Overview of Security

Question 1

The act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction.

Answer 1

Information Security

Question 2

The act of protecting the systems that hold and process our critical data

Answer 2

Information System Security

Question 3

The CIA Triad

Answer 3

Confidentiality
Integrity
Availability

Question 4

Information that has not been disclosed to unauthorized people

Answer 4

Confidentiality

Question 5

Information has not been modified or altered without proper authorization

Answer 5

Integrity

Question 6

Information is able to be stored, accessed, or protected at all times

Answer 6

Availability

Question 7

AAA of Security

Answer 7

Authentication
Authorization
Accounting

Question 8

When a person’s identity is established with proof and confirmed by a system

Answer 8

Authentication

Question 9

The different kinds of authentication

Answer 9

Something you know
Something you are
Something you have
Something you do
Somewhere you are

Question 10

Occurs when a user is given a certain piece of data or certain areas of a building

Answer 10

Authorization

Question 11

Tracking of data, computer usage, and network resources

Answer 11

Accounting

Question 12

Occurs when you have proof that someone has taken an action

Answer 12

Non-repudiation

Question 13

Security threats

Answer 13

Malware
Unauthorized access
System failure
Social engineering

Question 14

Short-hand term for malicious software

Answer 14

Malware

Question 15

Occurs when access to computer resources and data occurs without the consent of the owners

Answer 15

Unauthorized Access

Question 16

Occurs when a a computer crashes or an individual application fails

Answer 16

System failure

Question 17

Act of manipulating users into revealing confidential information or performing other detrimental action

Answer 17

Social Information

Question 18

Types of controls to mitigate threats

Answer 18

Physical Controls
Technical Controls
Administrative Controls

Question 19

Alarm systems, locks, surveillance cameras, identification cards, and security guards

Answer 19

Physical Controls

Question 20

Smart cards, encryption, access control lists (ACLs), intrusion detection
systems, and network authentication

Answer 20

Technical Controls

Question 21

Policies, procedures, security awareness training, contingency planning, and disaster recovery plans

Answer 21

Administrative Controls

Question 22

Most effective control to use

Answer 22

User training

Question 23

Five types of hackers

Answer 23

White hat
Black hat
Gray hat
Blue hat
Elite

Question 24

Non-malicious hackers who attempt to break into a company’s
systems at their request

Answer 24

White hat hackers

Question 25

Malicious hackers who break into computer systems and networks without authorization or permission

Answer 25

Black hat hacker

Question 26

Hackers without any affiliation to a company who attempt to break into a company’s network but risk the law by doing so

Answer 26

Grey hat hackers

Question 27

Hackers who attempt to hack into a network with permission of the company but are not employed by the company

Answer 27

Blue hat hackers/ bug bounty hunters

Question 28

Hackers who find and exploit vulnerabilities before anyone else does

Answer 28

Elite hackers (1 in 10,000)

Question 29

Hackers with little to no skill who only use the tools and exploits written by others

Answer 29

Script kiddies

Question 30

Type of Threat Actors

Answer 30

Script Kiddies Hacktivists Organized Crime Advanced Persistent Threats (APT)

Question 31

Hackers who are driven by a cause like social change, political agendas, or terrorism

Answer 31

Hacktivists

Question 32

Hackers who are part of a crime group that is well-funded and highly sophisticated

Answer 32

Organized Crime

Question 33

Highly trained and funded groups of hackers (often by nation states) with covert and open-source intelligence at their disposal

Answer 33

Advanced Persistent Theats (APT)