Module 1 Flashcards

1
Q

What is the difference between data and information?

A

Data: Data is actually processed and is useless until organized (ex: each student’s test score)
Information: When data is processed and presented in a context that is useful (ex: Avg score of a class)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Information Security

A

Protection of information and information systems from unauthorized access in order to provide confidentiality, integrity, and availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Computer Security

A

Measures and controls that ensure confidentiality, integrity, and availability of the information processed and stored by a computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cybersecurity

A

Prevention of damage to electronic communication systems to ensure availability, integrity, authentication, confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe the 3 States of Data

A

Data at Rest: Data that is preserved on a storage device
Data in transit/motion: Describes data that is transmitted over a network (ex information going over a network or internet)
Data in use: Data that is manipulated by a microprocessor (ex Microsoft Word Document editing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CIA Triad

A

Refers to the 3 principles of security control and management, which is:
Confidentiality: Keeping info and communications private and protected
Integrity: Keeping organizational information accurate, free of errors, and free from unauthorized modification
Availability: Ensuring that computer systems operate continuously and that authorized persons can access the data they need.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

As security is __________, convenience is ______________

A

Increased, Decreased

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Hacker vs Threat Actor

A

Hacker: Programmer capable of developing programs and making coding changes to programs to make them more efficient.
Threat Actor: Hacker that uses their skill in a bad way. (Refers to gray and black hat hackers)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is white vs black vs gray hat hackers

A

White Hat: Ethical hacker, exposes security flaws with organization’s consent to be fixed
Black Hat: Exposes security vulnerabilities without organizational consent for malicious purposes
Gray Hat: Exposes security flaws in applications without consent, but not for malicious purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the different types of threat actors? (hint 9)

A
  • Script Kiddies: Inexperienced hackers with limited technical knowledge who rely on automated tools to hack Hacktivists: Hackers who rally and protest against different political and social ideas
  • Cybercriminals: Hackers who are either self-employed or working for larger cybercrime organizations
    • Steal money
  • State Actors/State-Sponsored Hackers: Hackers who steal government secrets, gather intelligence, and sabotage networks of foreign governments, terrorist groups, and corporations
    • Involved in attacks called advanced persistent threat (APT). (Try to stay as long as you can in a system, such as spying on a system)
  • Insiders: Present and past employees, contractors, partners, and any entity that has access to proprietary or confidential information and whose actions result in compromised security.
    • Ex: Previous employee who had access to personal information
  • Competitors: Launch an attack against an opponent’s system to steal classified information
  • Criminal Syndicates: Moving from traditional criminal activities to more rewarding and less risky online attacks
  • Shadow IT: Employees install their own equipment or resources in violation of company policies (can expose weaknesses in corporations)
  • Brokers: Sell their knowledge of weakness to other attackers or governments
  • Cyberterrorists: Attack a nation’s network and computer infrastructure to cause disruption and panic among citizens
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Vulnerability

A
  • State of being exposed to the possibility of being attacked or harmed
    • A weakness in a system or its design that could be exploited
    • Ex: A building that has unlocked doors or doesn’t have security cameras deployed
  • Vulnerabilities can be categorized into platforms, configurations, third parties, patches, and zero-day vulnerabilities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Exploit

A

Taking advantage of the vulnerability or weakness

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Attack

A
  • Technique used to exploit a vulnerability in an application or physical computer system without the authorization to do so
    • Ex: Physical security attacks, software based attacks, etc
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

List the 5 different categories that cybersecurity vulnerabilities can be categorized into:

A
  • Platforms
  • Configurations
  • Third Parties
  • Patches
  • Zero-day vulnerabilities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Platform

A
  • A system that consists of the hardware device and an OS that runs software
  • Examples of platforms:
    • Legacy Platforms: OS no longer in use
    • On-premises platforms: physical software and technology in an enterprise (data center)
    • Cloud Platforms: Pay per use computing model
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Configuration

