Intro Flashcards

1
Q

What does the ‘C’ in the CIA triad stand for?

A

Confidentiality

Confidentiality means only authorized and approved entities are able to read data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the main focus of Integrity in the CIA triad?

A

Validity or accuracy of data

Integrity ensures that information can only be altered by those authorized to do so and that it remains in its original state.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does Availability in the CIA triad ensure?

A

Information is on hand whenever/wherever it is needed

Availability ensures that information is accessible only to those authorized to access it, quickly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are controls in the context of information security?

A

Things we do to keep our assets safe (countermeasures)

Controls can be applied to people, processes, or technology and can be automated or manual.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a Detective control?

A

Used to observe errors, events or actions

Detective controls help identify security incidents after they occur.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define Preventative controls.

A

Proactively prevent errors, events or actions BEFORE they happen

These controls aim to stop security incidents before they occur.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the difference between Information Security and Cybersecurity?

A

Information Security: Protection of info and its critical elements; Cybersecurity: Protection against unauthorized use of electronic data

Information Security focuses on confidentiality, availability, and quality of stored information, while Cybersecurity protects assets from unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does the Defense in Depth strategy entail?

A

Many layers of security are needed

This multifaceted approach includes physical access, network security, user security, software, hardware, policy, and procedural safeguards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the Zero Trust model?

A

Don’t assume everything inside your network is secure

The Zero Trust model emphasizes validating interactions at every stage and eliminating implicit trust relationships.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is meant by ‘Think like an Adversary’?

A

Understanding tactics, motivations, and capabilities of potential attackers

This involves modeling threats and conducting penetration tests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Fill in the blank: A _______ is an act that can impact CIA.

A

Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a Vulnerability in the context of information security?

A

Potential weakness to be exploited

Vulnerabilities can be exploited by attackers to gain unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the different states of information?

A

Storage, transmission, and processing

These states represent how information is handled within an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are potential costs associated with cybersecurity breaches?

A
  • Cost of lost information assets
  • Rebuilding of infrastructure
  • Legal fees, penalties
  • Lost productivity
  • Reputation damage

These costs can have a significant impact on an organization’s financial health.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What can enhance an organization’s competitive advantage in cybersecurity?

A
  • Enhanced reputation
  • Faster recovery times
  • Differentiation from competitors

Sound policies and technology can help organizations navigate challenges and maintain an edge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly