Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IT Security Basics > Introduction to IT Security > Flashcards

Introduction to IT Security Flashcards

1
Q

What is IT Security ?

A
  • All activities and product deployment to prevent unauthorized access, modification and deletion of information.
  • Protecting the company’s most valuable assets from attack, malicious behavior, and human error, both internal and external
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Functional reliability (safety) vs What is Information security (security)

A
  1. A system works without technical failure
    • Data security - Protection of data from unauthorised use and misuse by humans as well as disturbing environmental influences
    • Data protection - protecting people from the unwanted use or misuse of their personal data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the 3 most basic protection goals?

A
  1. Confidentiality - Characteristic that information is not made available to unauthorised persons, entities or processes.
  2. Integrity - Property of correctness and completeness
  3. Availability - property of being accessible and usable when an authorised entity has a need to do so.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name the 3 areas for the protection of data and systems.

A
  1. Physical security - Threats and measures regarding access control, power supply, protection against fire and water damage, etc.
  2. Technical security - Protection of actual systems, malware prevention, encryption, network protection, policies.
  3. Organisational security - Organizational measures for secure procedures, processes, definition of responsibilities, policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

5 pillars of a successful cybersecurity program (NIST)

A
  1. Identify - Data, people, processes, and systems that enable the organization to achieve its business objectives are identified and evaluated according to their relative importance to the business objectives.
  2. Protect - Develop and implement appropriate safeguards to protect identified assets.
  3. Detect - Develop and implement appropriate activities to identify cybersecurity events that have occurred as quickly as possible
  4. Respond - Activities to take appropriate action in relation to an identified security incident are defined and appropriate processes implemented (incident response).
  5. Recover - Plans to maintain and restore standard operations are developed and reviewed regularly.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Terms of Information Security:

  1. Attack
  2. Countermeasure
  3. Risk
  4. Vulnerability
  5. Threat
  6. Security policy
A
  1. Attack - An attack on system security. A distinction is made between different attacks, an attack is always directed at one or more protection targets
  2. Countermeasure - activities or systems that reduce or even prevent the risk of an attack or the effects of such an attack.
  3. Risk - Probability of occurrence and expected level of damage from such an attack
  4. Vulnerability - occur in hardware, software, network, processes - lack of protective measures that could be exploited by an attacker.
  5. Threat - the general risk that a vulnerability could be exploited.
  6. Security policy - Rules and procedures to reduce risk.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cyber kill chain - What are the phases of a cyber attack?

A
  1. Reconnaissance - Attackers try to get as much information as possible about their target (2 types - Passive Reconnaissance or Open Source Intelligence Gathering (OSINT)
    • Attacker uses all possible public sources to obtain information • e.g. search engines, domain information, job portals, etc.
    • Active Reconnaissance
    • Attackers resort to active methods such as port scanning, website scanning, social engineering attacks to elicit employee information,
  2. Weaponisation - Attacks are prepared for the attack vectors that appear most likely successful
  3. Delivery - The planned attacks of the Weaponise Phase are carried out
  4. Exploitation - • After delivering the payload, the malicious code is executed to give the attacker an initial foothold in the target network.
    • An initial foothold means the attacker usually still has underprivileged access to the system and can execute commands there.
  5. Installation - The attacker increases his privileges to system rights, downloads malware e.g. Remote Access Tool (RAT) or rootkits
  6. Command and control - The affected system connects itself to a Command & Control (C&C) server and receives commands from the server.
  7. Actions on objectives - From the C&C phase, the system is completely in the hands of the attacker, he can read out information and attack other systems via the the infected system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

IT Security Basics (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions