Cyber Security Flashcards
What is involved in risk management?
Identifying and controlling as many risk factors as possible
What is an asset?
Any item with value owned by an organisation
What is an asset example?
- Hardware
- Software
- Information and data
What is meant by Identifying assets and analysing risks?
Valuing assets to assess whether their worth protecting
How do businesses mitigate risks?
Monitor activity
What information is contained in risk monitoring logs?
- Who logged on and when
- Which files were read, edited or deleted
- Network stats
What is remediation?
the process of dealing with vulnerabilities
What is patch deployment remediation?
Software issues are reported back to the manufacturers that fix them
What is manual remediation?
Smaller organisation cant afford monitoring software so the technician will be responsible
What is automated remediation?
Tools that identify and repair vulnerabilities without technicians.
What is the vulnerability management cycle?
- Discover vulnerabilities
- prioritise assets
- report vulnerabilities
- re mediate vulnerabilities
- verify
REPEAT
What software can be used to monitor networks?
IDS, NIDS, HIDS - intercept and inspect network packets
IPS
What is an IPS?
Monitor the network for malicious incidents and capturing information about them.
What threats to IPS deal with?
- Denial of Service (DoS) attack
- Distributed Denial of Service (DDoS) attack
- Viruses
What is the signature-based approach to protecting networks?
Attacks are matched with the signatures or patterns, the system takes necessary action.
