Class three

Question 1

Identify

Answer 1

First step of security framework, identification of your valuable assets - consider all locations in digital landscape, all potential vectors of attack, inherent value of each location. Not necessarily within a network perimeter due to mobile, cloud, and supplier systems.

Question 2

Protect

Answer 2

Second step of security framework, protect with appropriate security using various control types. Categories of control: physical, technical, procedural, legal.

Question 3

Detect

Answer 3

Third step of security framework, detect compromised accounts and devices

Question 4

Respond

Answer 4

Fourth step of security framework, quarantine the problem and identify countermeasures

Question 5

Recover

Answer 5

Last step of security framework, replace, restore, or otherwise fix compromised assets

Question 6

Cyber defense points

Answer 6

Determine where important info is located and where it passes through. Data, devices, applications, systems, networks, communication channels.

Question 7

Control types

Answer 7

Physical, procedural, technical, and legal security controls.

Question 8

Control modes

Answer 8

proactive/preventative, reactive/detective, corrective cyber defenses.

Question 9

Information classification

Answer 9

assignment of one or more values to a collection of knowledge to help us understand how alike it is to other sets of knowledge and know the comparative security requirements and priority. CIA for infosec. Sometimes also consent for info on private individuals.

Question 10

consent

Answer 10

Legal considerations are involved in how personal electronic information can be used and where it can be viewed, stored, transmitted, or otherwise processed. As such, permission is required to specify what info can be collected, where processed, how long retained.

Question 11

Confidentiality

Answer 11

assignment of a value to a set of info to indicate level of secrecy and access restrictions required to prevent unauthorized people from viewing it.

Question 12

Integrity

Answer 12

value assigned to a set of information to indicate how sensitive it is to degradation of accuracy or data loss (loss of access, not theft). Typically how often to back it up or if it needs a permanent failover system.

Question 13

Availability

Answer 13

value assigned to a set of information to indicate how much disruption or outage the owner considers acceptable. Often a time scale. If needs to always be available, redundant failsafe.

Question 14

Data as defense point

Answer 14

info in digital or electronic format, some security controls can be applied directly to this.

Question 15

Devices as defense point

Answer 15

hardware used to create, modify, process, store, or transmit data: computers, smartphones, USB.

Question 16

Applications as defense point

Answer 16

software on any device. Usually used to create, modify, process, store, inspect, or transmit info.

Question 17

Systems as defense point

Answer 17

groups of applications for a complex purpose

Question 18

Networks as defense point

Answer 18

group of devices, wiring, and applications that connect, carry, broadcast, monitor, or safeguard data. Can be physical or virtual.

Question 19

Security architect benefits

Answer 19

Can help reorganize infosec landscape to make it easier to defend.

Question 20

Physical security

Answer 20

Measures designed to deter, prevent, detect, or alert unauthorized real-world access to a site or material item.

Question 21

Technical control

Answer 21

use of electronic or digital method to influence or command how something like a digital device can or cannot be used. Eg removing ability to cut and paste on smartphone.

Question 22

Procedural control

Answer 22

instruction during a sequence of required steps to limit how something is or is not permitted to be used. Eg: minimum of 2 authorized persons to approve access request.

Question 23

Legal control

Answer 23

legislation to promote and invest in positive security methods and deter, punish, and correct infringements.

Question 24

Advanced persistent threats (APTs)

Answer 24

term used to describe tenacious and highly evolved set of tactics used by threat actors to infiltrate networks through digital devices and leave malicious software in place for as long as possible.