General Security Concepts Flashcards
What threat actor is most likely to be hired by a foreign government to attack critical systems in other countries?
Organized crime
What security control type does an acceptable use policy best represent?
Preventative
What is a risk register?
A tool used in risk management that records details of all identified risks, making it easier to manage and track them
What is a group or individual that is sponsored by a government to conduct cyber operations against other nations/organizations/individuals called?
Nation-state actor
According to the shared responsibility model, which role is responsible for securing the company’s database in an IaaS model for a cloud environment?
Client
What allows for the attribution of messages to individuals?
Non-repudiation
In the CIA triad, what is Availability?
Information is able to be stored, accessed, or protected at all times
In the CIA triad, what is Integrity?
- Information has not been modified or altered without proper authorization
- Hashes
In the CIA triad, what is Confidentiality?
- The information has not been disclosed to unauthorized people
- Encryption
When does non-repudiation occur?
When you have proof that someone has taken an action
What are some examples of non-repudiation?
- Digital signatures
- Message authentication code (MAC)
What are examples of administrative controls?
- Policies
- Procedures
- Security awareness training
- Contingency planning
- Disaster recovery plans
What is an example of regulatory controls?
HIIPA
Whare are examples of technical controls?
- Smart cards
- Encryption
- ACLs
- IDS
- Network authentication
What threat actor is described as having limited skill and only running other people’s exploits and tools?
Script kiddies
What threat actor is motivated by social change, political agendas, or terrorism?
Hacktivists
What threat actors are part of a crime group that is well-funded and highly sophisticated?
Organized crime/Crime syndicates
What threat actor is described by the use of IT systems, devices, software, applications, and services without explicit approval?
Shadow IT
What threat actors are groups of highly trained and funded hackers (often by nation states) with covert and open source intelligence at their disposal?
Advanced persistent threats (APTs)
According to the shared responsibility model, who is responsible for securing the company’s database in an IaaS model for a cloud envrionment?
Client
Which data policy controls how data is saved
for compliance or regulatory reasons?
Retention
Which threat actor would use ransomware-as-a-service?
Organized crime
What is peer review and approval?
A practice that involves having other developers or experts review the code before it is deployed or released
An administrator has identified and fingerprinted specific files that will generate an alert if an attempt is made to email these files outside of the organization. What tool is being used?
DLP
An organization wants to limit potential impact to its log-in database in the event of a breach, what should they implement?
- Hashing
- Database stores only the hash values instead of the actual passwords
An administrator finds that all user workstations and servers are displaying a message that is associated with files containing an extension of .ryk. What types of infection is present on the systems?
Ransomware
What type of file is a .ryk?
Ransomeware Ryuk
What attack has a typical pattern where there is a SYN flood from different IP addresses to the same server in a short time?
DDoS
An organization would like to calculate the time needed to resolve a hardware issue with a server. Which risk management process describes this example?
Mean time to repair
What is used to protect a computer from viruses, malware, and Trojans being installed and moving laterally across the network?
- EDR
- Endpoint Detection and Response
Client files can only be accessed by employees who need to know the information and have specified roles in the company. What best describes this security concept?
Confidentiality
What consideration is the most important for an organization to evaluate as it establishes and maintains a data privacy program?
Request process for data subject access
An IT manager is putting together a documented plan describing how the organization will keep operating in the event of a global incident. What plan is the IT manager creating?
Business continuity