Chapter 1- Overview Flashcards

1
Q

Act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction.

A

Information Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Act of protecting the systems that hold and process our critical data.

A

Information Systems Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does CIA Triad stand for?

A
  • Confidentiality
  • Integrity
  • Availability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Information has not been disclosed to unauthorized people.

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Information has not been modified or altered without proper authorization.

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Information is able to be stored, accessed, or protected at all times.

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does AAA of Security stand for?

A
  • Authentication
  • Authorization
  • Accounting
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

When a person’s identity is established with proof and confirmed by a system.

A

Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Occurs when a user is given access to a certain piece of data or certain areas of a building

A

Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

▪ Tracking of data, computer usage, and network resources ▪ Non-repudiation occurs when you have proof that someone has taken an action

A

Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the Security Threats?

A
  • Malware
  • Unauthorized Access
  • System Failure
  • Social Engineering
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Short-hand term for malicious software (More in Chapter 2)

A

Malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Occurs when access to computer resources and data occurs without the consent of the owner

A

Unauthorized Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Occurs when a computer crashes or an individual application fails

A

System Failures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Act of manipulating users into revealing confidential information or performing other detrimental actions

A

Social Engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the Mitigating Threats

A
  • Physical Controls
  • Technical Controls
  • Administrative Controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Alarm systems, locks, surveillance cameras, identification cards, and security guards are all examples of?

A

Physical Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Smart cards, encryption, access control lists (ACLs), intrusion detection systems, and network authentication

A

Technical Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Policies, procedures, security awareness training, contingency planning, and disaster recovery plans

A

Administrative Controls

20
Q

What are the different Hackers?

A
  • White Hats
  • Black Hats
  • Gray Hats
  • Blue Hats
  • Elite
21
Q

Non-malicious hackers who attempt to break into a company’s systems at their request

A

White Hats

22
Q

Malicious hackers who break into computer systems and networks without authorization or permission

A

Black Hats

23
Q

Hackers without any affiliation to a company who attempt to break into a company’s network but risk the law by doing so

A

Gray Hats

24
Q

Hackers who attempt to hack into a network with permission of the company but are not employed by the company

A

Blue Hats

25
Q

Hackers who find and exploit vulnerabilities before anyone else does

A

Elite

26
Q

What are the different Threat Actors

A
  • Script Kiddies
  • Hacktivists
  • Organized Crime
  • Advanced Persistent Threats (APTs)
27
Q

Hackers with little to no skill who only use the tools and exploits written by others

A

Script Kiddies

28
Q

Hackers who are driven by a cause like social change, political agendas, or terrorism

A

Hacktivists

29
Q

Hackers who are part of a crime group that is well-funded and highly sophisticated

A

Organized Crime

30
Q

Highly trained and funded groups of hackers (often by nation states) with covert and open-source intelligence at their disposal

A

Advanced Persistent Threats (APTs)

31
Q

What are the different types of intelligence?

A
  • Proprietary
  • Closed-Source
  • Open-Source
  • Open-Source Intelligence (OSINT)
32
Q

Threat intelligence is very widely provided as a commercial service offering, where access to updates and research is subject to a subscription fee

A

Proprietary

33
Q

Data that is derived from the provider’s own research and analysis efforts, such as data from honeynets that they operate, plus information mined from its customers’ systems, suitably anonymized

A

Closed-Source

34
Q

Data that is available to use without subscription, which may include threat feeds similar to the commercial providers and may contain reputation lists and malware signature databases

A

Open-Source

35
Q

Methods of obtaining information about a person or organization through public records, websites, and social media

A

Open-Source Intelligence (OSINT)

36
Q

A cyber security technique designed to detect presence of threat that have not been discovered by a normal security monitoring

A

Threat Hunting

37
Q

A model developed by Lockheed Martin that describes the stages by which a threat actor progresses a network intrusion

A

Kill Chain

38
Q

What are the different stages of the Kill Chain?

A
  • Reconnaissance
  • Weaponization
  • Delivery
  • Exploitation
  • Installation
  • Command & Control (C2)
  • Actions on Objectives
  • MITRE ATT%CK Framework
  • Diamond Model of Intrusion Analysis
39
Q

The attacker determines what methods to use to complete the phases of the attack.

A

Reconnaissance

40
Q

The attacker couples payload code that will enable access with exploit code that will use a vulnerability to execute on the target system.

A

Weaponization

41
Q

The attacker identifies a vector by which to transmit the weaponized code to the target environment.

A

Delivery

42
Q

The weaponized code is executed on the target system by this mechanism

A

Exploitation

43
Q

This mechanism enables the weaponized code to run a remote access tool and achieve persistence on the target system

A

Installation

44
Q

The weaponized code establishes an outbound channel to a remote server that can then be used to control the remote access tool and possibly download additional tools to progress the attack

A

Command & Control (C2)

45
Q

The attacker typically uses the access he has achieved to covertly collect information from target systems and transfer it to a remote system (data exfiltration) or achieve other goals and motives

A

Actions on Objectives

46
Q

A knowledge base maintained by the MITRE Corporation for listing and explaining specific adversary tactics, techniques, and common knowledge or procedures (attack.mitre.org)

A

MITRE ATT%CK Framework

47
Q

A framework for analyzing cybersecurity incidents and intrusions by exploring the relationships between four core features: adversary, capability, infrastructure, and victim

A

Diamond Model of Intrusion Analysis