Introduction And Cybersecurity Fundamentals Flashcards
What is the practice of protecting information by mitigating information risk? it also involves safeguard data from unauthorized access disclosure, alteration, and destruction.
Information security
What does the CIA try stand for?
Confidentiality, integrity, availability
This ensures that sensitive information is only accessible to those who are authorized to view
Confidentiality
This maintains the accuracy and consistency of data throughout its life. Cycle data should be stored and transferred as intended.
Integrity
This ensures that information and resources are available to authorize users whenever they are needed. This includes maintaining system of time preventing disruption to access.
Availability
This refers to the overall security status and readiness of an organization
Security Posturing
What are the main components of security posturing?
Assessment, planning, implementation , monitoring, adaptation
This position overseas the entire security strategy of the organization, ensuring that all aspects of security are learned with business objectives
Chief security officer (CSO)
This position focuses on the protection of information, assets, developing and implementing information, security policies, and practices
Chief information security officer (CISO)
These positions primarily focus on handling policy enforcement
Managerial, technical, operational
Vulnerability
A weakness or flaw in the system software process that can be exploited by the actor
Threat
Any potential danger that can exploit a vulnerability to cause harm
Risk
The combination of likelihood that a threat will exploit a vulnerability and the impact it would have a measure of a potential harm to the organization
Threats can be classified as?
Internal, external, malicious, unintentional
This component within security posturing involves developing strategies and policies to address identified risk and improve security
Planning
This component of security posturing deploy security measures such as firewalls, encryption, and access measures
Implementation
This key component of security posturing evaluate the current security measures and identifies potential
Assessment
This component within security posturing updates and refines security measures based on new interest, technical advancements, and changes in organizations need
Adaptation
——— is about how prepared and protected an organization is against cyber threats and involves assessing current security planning improvements, implementing protective measures modeling for threats and adapting to new risks and changes. This approach helps keep the organization, data system, and infrastructure safe.
Security posture
————— are malicious hackers who illegally exploit vulnerabilities for personal gain or to cause harm
Black Hat
These ethical hackers work to strengthen the organization’s security (internal threat with positive intentions)
White hat
What does APTs stand for?
Advanced Persistent Threats
These are highly skilled and well funded cyber threats often lead to government agencies. These targeted attacks are aimed at espionage or gaining strategic advantages, such as stealing sensitive information or disrupting rivals
APTs
The route through which threat actors gain unauthorized access to systems or data
Attack vectors
———- is crucial for understanding and improving the security of a network
Helps check and improve network security by setting a baseline of secure configurations and settings for devices
Vulnerability assessment
This aspect ensures that people cannot deny their actions related to data, helping maintain accountability
Non-repudiation
Individuals or groups that pose a danger to cyber security with varying motivations and capabilities
Threat actors
These groups are often associated with government agencies, such as military or intelligence services. They are well funded, and highly skilled.
State-backed groups
Gathering sensitive information often for national security or economic advantage
Espionage
Hackers who may assist an organization but operate without official authorization, sometimes crossing legal boundaries
Grey Hat
Inexperienced individuals who use existing tools and scripts to launch basic cyberattacks to promote their agenda
Script Kiddies
Group of hackers united by a common cause, often political or social, to promote their agenda
Hacktivists
Ethical hackers working to strengthen the organization’s security/ positive intentions
White Hat
Groups who operate across multiple legal jurisdictions, making them difficult to prosecute l. Motivated by profit through illegal activities such as ransomware, fraud and data theft
Criminal groups
Engage in cyber espionage to gain a competitive edge
Competitors
Threats that originate from within the organization that are particularly dangerous
Insider threats
What types of insider threat actors are there and the difference between them?
Malicious Insider Threat- motivated by sabotage, financial gain or gaining business advantage. Individuals who have or have had authorized access
Unintentional Insider Threat- occurs when employees accidentally compromise security, often due to weak policies and procedures, weak adherence, lack of training and shadow IT
Common attack vectors
Physical access to device
Infected USB drives or portable devices
Phishing emails
Attacking wireless networks
Compromising third-party vendors
Exploiting web applications or social media
Targeting cloud services with weak security
Vulnerability Assessment check….
Users
Device Status
Network Settings
Outside Connections
What does SLA and NDA stand for
Service level agreement
Non-disclosure agreements
