers, conference kiosks, and friends’ computers. It’s just too risky when seemingly half the world’s computers are infected with some sort of malware.

Question 7: What are the best tools for catching previously unidentified hackers, malware, and trusted insiders carrying out unauthorized actions?

Answer: Intrusion detection software, honeypots and event log management are the security tools you’ll need for these circumstances. IDSes and honeypots, in particular, are great at catching anomalous activities. Most malicious hacking is recorded on event logs, if only administrators would configure them to alert appropriately.

Question 8: Can cloud apps be trusted?

Answer: Yes, you can trust the cloud for the most general-purpose, general-level-of-trust applications. Cloud computing is coming to nearly every environment, one way or another. Although some clouds may not offer perfect security, in most cases, it’s probably already better than what is practiced in noncloud spaces.

Question 9: What security risk lifecycle should you follow when you find too many unmanaged assets at your organization?

Answer: First, inventory your assets. Delete what you don’t need and secure the rest. Implement policies to keep them secure. Read more about developing a resource lifecycle plan.

Question 10: What is the best way to “fix” the Internet?

Answer: Build in pervasive identity and communicated levels of trust so that receivers know how much trust they can put into a received packet or chunk of data. Without these two traits, which are inherent in any large-scale infrastructure system, the Internet will never be any more secure than it is today; that is, it will remain relatively insecure.

How did you do? If you got most of them correct, consider yourself among the best-educated security defenders around — and not just because you read my column. Rather, you understand what it really takes to significantly reduce security risk. Most defenders are still waiting for better patching tools and perfect antivirus scanners to save the day. You already realize that most of the world is concentrating on the wrong things. Keep fighting the good fight!

This story, “InfoWorld security quiz: Test your network security smarts,” was originally published at InfoWorld.com. Follow the latest developments in network security and read more of Roger Grimes’ Security Adviser blog at InfoWorld.com.