Midterm Flashcards

1
Q

List and describe the four pillars of Cybersecurity. How does the fourth pillar pertain to the other three pillars and what does a company risk by not focusing enough attention on the fourth pillar?

A

Confidentiality- the protection of information/systems/devices from unauthorized access or disclosure

Integrity- the protection of information/systems/devices from unauthorized modification

Availability- ensures the timely and reliable access to and use of information/systems/devices

Proof- the monitoring of all activity and the evidence that due care is taken

If companies don’t focus on the proof pillar then there may be new ways hackers can breach and companies wouldn’t know about it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why is successful Cybersecurity so hard? Four responses.

A

1) The struggle to keep up
2) Persistent and evolving threats
3) Rapidly changing technology
4) Changing and inconsistent regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

List and describe five approaches to defensive cyber security.

A

1) Brand/reputation protection
Reduced valuation, loss of clients or opportunities
2) National defense
National stability, international influence
3) Public trust
National stability, political influence
4) Due care
Mitigate the impact of fines and lawsuits in the event of a breach
5) Safety
Prevent loss of life or injury

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the requirements for cyber risk to exist?

A

Assets + Threats + Vulnerabilities = Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the three components of Identity and Access Management (IAM) and how do they work together as a control?

A

Authentication Authorization and Accountability. The first two support integrity and accountability is proof.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How does the Role Based Access Control Model (RBAC) work?

A

People with certain roles only have access to certain things based on their role.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe four social engineering attacks?

A
1) Phone texting attacks
 Like a text message from your bank
2) Phone Phishing Attacks
 Phony Microsoft support calls
3) Flash drive drop
 Malware left on flash drive attacks your curiosity
4) Email attacks
 Can send malicious links and stuff to get you to provide sensitive information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the six stages of the breach attack chain, what activities occur within each stage and why is so much emphasis placed on detecting these activities?

A

1) Reconnaissance and Planning
Public Information and Social Engineering
2) Initial compromise
Phishing
3) Command and Control
Establish foothold and install backdoors
4) Lateral Movement
Credential acquisition and vulnerability exploitation
5) Target Identification and Access
Staging systems
6) Exfiltration, Corruption and Disruption
Data theft, data or system modification, or system disruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Compare/contrast dropper and script malware?

A

Droppers have light weight code used as entry and to drop other code
Script are larger chunks of code that execute as soon as interacted with

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the fundamental differences between EU (GDPR) law and U.S. privacy law?

A

US has state and Federal Laws where as GDPR has international laws

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Describe the difference between sensitive and non-sensitive PII (U.S. standard). Provide examples of standalone and paired PII.

A

Sensitive PII can harm a person if the information is released, non-sensitive is information that is publicly available and not harmful.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the safety concerns with signing onto public Wi-Fi networks, who are the threat actors, and what are some potential threat vectors that would be relevant in this case?

A

Information sent over the network isn’t secure, threat actors can be criminals or hackers and the vectors can be creating phony Wi-Fi points i.e. hotel pool WiFi

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is meant by the “least privileged” principle?

A

Limiting access rights for users to the bare minimum permissions they need to perform their work.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Due Care and how is it achieved?

A

Doing everything you can to protect your information I.e. updating antivirus software regularly and making secure passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What factors (4 each) can increase or decrease the cost of a breach and why?

A

Increasing:

1) Use of Consultants
2) Rush to notify
3) Lost or Stolen devices
4) Third Party involvement

Reduction:

1) IR Teams
2) Employee training
3) Insurance Protection
4) Provisions for ID protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are four threats to network data in transit and how do they map to CIAP? Give an example of each.

A

1) Interception (Confidentiality)
2) Fabrication (Integrity)
3) Modification (Integrity)
4) Interruption (Availability)

17
Q

Why is human safety within cyber security a concern?

A

They play the biggest role in cyber attacks and can be harmed easily due to loss of their data.

18
Q

Briefly describe how PKI works and what are the security benefits?

A

It enables secure e-commerce and other services through the integration of digital signatures and certificates to ensure CIA, non-repudiation and access control

19
Q

What is the castle and moat strategy and why is it no longer relevant?

A

Firewalls protect internal network but once broken into everything was accessible.
Not relevant anymore because data is everywhere now and doesn’t address insider threats.

20
Q

If control classes are categorized by People, Process, Technology & Physical, what are the four control types used in risk management? Provide an example of each.

A
1) Detective
 Controls that detect activity
2) Preventive
 Controls that prevent activity remediate a vulnerability
3) Response
 Control to respond to bad events
4) Administrative
 Policies
21
Q

Why is key distribution hard with symmetric encryption and easy with asymmetric encryption?

A

Symmetric is hard because key distribution makes it difficult especially on a large scale, which is something asymmetric can do better

22
Q

What privacy concerns should an individual research before accepting the privacy terms of a website?

A

How the company uses their data, see how they track your data, etc.

23
Q

What control functions does a firewall perform?

A

Firewalls detect discrepancies in network traffic and can stop them