Chapter 1

Question 1

Define Cybersecurity

Answer 1

the protection of information assets by addressing threats to information processed, stored and transported by internetworked information systems

Question 2

Confidentiality

Answer 2

protection from unauthorized access

Question 3

Integrity

Answer 3

protection from unauthorized modification

Question 4

Availability

Answer 4

protection from disruption to access

Question 5

Define APT

Answer 5

Advanced Persistent Threats - attacks by adveraries with sophisticated levels of expertise and resources

Question 6

5 Key Functions of Protecting Digital Assets

Answer 6

Identify
Protect
Detect
Respond
Recover

Question 7

Define Identify

Answer 7

Use organizational understanding to minimize risk to systems, assets, data, and capabilities.

Question 8

Define Protect

Answer 8

Design safeguards to limit the impact of potential events on critical services and infrastructure.

Question 9

Define Detect

Answer 9

Implement activities to identify the occurrence of a cybersecurity event.

Question 10

Define Respond

Answer 10

Take appropriate action after learning of a security event.

Question 11

Define Recover

Answer 11

Plan for resilience and the timely repair of compromised capabilities and services.

Question 12

CIA

Answer 12

Confidentiality
Integrity
Availability

Question 13

Method Controls for Confidentiality

Answer 13

Access Controls
File Permissions
Encryption

Question 14

Method Controls for Integrity

Answer 14

Access Controls
Logging
Digital Signatures
Hashes
Encryption

Question 15

Method Controls for Availability

Answer 15

Redundancy
Backups
Access Controls

Question 16

Define nonrepudiation

Answer 16

when a piece of information is genuine

Question 17

How do you achieve nonrepudiation

Answer 17

use logs and digital signatures

Question 18

What are the three cybersecurity topics?

Answer 18

Governance
Risk Management
Compliance

Question 19

Who is responsible for governance?

Answer 19

the board of directors and senior management of the organization

Question 20

Goals of governance

Answer 20

• Provide strategic direction
• Ensure that objectives are achieved
• Verify that the organization’s resources are being used responsibly

Question 21

Define Risk Management

Answer 21

The process by which an organization manages risk to acceptable levels

risk can be financial, physical or cyber

Question 22

Define Compliance

Answer 22

the act/ability of adhering to mandated requirements defined by laws and regulations

Question 23

Cybersecurity Roles

Answer 23

Board of Directors
Executive Committee
Security Management
Cybersecurity Practitioner