2.1 What is InfoSec

Question 1

Defining Security: Security involves :
*

Answer 1

protecting assets from various threats, including cyberattacks and natural disasters, with a focus on the most likely risks.

Question 2

Types of Assets: Assets can be ______________or _____________ and both types require protection.
*

Answer 2

physical (like hardware) or intangible (like data),

Question 3

Value: In modern computing environments, _____________________ often hold equal or greater value than physical assets.
*

Answer 3

logical assets (data and intellectual property)

Question 4

Definition of Information Security: Information security is about __________________________.
*

Answer 4

safeguarding information systems from unauthorized access and misuse.

Question 5

Security vs. Usability: A secure system may be impractical; increasing security typically reduces __________, necessitating a balance between the two.
*

Answer 5

productivity;

Question 6

Cost vs. Value in Security: Security measures should be _________________ to the value of the asset being protected; excessive security for low-value items is inefficient.
*

Answer 6

proportional

Question 7

Defining Security Levels: Determining when a system is ______________ is complex; no single measure guarantees complete security.
*

Answer 7

secure

Question 8

Identifying Insecurity: Examples of insecure practices include failing to apply _____________ or _______________; recognizing these helps mitigate risks.
*

Answer 8

updates or using weak passwords

Question 9

Legal Standards for Security: _________ ___________ for security vary by industry and country; organizations must comply with relevant laws to avoid violations.
*

Answer 9

Legal frameworks

Question 10

Regulatory Examples: Specific regulations like _________ and __________ provide guidelines for what constitutes adequate security in various sectors.
*

Answer 10

PCI DSS; HIPAA

Question 11

Models for Security Discussion: Having models like the CIA triad helps ______________ discussions around security concepts among professionals.
*

Answer 11

standardize

Question 12

CIA Triad Explanation: The CIA triad—______________ __________ ____________—serves as a foundational model for understanding information security.
*

Answer 12

confidentiality, integrity, and availability

Question 13

: ______________ involves protecting data from unauthorized access through various means at different levels.
*

Answer 13

Confidentiality

Question 14

______________ ensures that data remains unchanged except by authorized users; mechanisms like permissions help maintain this principle.
*

Answer 14

Integrity

Question 15

______________ ensures data is accessible when needed; disruptions can arise from various issues like attacks or system failures.

Answer 15

Availability

Question 16

*
CIA Triad Application: The CIA triad aids in ___________________ by highlighting potential breaches in confidentiality, integrity, or availability.
*

Answer 16

analyzing specific security incidents

Question 17

The ______________expands on the CIA triad by including possession/control, authenticity, and utility for a more comprehensive understanding of security.
*

Answer 17

Parkerian hexad

Question 18

This principle focuses on the _________________of data storage media and its implications for _____________ and ______________.
*

Answer 18

physical control ; confidentiality and integrity.

Question 19

______________ verifies that data originates from the correct source; _________________ can help enforce this principle.
*

Answer 19

Authenticity - digital signatures

Question 20

____________ assesses how useful data is; it varies based on context and can impact how effectively data serves its purpose.
*

Answer 20

Utility

Question 21

Application of Models in Security Discussions: Both the __________ and __________________ provide frameworks for discussing potential security failures and necessary controls.
*

Answer 21

CIA triad , Parkerian hexad

Question 22

Types of Attacks Overview: Attacks can be categorized into __________, _____________, _____________, and _____________, affecting different aspects of the CIA triad.
*

Answer 22

interception; interruption; modification; fabrication

Question 23

________________allows unauthorized access to data and primarily threatens _______________ through methods like eavesdropping or unauthorized file access.
*

Answer 23

Interception; confidentiality

Question 24

_______________ refers to stored data not currently being transferred, while______________is actively being transmitted; both require _______________.
*

Answer 24

Data at rest; data in motion ; protection measures like encryption.

Question 25

__________ attacks make assets unavailable or unusable, impacting ______________ primarily but potentially affecting __________ as well.
*

Answer 25

Interruption; availability; integrity

Question 26

____________________ attacks involve unauthorized changes to data or systems, threatening both __________ and __________ depending on context.
*

Answer 26

Modification; integrity; availability

Question 27

______________ involves creating false data or processes that compromise ____________ and may affect _____________ through resource consumption.

