Midterm Flashcards
List and describe the four pillars of Cybersecurity. How does the fourth pillar pertain to the other three pillars and what does a company risk by not focusing enough attention on the fourth pillar?
Confidentiality- the protection of information/systems/devices from unauthorized access or disclosure
Integrity- the protection of information/systems/devices from unauthorized modification
Availability- ensures the timely and reliable access to and use of information/systems/devices
Proof- the monitoring of all activity and the evidence that due care is taken
If companies don’t focus on the proof pillar then there may be new ways hackers can breach and companies wouldn’t know about it
Why is successful Cybersecurity so hard? Four responses.
1) The struggle to keep up
2) Persistent and evolving threats
3) Rapidly changing technology
4) Changing and inconsistent regulations
List and describe five approaches to defensive cyber security.
1) Brand/reputation protection
Reduced valuation, loss of clients or opportunities
2) National defense
National stability, international influence
3) Public trust
National stability, political influence
4) Due care
Mitigate the impact of fines and lawsuits in the event of a breach
5) Safety
Prevent loss of life or injury
What are the requirements for cyber risk to exist?
Assets + Threats + Vulnerabilities = Risk
What are the three components of Identity and Access Management (IAM) and how do they work together as a control?
Authentication Authorization and Accountability. The first two support integrity and accountability is proof.
How does the Role Based Access Control Model (RBAC) work?
People with certain roles only have access to certain things based on their role.
Describe four social engineering attacks?
1) Phone texting attacks Like a text message from your bank 2) Phone Phishing Attacks Phony Microsoft support calls 3) Flash drive drop Malware left on flash drive attacks your curiosity 4) Email attacks Can send malicious links and stuff to get you to provide sensitive information
What are the six stages of the breach attack chain, what activities occur within each stage and why is so much emphasis placed on detecting these activities?
1) Reconnaissance and Planning
Public Information and Social Engineering
2) Initial compromise
Phishing
3) Command and Control
Establish foothold and install backdoors
4) Lateral Movement
Credential acquisition and vulnerability exploitation
5) Target Identification and Access
Staging systems
6) Exfiltration, Corruption and Disruption
Data theft, data or system modification, or system disruption
Compare/contrast dropper and script malware?
Droppers have light weight code used as entry and to drop other code
Script are larger chunks of code that execute as soon as interacted with
What are the fundamental differences between EU (GDPR) law and U.S. privacy law?
US has state and Federal Laws where as GDPR has international laws
Describe the difference between sensitive and non-sensitive PII (U.S. standard). Provide examples of standalone and paired PII.
Sensitive PII can harm a person if the information is released, non-sensitive is information that is publicly available and not harmful.
What are the safety concerns with signing onto public Wi-Fi networks, who are the threat actors, and what are some potential threat vectors that would be relevant in this case?
Information sent over the network isn’t secure, threat actors can be criminals or hackers and the vectors can be creating phony Wi-Fi points i.e. hotel pool WiFi
What is meant by the “least privileged” principle?
Limiting access rights for users to the bare minimum permissions they need to perform their work.
What is Due Care and how is it achieved?
Doing everything you can to protect your information I.e. updating antivirus software regularly and making secure passwords
What factors (4 each) can increase or decrease the cost of a breach and why?
Increasing:
1) Use of Consultants
2) Rush to notify
3) Lost or Stolen devices
4) Third Party involvement
Reduction:
1) IR Teams
2) Employee training
3) Insurance Protection
4) Provisions for ID protection