Introduction into Cybersecurity Flashcards
CIA Triad, Phishing, Governance Week 1
What are the three principles of the CIA Triad?
- Confidentiality: Ensuring information is accessible only to authorized users.
- Integrity: Ensuring data is accurate and unaltered.
- Availability: Ensuring information and systems are accessible when needed.
What is Phishing in cybersecurity?
Phishing is a cyberattack where attackers impersonate legitimate entities to deceive victims into revealing sensitive information, like passwords or credit card details.
What does Governance mean in GRC?
Governance is the framework of policies and practices that guide an organization’s decision-making, ensuring alignment with business goals, ethical behavior, and transparency.
What is Risk Management in GRC?
Risk Management is identifying, assessing, and mitigating risks (financial, operational, etc.) to minimize negative impacts on an organization.
What is Compliance in GRC?
Compliance involves adhering to external laws and regulations, as well as internal policies, to avoid legal penalties and maintain trust with stakeholders.
Why is Phishing considered a dangerous activity?
It tricks users into revealing sensitive information like passwords and financial data.
What is phishing?
Phishing is a fraudulent attempt to obtain sensitive information by disguising as a trustworthy entity in electronic communications.
True or False: Phishing attacks can occur via email, social media, and text messages.
True
Fill in the blank: Phishing often uses ________ to trick users into providing personal information.
deceptive messages
What is the primary goal of a phishing attack?
The primary goal is to steal sensitive information such as usernames, passwords, and credit card details.
Multiple choice: Which of the following is NOT a common type of phishing? A) Spear phishing B) Whaling C) Fishing D) Vishing
C) Fishing
What is spear phishing?
Spear phishing is a targeted attempt to steal sensitive information from a specific individual or organization.
True or False: Phishing attempts are always easy to identify.
False
What is whaling in the context of phishing?
Whaling is a type of phishing attack that targets high-profile individuals such as executives or important figures within an organization.
Fill in the blank: Phishing can lead to ________ if sensitive information is successfully obtained.
identity theft
What role does social engineering play in phishing?
Social engineering techniques are used in phishing to manipulate individuals into divulging confidential information.
Multiple choice: Which of the following is a common method used in phishing attacks? A) Malware installation B) Fake websites C) Spoofed emails D) All of the above
D) All of the above
What is a common sign of a phishing email?
Common signs include poor spelling and grammar, generic greetings, and suspicious links.
True or False: Phishing attacks are only a concern for individuals and not businesses.
False
What is the importance of awareness training in preventing phishing?
Awareness training helps individuals recognize phishing attempts and respond appropriately to avoid falling victim.
Fill in the blank: ________ is a technique where attackers use phone calls to trick individuals into revealing personal information.
Vishing
What is a phishing kit?
A phishing kit is a set of tools used by attackers to create and launch phishing attacks.
Multiple choice: Which of the following can help protect against phishing? A) Using two-factor authentication B) Ignoring all emails C) Sharing passwords D) None of the above
A) Using two-factor authentication
What is the difference between phishing and spear phishing?
Phishing is a broad attack targeting many users, while spear phishing targets specific individuals or organizations.
True or False: Phishing attacks only happen online.
False
What is the impact of a successful phishing attack on a business?
It can lead to financial loss, data breaches, and damage to reputation.
Fill in the blank: Phishing emails often create a sense of ________ to compel users to act quickly.
urgency
What is the role of antivirus software in combating phishing?
Antivirus software can help detect and block malicious links and attachments commonly used in phishing attacks.
Multiple choice: What should you do if you receive a suspicious email? A) Click on links B) Report it C) Forward to friends D) Ignore it
B) Report it
What does the term ‘pharming’ refer to?
Pharming is a technique used to redirect users from legitimate websites to fraudulent ones without their knowledge.
True or False: Phishing can only occur through email.
False
What is a common tactic used by phishers to make their messages seem legitimate?
Using logos and branding of trusted organizations.
Why is troubleshooting important to IT professionals?
What is troubleshooting in IT?
Troubleshooting is the process of diagnosing and resolving problems in computer systems or networks.
True or False: Troubleshooting is only necessary when hardware fails.
False
List one reason why troubleshooting is important for IT professionals.
It helps maintain system reliability and performance.
What is a common first step in troubleshooting?
Identifying and defining the problem.
Multiple Choice: Which of the following is NOT a troubleshooting technique? A) Isolation B) Analysis C) Ignoring D) Testing
C) Ignoring
Fill in the blank: Effective troubleshooting can lead to increased ________ in IT systems.
productivity
What role does documentation play in troubleshooting?
Documentation helps track issues and solutions for future reference.
True or False: Troubleshooting skills are only required for network administrators.
False
What is the ultimate goal of troubleshooting?
To restore normal operation and minimize downtime.
Short Answer: Name a tool commonly used in troubleshooting.
Ping or traceroute.
What does a systematic approach to troubleshooting involve?
Following a structured process to identify and resolve issues.
Multiple Choice: Which of the following is a common cause of IT issues? A) Human error B) Software bugs C) Hardware failure D) All of the above
D) All of the above
True or False: Troubleshooting can often be done without user input.
False
What is root cause analysis?
A method used to identify the fundamental cause of a problem.
Fill in the blank: Troubleshooting helps to prevent ________ in IT systems.
future problems
What is the significance of testing after troubleshooting?
To ensure that the solution effectively resolves the issue.
Short Answer: What is one challenge faced during the troubleshooting process?
Complexity of systems.
Multiple Choice: What should you do first when an IT problem arises? A) Panic B) Analyze the symptoms C) Restart the system D) Call support
B) Analyze the symptoms
True or False: Troubleshooting is a one-time process.
False
What is the importance of communication in troubleshooting?
It ensures all stakeholders are informed and involved in the resolution process.
Fill in the blank: A good troubleshooter is ________ and methodical.
analytical
What does it mean to replicate an issue in troubleshooting?
To reproduce the problem in a controlled environment for analysis.
Short Answer: Why is it important to keep up with new technologies in troubleshooting?
To effectively address emerging issues and utilize new tools.
Multiple Choice: Which of the following is a benefit of effective troubleshooting? A) Increased costs B) Decreased user satisfaction C) Reduced downtime D) More complex systems
C) Reduced downtime
True or False: All IT professionals need troubleshooting skills, regardless of their specialty.
True
What is the role of a troubleshooting checklist?
To provide a systematic guide to follow during the troubleshooting process.
What is the main difference between Information Security and Cybersecurity?
nformation Security focuses on protecting all forms of information (physical and digital) from unauthorized access, use, or damage.
Cybersecurity is a subset of Information Security that specifically protects digital information and systems from cyberattacks, such as hacking or malware.
What is the best definition of Information Technology (IT)?
Information Technology (IT) refers to the use of computers, networks, software, and other technology to store, manage, and process data to support business operations and communication.
What does Information Security primarily focus on?
Information Security primarily focuses on protecting all types of information (physical, digital, or intellectual) from unauthorized access, use, disclosure, disruption, modification, or destruction.
what defines best cybersecurity?
Cybersecurity involves protecting digital systems, networks, and data from cyberattacks, ensuring confidentiality, integrity, and availability while preventing unauthorized access and data breaches
What departments are affected by Cybersecurity?
Cybersecurity affects all departments, including IT, HR, finance, legal, operations, and marketing, as it ensures the protection of data, systems, and networks across the entire organization.
