Section 1-3 Flashcards
1
Q
What is the definition of Information Security?
A
Protecting data and information from unauthorized access, modification, disruption, disclosure, and destruction
2
Q
What does Information Systems Security involve?
A
Protecting the systems (e.g., computers, servers, network devices) that hold and process critical data
3
Q
What are the three components of the CIA Triad?
A
- Confidentiality
- Integrity
- Availability
4
Q
What is the purpose of Confidentiality in the CIA Triad?
A
Ensures information is accessible only to authorized personnel
5
Q
What does Integrity ensure in the context of the CIA Triad?
A
Ensures data remains accurate and unaltered
6
Q
What is the role of Availability in the CIA Triad?
A
Ensures information and resources are accessible when needed
7
Q
Define Non-Repudiation.
A
Guarantees that an action or event cannot be denied by the involved parties
8
Q
What does the CIANA Pentagon add to the CIA Triad?
A
Non-repudiation and authentication
9
Q
What are the Triple A’s of Security?
A
- Authentication
- Authorization
- Accounting
10
Q
What is the definition of Authentication?
A
Verifying the identity of a user or system
11
Q
What is Authorization?
A
Determining actions or resources an authenticated user can access
12
Q
What does Accounting refer to in security?
A
Tracking user activities and resource usage for audit or billing purposes
13
Q
List the categories of Security Control.
A
- Technical
- Managerial
- Operational
- Physical
14
Q
What are the types of Security Controls?
A
- Preventative
- Deterrent
- Detective
- Corrective
- Compensating
- Directive
15
Q
What principle does the Zero Trust Model operate on?
A
No one should be trusted by default
16
Q
What components are involved in the Control Plane of Zero Trust?
A
- Adaptive identity
- Threat scope reduction
- Policy-driven access control
- Secured zones
17
Q
What is a Threat?
A
Anything that could cause harm, loss, damage, or compromise to our information technology systems
18
Q
Identify examples of Threats.
A
- Natural disasters
- Cyber-attacks
- Data integrity breaches
- Disclosure of confidential information
19
Q
What is a Vulnerability?
A
Any weakness in the system design or implementation
20
Q
List internal factors that can cause Vulnerabilities.
A
- Software bugs
- Misconfigured software
- Improperly protected network devices
- Missing security patches
- Lack of physical security
21
Q
What is Risk Management?
A
Finding different ways to minimize the likelihood of an outcome and achieve the desired outcome
22
Q
What is the importance of Confidentiality?
A
- To protect personal privacy
- To maintain a business advantage
- To achieve regulatory compliance
23
Q
What are five basic methods to ensure Confidentiality?
A
- Encryption
- Access Controls
- Data Masking
- Physical Security Measures
- Training and Awareness
24
Q
What does Integrity ensure?
A
That information and data remain accurate and unchanged from its original state
25
List methods used to maintain data Integrity.
* Hashing
* Digital Signatures
* Checksums
* Access Controls
* Regular Audits
26
What strategies can be used to maintain Availability?
Using redundancy in systems and network designs
27
Define Redundancy in the context of Availability.
Duplication of critical components or functions of a system to enhance its reliability
28
What is Non-repudiation focused on?
Providing undeniable proof in the world of digital transactions
29
What are the three main reasons Non-repudiation is important?
* To confirm the authenticity of digital transactions
* To ensure the integrity of critical communications
* To provide accountability in digital processes
30
List commonly used authentication methods.
* Something you know (Knowledge Factor)
* Something you have (Possession Factor)
* Something you are (Inherence Factor)
* Something you do (Action Factor)
* Somewhere you are (Location Factor)
31
What is Multi-Factor Authentication (MFA)?
A security process that requires users to provide multiple methods of identification to verify their identity
32
What does Authorization entail?
Permissions and privileges granted to users after they have been authenticated
33
What is the purpose of Accounting in security?
