Introduction Flashcards
Information Security
Protect the privacy and integrity of data at rest or on the go
Network Security
Protect computer network from attacks or malware
Operational Security
Create and maintain processes, procedures and decision-making for processing and protection of data assets
Three pillars of cybersecurity
People (Training, Authorization control)
Processes (Policies, Audits)
Technology (Antivirus, Firewalls)
NIST Cyber Framework 5 phases
Identify (Asset Management, Risk Assessment)
Protect (Data Security, Maintenance)
Detect (Anomalies and Events)
Respond (Mitigation, Improvements)
Recover (Recovery Planning)
CIA Triangle
Confidentiality, Integrity and Availability
Access (Concept)
The ability of a subject or object to use, manipulate, modify, or affect another subject or object.
Asset (Concept)
The organizational resource that is being protected. An asset can be logical or intangible, such as a Web site, software information, or data; or an asset can be physical or tangible, such as a person, computer system, hardware, or other tangible object.
Attack (Concept)
An intentional or unintentional act that may damage or compromise the information and systems that support it. Attacks may be active or passive, intentional or unintentional and indirect or indirect.
Control, Safeguard or Countermeasure (Concept)
Security mechanisms, policies, or procedures that can contain attacks, reduce risks, resolve vulnerabilities, and otherwise improve security within an organization
Exploit (Concept)
A technique used to compromise a system.
Exposure (Concept)
A condition or state of exposure; in information security, exposure exists when a vulnerability is known to an attacker.
Loss (Concept)
An instance of an information asset that suffers unintentional or unauthorized damage or destruction, modification or disclosure or denial of service.
Security Profile (Concept)
The entire set of controls and safeguards, including policy, education, training and awareness raising, and technology, that the organization implements to protect the asset
Risk (Concept)
The probability of an unwanted occurrence, such as an adverse event or loss.
Threat (Concept)
Any event or circumstance that has the potential to adversely affect the operations and assets
Threat Agent (Concept)
The specific instance or component of a threat
Threat Event (Concept)
An occurrence of an event caused by a threat agent
Threat Source (Concept)
A category of objects, persons, or other entities that represent the source of the hazard for an asset
Vulnerability (Concept)
A potential weakness in an asset or defensive control system
Role of security professional is of
advisor and not decision-maker
Tangible Assets Examples
Servers, disk drivers, data center, optical disks, rooms, buildings, workers
Intangible Assets Examples
Software, data, intellectual property (IP), business secrets
Threats - Typology
Natural (Tornados, etc)
Technical (Disk or Server failure)
Man-Made (Deliberate attacks)
Supply System (Electricity, water)
What is a Virus?
Malware that spreads with human collaboration
What is a Worm?
Malware that propagates itself
What is a Trojan Horse?
Malware that appears to be benign
What is a Logic Bomb?
Malicious code hidden in software, activated by attacker
What is a Backdoor?
Hidden bypass of system authentication
Attack automation involves 4 phases
- Search for victims
- Commitment to vulnerable systems
- Spread of attack
- Coordinated management of attack tools