A
  • Configuration settings are often not properly implemented, resulting in weak configurations.
    • Default Settings: Predetermined by vendor and meant for ease of use and not security (default Wi-Fi password)
    • Open ports and services: Devices and services are configured to allow the most access so the user can close ports specific to that organization
    • Unsecured root accounts: Root account gives user unfettered access to all resources (Ex: cloud storage)
    • Open permissions: User access over files that should be restricted (ex: user given read and write privileges when only meant to be given read)
    • Unsecure protocols: Configuration uses protocols for telecommunications that do not provide adequate protection (ex: employee using device with unsecured protocols)
    • Weak Encryption: User choosing a known vulnerable encryption mechanism
    • Errors: Human mistakes in selecting one setting over another without considering security implications
17
Q

Third Party

A
  • When businesses use external entities such as marketing agencies, landscapers, IT related third parties, etc.
    • Examples include outsourced code development, data storage facilities
18
Q

Patches

A
  • Patch Means to fix vulnerability
  • Patches can create vulnerabilities such as: Difficulty patching firmware, few patches for application software, delays in patching OSs
    • Important to keep OS updated for security
19
Q

Zero Day

A
  • Vulnerabilities can be exploited by attackers before anyone else even knows it exists
  • Called zero day because it provides zero days of warning
  • These vulnerabilities are extremely serious.
20
Q

IP Address and Port

A
  • IP Address allows you to identify a specific machine
  • Each networking program on a machine is associated with a different port.
  • The port identifies the program
21
Q

Information security is protected in what three layers?

A
  • Products
  • People
  • Policies and Procedures
22
Q

Attack Vector

A
  • Pathway used by a threat actor to penetrate a system.
  • Attack vectors can be grouped into these categories:
    • Email
    • Wireless
    • Removable Media
    • Direct Access
    • Social Media
    • Supply Chain
    • Cloud
23
Q

Social Engineering (attack)

A
  • Means of eliciting information by relying on weaknesses of individuals
    • Used as influence campaigns to sway people’s attention on social media
    • Ex: Impersonating someone and asking for information such as username and password
  • Attackers use techniques to gain trust:
    • Provide a reason
    • Project confidence
    • Use evasion and diversion
    • Make person laugh
24
Q

Social Engineering: Spam

A
  • Unsolicited email that is sent to a large number of recipients
    • Ex: Clicking on a link to buy a product
      • Spam is often sent by image with text on it so that it cannot be filtered out as junk
25
Q

Social Engineering: Hoax

A
  • False warnings, often in email claiming to come from the IT dept.
  • Asks recipient to erase specific files and forward the message to others
    • Allows hackers to compromise the system
26
Q

Social Engineering: Physical Exploits

A
  • Shoulder Surfing: Obtain passwords by looking over someone’s shoulder
  • Dumpster diving: Obtain passwords by inspecting trash
  • Tailgating and Piggy Backing: To gain entry into a secure area by following an employee
27
Q

Social Engineering: Impersonation

A
  • Pretending to be a fictitious character and impersonating that role with a victim
    • Ex: help desk technician
28
Q

Social Engineering: Phishing

A
  • Sending an email message or displaying a web announcement that falsely claims to be from a legitimate enterprise to trick user into giving up their information
  • Different types of phishing, including:
    • Spear phishing
    • Whaling
    • vishing
    • smishing
29
Q

Social Engineering: Redirection

A
  • Misidirecting the user such as having a domain name similar to a real company
    • Ex: goggle.com instead of google.com
30
Q

Social Engineering: Watering hole attack

A
  • Directed toward smaller group of individuals, such as manufacturing executives who use a specific site
31
Q

What are the three most common physical social engineering attacks?

A
  • Dumpster Diving: digging through trash to find useful info
  • Tailgating: Following an authorized user through a door
  • Shoulder surfing: Watching an individual enter a security code on a keypad
32
Q

What are the four main consequences of a successful attack on data?

A
  • Data Loss: data is not recoverable anymore
  • Data exfiltration: Stealing data to distribute it to other parties
  • Data breach: Stealing data to disclose it in an unauthorized fashion
  • Identity theft: Taking personally identifiable information to impersonate someone
33
Q

What are the various effects of a successful attack on an enterprise?

A
  • May make systems inaccessible (availability loss)
  • Could result in financial loss
  • Impacts reputation of enterprise for perceived lack of security