Introduction Flashcards
What is the aim of cyber security?
To protect assets from harm or tampering. These assets can be in the form of physical hardware, software and data.
How are computers protected from harm?
Through controls and countermeasures after considering threats and vulnerabilities.
What are the five functions of security?
Identify Protect Detect Respond Recover
What are the aims of security?
Confidentiality Integrity Availability Authenticity Accountability Reliability
What is a threat?
Circumstance that has the potential to cause harm such as human attacks or natural disasters
What is a vulnerability?
A weakness that might be exploited in a system.
What are the four principles of Computer Security?
Easiest Penetration
Adequate Protection
Weakest Link
Effectiveness
What is the principle of Easiest Penetration?
An intruder must be expected to attempt any available means of penetration and the one that succeeds may not be the obvious one.
What is the principle of Adequate Protection?
Computer items must be protected until they lose their value and they must be protected to a degree consistent with their value
What is the principle of Weakest Link?
Security in a system is as strong as its weakest link.
What is the principle of effectiveness?
Controls must be used used, be appropriate and be applied properly.
Why are users not to blame for security attacks?
Advice is usually technical and most users aren’t technically minded.
Users are naive
What does the identify function aid?
Allows organizations to understand their assets, data and capabilities which, in turn, allows them to manage the risks posed to them.
What kinds of activities does the Identify function support?
Identification of assets to create an asset management program.
Identification of policies to create a governance program
Identification of a risk management strategy for the organization.
What does the protect function support?
The ability to limit or contain the impact of potential cybersecurity breaches, and have safeguards in place for critical services.
What kind of activities support the protect function?
Place controls into the network
Awareness training for staff to improve their understanding of cybersecurity threats and issues.
What is the detect function concerned with?
The appropriate activities to identify the occurrence of a cybersecurity event in a timely manner.
What type of activities does the detect function consist of?
Continuous monitoring of the network
Correct detection and evaluation of anomalies
Effective systems in place that notify of important events.
What does the respond function support?
The appropriate activities to take action regarding a detected cybersecurity incident to minimize the impact.
What type of activities support the respond function?
response planning processes are executed during & after an incident
Management of communications during and after the event.
What does the recover function concern itself with?
Identifies the appropriate activities to maintains plans for resilience and to restore services impaired during cybersecurity incidents.
What activities support the recover function?
Recovery planning processes and procedures are in place
Lessons learned are incorporated into processes for improvement.
What is confidentiality concerned with?
Only authorized parties can access the data
What is integrity concerned with?
Only authorized parties can make changes to the data
What is availability concerned with?
Authorized parties must be able to access assets.
What is authenticity concerned with?
Authorized users are who they say they are
What is reliability concerned with?
Authorized users get expected results when using systems.
What is accountability concerned with?
Responsibility for actions can be traced to the user.
