Intro

Question 1

What is safety?

Answer 1

against unintended threats.
eg. seatbelt

Question 2

What is security?

Answer 2

against deliberate threats.
eg. car alarm

Question 3

Describe relationship between attackers and defenders

Answer 3

Assymetric.
Defend all the time, attack once.

Question 4

What does CIA triad stand for?

Answer 4

Confidentiality
Integrity
Availability

Question 5

What is the C in CIA?

Answer 5

Confidentiality - only authorized parties should be able to access data

Question 6

What is the I in CIA?

Answer 6

Integrity.
You should be able to trust that the data is correct.

Question 7

What is A in CIA?

Answer 7

Availability.
System should be available to user.

Question 8

Tools against C?

Answer 8

Encryption
Access control system
policies and governance

Question 9

Tools against I?

Answer 9

Data validation.
Change management/ version control.

Question 10

Tools against A?

Answer 10

Redundancy and failover
Load balancing - distribute traffic across resources
Monitoring and alerting - before issue becomes big

Question 11

What is a threat?

Answer 11

= potential violation of security, posed by attackers

Question 12

What are the three elements of a threat?

Answer 12

Intent
Capability
Opportunity

Question 13

What is a threat model?

Answer 13

strategic framework that identifies potential attacks a system aims to safeguard agains.

Helps understand and prepare for various security risks

Question 14

Name some threat actor types and their motivation

Answer 14

(6)
Cybercriminals - profit
Nation States - geopolitical
Terrorist groups - ideology violence
Thrill seekers - satisfaction
Insider Threats - discontent
Hackers - variable

Question 15

What is CVD?

Answer 15

Coordinated Vulnerability Disclosure

ethical practice where security researchers/individuals discover vulnerabilities and report them to the organization

Question 16

What does Eggshell defense refer to?

Answer 16

Defense on diff layers (cybersecurity, physical security…)

Question 17

What are the phases of the Cyber Kill Chain?

Answer 17

(7)
Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and Control
Actions on Objects

Question 18

Why is the Cyber Kill Chain useful?

Answer 18

It balances the playing field
Attackers only need to be detected once

Question 19

What are the levels of the Pyramid of Pain?

Answer 19

TTPs (Tactics, Techniques, Procedures)
Tools
Network/Host Artifacts
Domain Names
IP Addresses
Hash Values

Question 20

What does the Pyramid of Pain refer to?

Answer 20

You can detect an attack on multiple levels. The higher the level of detection, the harder it is for attackers to circumvent the measure

Question 21

What does security by design entail? What are the pros?

Answer 21

approach that integrates cybersecurity measures in the design & development phases of a system

pros:
- more secure
- cost-effective

Question 22

What is Defense in Depth?

Answer 22

strategy that involved multiple layers of security controls against various types of threats

pros:
- reduces the risk of one failure bringing down the whole system

Question 23

What is Usable Security? Why is it useful?

Answer 23

approach that seeks to integrate sec. measures in a positive and user-friendly experience

if not usable, users will find a way around them => more security risks