Lecture 4 - Cybersecurity Flashcards

1
Q

What are the problems of cybersecurity according to van den Bergh?

A
  1. But difficult to understand.
  2. A complex beast
  3. Who fixes it and how? (shared responsibility and privately owned)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Where lies the focus of cybersecurity?

A

Protection of Systems, Networks & Data -> Against intentional threats

Focus is on Intentional Threat, Cyber Threats and about object of harm (affecting systems).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are examples of accidental and intentional forms of harm in cyberspace.

A

Accidental: Error, Outage, Failure
Intentional: Attack, Disruption, Theft Exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the 3 phases of Cyber Security Incidents?

A
  1. Preventing Incidents
  2. Detecting incidents
  3. Responding to incidents
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What doesd the Preventing Incidents phase of Cyber Security Incidents entail?

A
  1. Preventing incidents
    a. Risk management
    i. The dominant way of thinking about Cyber Security
    b. Behaviour change
    i. E-learnings etc
    c. Governance
    i. Policy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does the detection phase of cyber security incidents entail?

A
  1. Detection: noticing incidents
    a. average time between intrusion and detection is +- 9 Months
    b. Solution: high-quality logging & monitoring
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does the incident response phase of cyber security incidents entail?

A

a. 4 Phases:
i. Analysis
ii. Containment
iii. Recovery
iv. Learning & Adjustment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How can you analyse who or what causes a cyber incident?

A

Cyber Accidents Model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the 3 sequential elements in the Cyber Accidents Model?>

A

Actor -> Cause -> Impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are examples of actors in the cyber incident model?

A
  • Human Being
  • Nature
    o Storms etc disturbing critical infrastructure
  • Animal
    o Animals interfering with wiring
  • System
    o Exploding batteries, shorting
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the two types of causes in human errors?

A
  • Execution Error
    o Things you actually do wrong (by accident)
    o Two types
     Slip
  • Ex. Falling of the stairs, because you lost focus
  • Ex. Losing a USB stick with important data
     Lapse
  • You know the rule, you know how to do, but you forget momentarily
  • Planning Error
     Rule-based mistake
  • In principle the rule is correct, but not applicable to this situation
     Knowledge-based mistakes
  • No knowledge about cyber security, so not noticing that default password needed to be changed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly