Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIS4940 > Midterm > Flashcards

Midterm Flashcards

1
Q

A weakness or potential weakness

A

Vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A person or thing that exploits a vulnerability

A

Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Fire, Flooding, hurricane, etc.

A

Natural threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A.P.T

A

Advanced Persistent Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
A

Advanced Persistent Threat (APT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
A

Cyber Kill Chain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Avoid unauthorized disclosure of private data

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Ensure that data has not been changed from its authentic state

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Ensure that when systems are required, they can be accessed

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

CIA Triad

A

Confidentiality
Integrity
Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

likelihood * impact =

A

Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A single person should not be judge, jury, and executioner

A

Separation of duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Only the minimum necessary rights should be assigned

A

Least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A system should reject a request if it cannot fully process it

A

Fail closed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

By default, an endpoint is untrusted until fully verified

A

Zero trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Resources that are self hosted by a company

A

On premises

17
Q

One compute resource used to host a multitude of resources

A

Virtualization

18
Q

One resource used to host multiple services from a common template

A

Containers

19
Q

Part of the Cyber kill chain:

Research, identification, and selection of targets

A

Reconnaissance

20
Q

Part of the Cyber kill chain:

Pairing remote access malware with exploit into a deliverable payload (e.g. Adobe PDF and Microsoft Office files)

A

Weaponization

21
Q

Part of the Cyber kill chain:

Transmission of weapon to target (e.g. via email attachments, websites, or USB drives)

A

Delivery

22
Q

Part of the Cyber kill chain:

Once delivered, the weapon’s code is triggered, exploiting vulnerable applications or systems

A

Exploitation

23
Q

Part of the Cyber kill chain:

Thea weapon installs a backdoor on a target’s system allowing persistent access

A

Installation

24
Q

Part of the Cyber kill chain:

Outside server communicates with the weapons providing “hands on the keyboard access” inside the target’s network.

A

Command & Control

25
Q

Part of the Cyber kill chain:

The attacker works to achieve the objective of the intrusion, which can include exfiltration or destruction of data, or intrusion of another target.

A

Actions on Objective

26
Q

Heavily funded groups, such as a nation-state, that use advanced methods and resources to lead attacks on a system’s assets to accomplish national security, or economic goals.

A

Advance Persistent Threat (APT)

CIS4940 (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions