Cyber Security Terms

Question 1

What is cybersecurity?

Answer 1

Cybersecurity is the technology, measure or
practice for preventing or mitigating
cyberattacks on systems, networks,
applications, programs, data and devices.

Question 2

What is the aim of cybersecurity?

Answer 2

To prevent or lessen the gravity of an
attack

Question 3

What are the three security goals?

Answer 3

Confidentiality, Integrity, Availability

Question 4

What is a threat?

Answer 4

Something with the potential to cause harm by compromising
stated security goals

Question 5

What is a vulnerability?

Answer 5

Characteristics of, or weaknesses in a system that could be
used to cause harm if acted on by a threat

Question 6

What is a security incident?

Answer 6

An unwanted or unexpected cyber security event, or a series of
such events, that have a significant probability of compromising
business operations

Question 7

What is a security attack?

Answer 7

If vulnerabilities are deliberately exploited

Question 8

What are the three information states?

Answer 8

In storage, In transmission and being processed

Question 9

What is the use of the term “controls” ?

Answer 9

Used to protect information assets or business goals by reducing vulnerabilities

Question 10

What are the three control types?

Answer 10

Preventive, Detective and Corrective

Question 11

Define Threat actor

Answer 11

A person or entity whose actions impact or have the potential to impact information security

Question 11

Threat action

Answer 11

What was done or intended to cause harm to the information asset

Question 12

What are the five things we need to understand in order to protect information assets?

Answer 12

Information about the asset, Possible threats, Existing vulnerabilities, Likelihood of threats and vulnerabilities coinciding and Potential consequences if that does happen

Question 12

Define “Vulnerabilities”

Answer 12

Characteristics of, or weaknesses in, a system

Question 13

What are the crucial pieces of information you need to understand the information asset?

Answer 13

What and where it is and what the value is

Question 14

What three factors change the severity of a security incident?

Answer 14

Value and criticality of asset, degree of compromise and perspective

Question 15

What does ‘risk’ mean in information security?

Answer 15

Effect of uncertainty on objectives

Question 16

Define ‘effect of event’

Answer 16

Consequences, deviation from normal state including positive or negative

Question 17

Define ‘uncertainty’

Answer 17

How likely is it that this event will happen?

Question 18

What two terms define an ‘information security risk’?

Answer 18

Likelihood and consequences

Question 19

What two terms define a ‘consequence’

Answer 19

Magnitude and impact

Question 21

How should organisations manage risk?

Answer 21

The process should be systematic and continual

Question 22

In what order are the three main components of the ‘risk management process’?

Answer 22

Risk identification, risk analysis and risk evaluation