Basics and Fundamentals

Question 1

What is the act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction?

Answer 1

Information Security

Question 2

What is the act of protecting the systems that hold and process our critical data?

Answer 2

Information Systems Security

Question 3

What are the 3 parts of the CIA triad?

Answer 3

Confidentiality
Integrity
Availability

Question 4

What is it to have information that has not been disclosed to unauthorized people?

Answer 4

Confidentiality

Question 5

What is it to have information that has not been modified or altered without proper authorization?

Answer 5

Integrity

Question 6

What is it to have information that is able to be stored, accessed, or protected at all times?

Answer 6

Availability

Question 7

What are the AAA’s of security?

Answer 7

Authentication
Authorization
Accounting

Question 8

When a person’s identity is established with proof and confirmed by a system.

Answer 8

Authentication

Question 9

Occurs when a user is given access to a certain piece of data or certain areas of a building.

Answer 9

Authorization

Question 10

Tracking of data, computer usage, and network resources.

Answer 10

Accounting

Question 11

What are the ways a person’s identity is established?

Answer 11

Something you know.
Something you are.
Something you have.
Something you do.
Somewhere you are.

Question 12

What are the major security threat types?

Answer 12

Malware
Unauthorized Access
System Failure
Social Engineering

Question 13

Short for malicious software.

Answer 13

Malware

Question 14

Occurs when access to computer resources and data occurs without the consent of the owner.

Answer 14

Unauthorized Access

Question 15

Occurs when a computer crashes or an individual application fails.

Answer 15

System Failure

Question 16

The act of manipulating a user into revealing confidential information or performing other detrimental actions.

Answer 16

Social Engineering

Question 17

What are 3 ways to mitigate threats?

Answer 17

Physical, technical and administrative controls

Question 18

Alarm systems, locks, surveillance cameras, identification cards, and security guards.

Answer 18

Physical Controls

Question 19

Smart cards, encryption, access control lists (ACLs), intrusion detection systems, and network authentication.

Answer 19

Technical Controls

Question 20

Policies, procedure, security awareness training, contingency planning, and disaster recovery plans.

Answer 20

Administrative Controls

Question 21

What is the most cost-effective administrative security control to use?

Answer 21

User training

Question 22

What are the 5 types of hackers?

Answer 22

White, Black, Gray, and Blue Hats, Script Kiddies

Question 23

A non-malicious hacker who attempts to break into a company’s systems at their request.

Answer 23

White Hat

Question 24

A malicious hacker who breaks into a company’s computer systems and network without authorization or permission.

Answer 24

Black Hat

Question 25

A hacker without any affiliation to a company who attempts to break into a company’s network, but risk the law by doing so

Answer 25

Gray Hat

Question 26

A hacker who attempts to hack into a network with permission of the company but are not employed by the company.

Answer 26

Blue Hat

Question 27

Hackers who find and exploit vulnerabilities before anyone else does.

Answer 27

Elite Hacker

Question 28

Hackers with limited skills who only use other people’s exploits and tools.

Answer 28

Script Kiddies

Question 29

What are 4 types of threat actors in order of lowest to highest skill level?

Answer 29

Script Kiddies
Hacktivists
Organized Crime
Advanced Persistent Threats

Question 30

Hackers who are driven by a cause like social change, political agendas, or terrorism.

Answer 30

Hacktivists

Question 31

Hackers who are part of a crime group that is well-funded and highly sophisticated.

Answer 31

Organized Crime

Question 32

Highly trained and funded groups of hackers, often employed by nation states, with covert and open-source intelligence at their disposal.

Answer 32

Advanced Persistent Threats