Lecture 13 Flashcards
What is a risk in cybersecurity?
Risk is the probability of something bad happening, calculated as Risk = Likelihood × Impact.
Understanding risk is essential for effective cybersecurity management.
What are the four steps of risk management?
Identification, Assessment, Prioritization, and Mitigation/Monitoring.
These steps help organizations systematically manage risks.
What are the four risk handling strategies?
Avoidance, Mitigation, Transference, and Acceptance.
Each strategy addresses risk in different ways.
What is the difference between pentesting and vulnerability management (VM)?
Pentesting simulates an attack from the outside, while VM assesses vulnerabilities from within the system.
Both are essential for a comprehensive security posture.
What does SOC stand for, and what are its functions?
Security Operations Center (SOC) is responsible for detection, incident response, threat intelligence, and vulnerability management.
SOCs play a crucial role in maintaining organizational security.
What are the four phases of incident management?
Preparation, Detection & Analysis, Containment & Recovery, and Post-Incident Activity.
These phases ensure effective response to security incidents.
Define Threat Intelligence in cybersecurity.
The collection, analysis, and dissemination of information about potential or ongoing cyber threats.
Threat intelligence is vital for proactive security measures.
What is the intelligence cycle in cybersecurity?
Direction → Collection → Analysis → Production → Dissemination & Feedback.
This cycle helps in systematic threat intelligence operations.
What are common security tools used in cybersecurity operations?
SIEM (Security Information and Event Management) and EDR (Endpoint Detection and Response).
These tools help in monitoring and responding to security threats.
What is the role of AI in cybersecurity?
AI is used for anomaly detection, social engineering attacks, vulnerability identification, and threat automation.
AI enhances the efficiency and effectiveness of cybersecurity measures.
