8. Cybersecurity Risk

Question 1

What is cybersecurity?

Answer 1

The technology, processes and measures that are designed to protect an organisation against an attack on its electronic information

Question 2

What are the 4 main challenges of cybersecurity to risk managers?

Answer 2

1. Reliance on technology
2. Availability of technology
3. Inevitability of bugs
4. Rapid evolution and lack of understanding

Question 3

What are the 3 categories of information that a business may hold?

Answer 3

1. Personal
2. Business
3. Classified

Question 4

What is business information?

Answer 4

Anything that may cause risk to the company if discovered by a third party, such as a competitor

Question 5

What is classified information?

Answer 5

That which could cause harm to public safety or security

Question 6

What are the 4 objectives of cybersecurity?

Answer 6

1. Availability
2. Confidentiality
3. Integrity of data
4. Integrity of processing

Question 7

What 3 things do cybersecurity objectives need in order to be implemented effectively?

Answer 7

1. Sufficient budget and resource
2. Communicated clearly
3. Key stakeholder support

Question 8

What are the 3 categories of factors which influence cybersecurity risk?

Answer 8

1. Technologies
2. Organisational factors
3. Organisational change

Question 9

What factors fall under the technologies category of influencers to cybersecurity risk?

Answer 9

1. Outsourcing of IT services (cloud)
2. Mobile devices
3. Network structure
4. Service providers/hosts
5. Software applications
6. Obsolete systems
7. Dependence on emerging tech

Question 10

What factors fall under the organisational category of influencers to cybersecurity risk?

Answer 10

1. Structure/size of IT department
2. Types of user groups
3. Geographic location (+ legal)
4. Organisational structure
5. Cybersecurity responsibility

Question 11

What factors fall under the organisational change category of influencers to cybersecurity risk?

Answer 11

1. Have products or services changed?
2. Any legislative change?
3. Any change to org structure or departmental responsibilities?

Question 12

What is malware?

Answer 12

Software which is specifically designed to disrupt or gain unauthorised access to a computer system

Question 13

What is a virus?

Answer 13

A user opens or runs a host file which releases the virus, which then infects the users files and can restrict access or damage information

Question 14

What is a worm?

Answer 14

Like a virus, but does not require the host to open a file

Question 15

What is a Trojan?

Answer 15

Malware that masquerades as real software but infects the computer when launched

Question 16

What is Spyware?

Answer 16

Malware that enables the originator to spy on the user’s activity

Question 17

What is Malversiting?

Answer 17

An online advert which has malware written into the code, either directing to a site where malware can be installed or directly infecting the computer

Question 18

What are Botnets?

Answer 18

A network of private computers infected with malware and controlled by an agent without the knowledge of the owner

Question 19

What is Ransomware?

Answer 19

Encrypting the users data and demanding payment for it’s release

Question 20

What is polymorphic malware?

Answer 20

Malware which avoids being detected by constantly changing its features

Question 21

What is the ‘ultimate’ line of attack against malware?

Answer 21

Antivirus software

Question 22

What are application attacks?

Answer 22

Attacks that target websites to alter their functionality and presentation, or extract sensitive information

Question 23

What are the 4 types of application attack?

Answer 23

1.Bot attack
2. Distributed Denial of Service
3. Cross Site Scripting
4. SQL injection

Question 24

What is a bot attack?

Answer 24

Web robots that are used maliciously, e.g. to send spam email addresses

Question 25

What are the 3 methods of defence against a bot attack?

Answer 25

1. Maintain antibot software
2. Evaluate who is accessing systems and where from
3. Look out for sudden spikes or repeated login failures

Question 26

What is a DDoS attack?

Answer 26

A distributed denial of service attack - overwhelms a web application with so much traffic that it crashes

Question 27

What is a buffer overflow attack?

Answer 27

A DDoS attack which starts to overwrite existing data

Question 28

What are the 2 methods of defence against a DDoS attack?

Answer 28

1. Install a firewall
2. Invest in DDoS hardware and software to filter traffic

Question 29

What is Cross Site Scripting?

Answer 29

The attacker reprograms buttons on a website and redirects users to another site, disrupting traffic but also sometimes extracting sensitive information

Question 30

How do you protect from Cross Site Scripting?

Answer 30

Ensure changes to script are only allowed from authorised sources

Question 31

What is an SQL injection?

Answer 31

The attacker submits malicious software code into the organisations database by typing code into data input fields, which corrupts the data

Question 32

How do you protect from SQL injections?