Answer 27

Fabrication; integrity; availability

Question 28

• ______________ are potential sources of harm specific to certain environments; understanding them is crucial for effective risk management.
  *

Answer 28

Threats

Question 29

___________________ are weaknesses that threats can exploit; identifying them is essential for assessing risk levels in any environment.
*

Answer 29

Vulnerabilities

Question 30

____________ arises when there is both a threat and a corresponding vulnerability; it quantifies the likelihood of an adverse event occurring.
*

Answer 30

Risk

Question 31

Considerations in Risk Assessment: Some organizations consider _________ alongside risk to evaluate the potential consequences based on asset value during threat assessments.
*

Answer 31

impact

Question 32

Risk Management Overview: Risk management involves _____________ __________, assessing ____________and _____________, and implementing measures to ________ ___________ effectively.
*

Answer 32

identifying assets; threats and vulnerabilities, mitigate risks

Question 33

Identifying Assets Importance: Knowing what assets need protection is crucial; this task can become __________ in larger organizations with diverse hardware and software environments.
*

Answer 33

Identifying Assets Importance: Knowing what assets need protection is crucial; this task can become complex in larger organizations with diverse hardware and software environments.

Question 34

Identifying Threats Process: After identifying critical assets, organizations must ____________potential threats using _________________ for clarity.

Answer 34

Identifying Threats Process: After identifying critical assets, organizations must assess potential threats using established models like the CIA triad or Parkerian hexad for clarity.

Question 35

___________ assessment must consider relevant threats; not all ________________ pose equal risk based on their context within an organization’s operations.
*

Answer 35

Assessing Vulnerabilities Contextually: Vulnerability assessment must consider relevant threats; not all vulnerabilities pose equal risk based on their context within an organization’s operations.

Question 36

Evaluating _________ involves linking identified threats with corresponding vulnerabilities to determine _________ effectively.
*

Answer 36

risks; overall risk levels

Question 37

________________—physical, logical, and administrative—is essential for addressing identified risks associated with threats and vulnerabilities.
*

Answer 37

Implementing controls

Question 38

_____________ safeguard environments where systems operate; they include barriers like locks and guards that prevent unauthorized access to sensitive areas.
*

Answer 38

Physical controls

Question 39

_____________ protect systems through technical measures such as encryption and access controls that prevent unauthorized activities within networks.
*

Answer 39

Logical controls

Question 40

__________________consist of policies governing user behavior; their effectiveness relies on enforcement mechanisms to ensure compliance across the organization.
*

Answer 40

Administrative controls

Question 41

_____________________ are crucial for managing unexpected events efficiently; preparation helps ensure effective action during real incidents.
*

Answer 41

Incident response plans

Question 42

The incident response process includes______________, ___________, ____________, _____________, _____________, and post-incident activity phases for comprehensive management of incidents.
*

Answer 42

preparation; detection/analysis, containment; eradication; recovery;

Question 43

_____________ involves creating policies and training personnel ahead of incidents to enhance response effectiveness when emergencies arise.
*

Answer 43

Preparation

Question 44

__________ and _____________Phase Explained: This phase focuses on identifying incidents using tools like IDS or antivirus software while combining automated analysis with human judgment for accurate evaluation.
*

Answer 44

Detection and Analysis

Question 45

: ____________ aims to limit damage during an incident by isolating affected systems or implementing measures to prevent further harm from ongoing attacks.
*

Answer 45

Containment

Question 46

Eradication Phase Actions: Eradication involves removing __________ or other threats from affected systems while ensuring that similar issues do not recur across the environment during recovery efforts.
*

Answer 46

malware;

Question 47

____________ Phase Challenges: ___________ entails restoring systems to their previous state post-incident; it can be complex due to uncertainties about backup integrity or missing components during restoration efforts.
*

Answer 47

Recovery; Recovery

Question 48

Conducting ________________ helps organizations learn from events by analyzing causes and implementing improvements to prevent future occurrences effectively.
*

Answer 48

post-incident reviews

Question 49

______________involves creating multiple layers of defense against attacks; this strategy aims to __________ _________long enough for effective response actions to be initiated if breaches occur.
*

Answer 49

Defense in depth , delay attackers

Question 50

Effective________ ___________ should include protections at various levels—external network, internal network, host systems, applications, and data—to create robust barriers against potential intrusions.
*

Answer 50

defense strategies

Question 51

While defense in depth enhances security __________ against attacks, it cannot guarantee______________ ____________; its goal is timely _____________ rather than absolute immunity from breaches.
*

Answer 51

resilience; complete prevention; detection

Question 52

Password Management Strategies: Implementing strong password policies can_____ ____________ security by making it challenging for attackers to compromise accounts through _____ ____________ methods over time if complexity requirements are enforced consistently across users’ accounts

Answer 52

significantly enhance; brute force

Question 53

What is Identity Proofing? 3x

Answer 53

• Not the same as authentication.
• Before you give out credentials, you “Identity Proof” somebody.
• Validates someone’s identity before credentials are issued
  o Driver’s License, Passport, etc