Cyber Security

Question 1

is the practice of protecting systems, networks, and programs from digital attacks. These attacks typically include business interruptions or the theft, tampering, or destruction of sensitive information.

Answer 1

Cybersecurity

Question 2

Pillars of Cyber Security

Answer 2

Policies & Procedures
Products & Services
Best Practices

Question 3

is now a combination of best practices, policies, and procedures along with various security products and services. All these concepts work together to make up the modern day cybersecurity stack.

Answer 3

Cybersecurity

Question 4

CIA Triad

Answer 4

Confidentiality
Integrity
Availability

Question 5

Data is protected against unauthorized changes

Answer 5

Integrity

Question 6

Data is protected from unauthorized access

Answer 6

Confidentiality

Question 7

Authorized data access whenever you need it

Answer 7

Availability

Question 8

A model designed to guide policies for information security within an organization

Answer 8

CIA Triad

Question 9

is kept secret to prevent: identity theft, compromised accounts and systems, legal concerns, damage to reputation, and other severe consequences.

Answer 9

Confidential information

Question 10

To determine if data should be confidential, ask:

Answer 10

Who is authorized?
Do confidentiality regulations apply?
Are there conditions for when data can be accessed?
What would the impact of disclosure be?
Is the data valuable?

Question 11

are always after sensitive information or personal data.

Answer 11

Cybercriminals

Question 12

To keep confidential data secure, control data access and use security tools like

Answer 12

encryption and multifactor authentication (MFA)

Question 13

is one of the most valuable assets a company can have, but it is NOT STATIC. It can be transferred to other systems, altered, and updated multiple times.

Answer 13

Data

Question 14

guarantees that data is accurate, complete, and consistent.

Answer 14

Data integrity

Question 15

It covers data in storage, during processing, and in transit

Answer 15

Integrity

Question 16

Without this, loss, corruption, or compromise can cause significant damage and financial loss for both businesses and customers.

Answer 16

Data Integrity

Question 17

2 Main Types of Integrity

Answer 17

Physical Data Integrity
Logical Data Integrity

Question 18

are the checks and protocols that protect data from human error and hackers. These confirm that data is correct and accurate as it’s used in different ways within an organization

Answer 18

Logical data integrity

Question 19

is the collection of actions and fail-safes that protect the physical systems that store and process the data.

Answer 19

Physical data integrity

Question 20

means that authorized users have immediate and reliable access to their data. This includes granting access to authorized users with passwords and security questions.

Answer 20

Data availability

Question 21

Some of the most fundamental threats to availability are

Answer 21

non-malicious, including hardware failures, unscheduled software downtime, and network bandwidth issues.

Question 22

DoS

Answer 22

Denial of Service

Question 23

NIST Cybersecurity Framework

Answer 23

Identify
Protect
Detect
Respond
Recover

Question 24

What processes and assets need protection?

Answer 24

Identify

Question 25

Implement appropriate safeguards to ensure protection of the enterprise's assets

Answer 25

Protect

Question 26

Implement appropriate mechanisms to identify the occurrence of cybersecurity incidents

Answer 26

Detect

Question 27

Develop techniques to contain the impacts of cybersecurity events

Answer 27

Respond

Question 28

Implement the appropriate processes to restore capabilities and services impaired due to cybersecurity events

Answer 28

Recover

Question 29

Weak security policies can lead to physical threats, tampering, or the theft of hardware.

Answer 29

Hardware Threats

Question 30

is the art of unlocking a lock by analyzing and manipulating the components of the lock device, without the original key

Answer 30

Lock Picking

Question 31

Unpatched systems, misconfigured firewalls, weak cybersecurity, and weak physical security are just a few ways that data threats occur

Answer 31

Data Threats

Question 32

* Data Leaks & Data Breaches. * Data Dumps * Dumpster Diving

Answer 32

Data Threats

Question 33

are the accidental exposure of confidential or sensitive data through a security vulnerability.

Answer 33

Data leaks

Question 34

are when a data leak is caused intentionally by a cybercriminal. These occur when social engineering or phishing attacks trick employees into leaking sensitive credentials or information.

Answer 34

Data breaches

Question 35

are when cybercriminals release stolen data onto the dark web for monetary gain.

Answer 35

Data dumps

Question 36

is the act of physically searching through a literal dumpster to find something valuable.

Answer 36

Dumpster diving

Question 37

Tech companies require ____ as a normal part of business because these can be stolen from the trash to harvest data that can be used for identity theft and data breaches, or the data could be sold to hackers, or a company's competitors.

Answer 37

document shredding and device destruction

Question 38

is the unauthorized copy or use of copyright-protected software. This includes pirating software and counterfeiting activation codes.

Answer 38

Software or license theft

Question 39

are pieces of code that use vulnerabilities in hardware or software to get into a system. Malware-infected websites use exploits to automatically download malware to a system. This is called a drive-by download.

Answer 39

Exploits

Question 40

is a general term for software designed to compromise computer systems. This can cause system slowdowns, odd requests, browser misdirection, popup ads.

Answer 40

Malware (Malicious Software)

Question 41

It can also steal data, record everything you do with or near your device, spam your contacts with infected links, and connect your computer to a network of hijacked computers that are remotely controlled (known as a botnet).

Answer 41

Malware (Malicious Software)

Question 42

Malware can come from:

Answer 42

* attachments * sketchy websites * file downloads * infected USB drives * links in emails, ads, social media, torrents, and even text messages

Question 43

are bits of code that insert themselves into another program.

Answer 43

Program viruses

Question 44

affect Microsoft Office files via the macros they use to automate tasks.

Answer 44

Macro viruses

Question 45

copy themselves to different locations to avoid antivirus scans.

Answer 45

Stealth viruses

Question 46

This change their characteristics to get around cybersecurity defenses. 97% of all malware uses this

Answer 46

Polymorphic viruses

Question 47

start themselves after identifying system weaknesses. They don’t rely on apps or files. Unlike other viruses, this can be controlled remotely.

Answer 47

Worms

Question 48

This replicates itself to make copies that can infect other computers. These viruses are designed to spread to other devices.

Answer 48

Worm

Question 49

trick you into installing legitimate-seeming software that includes harmful malware.

Answer 49

Trojans

Question 50

collects personal data, login credentials, credit card information, online activity, and can record using a device’s camera or microphone.

Answer 50

Spyware

Question 51

is software coded into online ads that records your personal data, website visits, and keystrokes to send you personalized ads. Both adware and spyware can be legitimate or malicious.

Answer 51

Adware

Question 52

locks a system, encrypts its files, and displays a ransom demand. To get the encryption key you must pay the ransom, or you can regain access by doing a full system restore from a backup.

Answer 52

Ransomware

Question 53

(EICAR)

Answer 53

European Institute for Computer Antivirus Research