Answer 32

Input fields are locked by data type and character length

Question 33

What is a hacker?

Answer 33

A skilled computer programmer who circumvents and organisations security systems to access sensitive information

Question 34

What is an ethical hacker?

Answer 34

Hackers that break into an organisations systems in order to test the level of security, with prior knowledge and consent

Question 35

What is social engineering?

Answer 35

Influencing people to do something that would not normally do

Question 36

What are the 6 principles of persuasion?

Answer 36

1. Reciprocity
2. Scarcity
3. Authority
4. Consistency
5. Liking
6. Consensus

Question 37

What is phishing?

Answer 37

Using fradulent messages to steal sensitive information such as passwords, or install malware

Question 38

What is Spear phishing?

Answer 38

Targeting a specific user

Question 39

What is domain fraud?

Answer 39

A phishing email that imitates genuine domains but takes to a fraudulent page

Question 40

What are the 5 types of cost of a security breach?

Answer 40

1. Paying ransom demands
2. Legal claims
3. Diversion of resource
4. Loss of revenue
5. Increased regulations

Question 41

What 3 risks does the increased use of social media increase?

Answer 41

1. Identity fraud
2. Damage to reputation
3. Trolling

Question 42

What are the 5 opportunities to organisations through social media?

Answer 42

1. Advertising
2. Brand development
3. Big data analytics
4. Communication
5. Real time information gathering

Question 43

What are the 6 main risks brought to organisations by social media?

Answer 43

1. Human error (clicking on viruses)
2. Productivity
3. Data protection
4. Hacking
5. Reputation
6. Inactivity

Question 44

What are the 6 main risks brought to individuals by social media?

Answer 44

1. Going viral
2. Employment issues
3. Legal sanction
4. Physical theft
5. Identify fraud
6. Permanence

Question 45

What 3 things must a cybersecurity policy do?

Answer 45

1. Protect from cyberattack
2. Detect attacks
3. Respond promptly

Question 46

What do certificates particularly help protect against?

Answer 46

Man in the Middle attacks (3rd party between two sides and passing information)

Question 47

What are the 5 main aims of a Computer Incident Response Team?

Answer 47

1. Minimise losses
2. Restore normal operations
3. Assist with investigations
4. Provide data to support planned responses
5. Assist with communications

Question 48

What is applied cyber security?

Answer 48

Being aware of risks and how they can be defended against

Question 49

What does network segmentation do?

Answer 49

Provide strong control over who can access what

Question 50

What are the 2 types of firewall?

Answer 50

1. Network firewal (limit access to system)
2. Application firewall (filters out damaging content)

Question 51

What are the 6 elements of applied cybersecurity?

Answer 51

1. Device defences
2. Device software updates
3. BYOD limitations
4. Network configuration management
5. Firewalls
6. Antivirus and endpoint security

Question 52

What are the 5 methods for communicating cybersecurity measures to staff?

Answer 52

1. Training programmes
2. Policy and procedures manual
3. Job descriptions
4. Code of conduct
5. Promotion of whistle blower hotline

Question 53

What are the 5 methods of IT protection available to organisations?

Answer 53

1. Policies and procedures
2. Software updates
3. Specialist software e.g. firewalls
4. Configuration controls
5. Application controls

Question 54

What risk does ISO27001 address?

Answer 54

IT security risk

Question 55

What are the 5 stages of the ISO27001 risk assessment?

Answer 55

1. Establish a risk assessment framework
2. Identify risks
3. Analyse risks (impact/likelihood)
4. Evaluate risks (vs appetite)
5. Select risk management option

Question 56

What 3 things should an organisation do in systems monitoring?

Answer 56

1. Detect attacks
2. React to attacks
3. Account for activity

Question 57

What are the 7 steps in the systems monitoring process?

Answer 57

1. Establish a strategy
2. Monitor all systems
3. Monitor network for unusual activity
4. Monitor users for unauthorised activity
5. Establish centralised collection
6. Ensure policies and procedures in place
7. Conduct a lessons learned review

Question 58

What is business continuity planning?

Answer 58

A proactive approach that allows the organisation to continue to operate while the cybersecurity threat is resolved

Question 59

What is disaster recovery planning?

Answer 59

A reactive approach that focuses solely on taking action to restore the organisation to it’s original position

Question 60

What are the 4 types of back ups in BCP/BRP?

Answer 60

1. Mirror site
2. Hot back up site
3. Warm back up site
4. Cold back up site