To ensure all user activities are properly tracked and recorded
34
What are the four broad categories of Security Controls?
* Technical Controls
* Managerial Controls
* Operational Controls
* Physical Controls
35
List the six basic types of Security Controls.
* Preventive Controls
* Deterrent Controls
* Detective Controls
* Corrective Controls
* Compensating Controls
* Directive Controls
36
What is a Gap Analysis?
Process of evaluating the differences between an organization's current performance and its desired performance
37
What are the two basic types of Gap Analysis?
* Technical Gap Analysis
* Business Gap Analysis
38
What does the Plan of Action and Milestones (POA&M) outline?
Specific measures to address each vulnerability
39
What is the Zero Trust architecture focused on?
Verification for every device, user, and transaction within the network
40
What is the definition of a Threat Actor?
Individuals or groups that pose a threat to cybersecurity
41
List motivations of Threat Actors.
* Data Exfiltration
* Blackmail
* Espionage
* Service Disruption
* Financial Gain
* Philosophical/Political Beliefs
* Ethical Reasons
* Revenge
* Disruption/Chaos
* War
42
Differentiate between Internal and External Threat Actors.
Internal actors are within an organization; external actors are outside attempting to breach defenses
43
What are common types of Threat Actors?
* Unskilled Attackers
* Hacktivists
* Organized Crime
* Nation-state Actors
* Insider Threats
* Shadow IT
44
What are examples of Threat Vectors?
* Message-based
* Image-based
* File-based
* Voice Calls
* Removable Devices
* Unsecured Networks
45
What are Honeypots?
Decoy systems to attract and deceive attackers
46
Define Threat Actors' Intent.
Specific objective or goal that a threat actor aims to achieve through their attack
47
What is the motivation behind Data Exfiltration?
Unauthorized transfer of data from a computer
48
What is the motivation for Financial Gain?
Achieved through various means, such as ransomware attacks
49
What is Hacktivism?
Attacks conducted due to the philosophical or political beliefs of the attackers
50
What does Disruption or Chaos refer to in the context of Threat Actor motivations?
Creating and spreading malware to launch sophisticated cyberattacks
51
What is the significance of Revenge as a motivation for Threat Actors?
Targeting an entity that they believe has wronged them in some way
52
What is Cyber Warfare aimed at?
Disrupting a country's infrastructure and compromising national security
53
What are the resources and funding available to Threat Actors?
Tools, skills, and personnel at the disposal of a given threat actor
54
What is the level of sophistication in Threat Actors?
Capability of the specific threat actor in executing attacks
55
What is cyber warfare?
Cyber warfare can be used to disrupt a country's infrastructure, compromise its national security, and to cause economic damage
56
What are the two most basic attributes of a threat actor?
* Resources and funding available to the specific threat actor
* Tools, skills, and personnel at the disposal of a given threat actor
57
Define Internal Threat Actors.
Individuals or entities within an organization who pose a threat to its security
58
Define External Threat Actors.
Individuals or groups outside an organization who attempt to breach its cybersecurity defenses
59
What characterizes a script kiddie?
Individual with limited technical knowledge who uses pre-made software or scripts to exploit computer systems and networks
60
What distinguishes unskilled attackers from skilled ones?
Unskilled attackers lack the technical knowledge to develop their own hacking tools or exploits
61
What is hacktivism?
Activities in which the use of hacking and other cyber techniques is used to promote or advance a political or social cause
62
What is a Distributed Denial of Service (DDoS) Attack?
Attempting to overwhelm the victim's systems or networks so that they cannot be accessed by the organization's legitimate users
63
What is doxing?
Involves the public release of private information about an individual or organization
64
Who is known as the most well-known hacktivist group?
Anonymous
65
What defines organized cybercrime groups?
Groups or syndicates that have banded together to conduct criminal activities in the digital world
66
What motivates organized cybercrime groups?
Money, not ideological or political objectives
67
Define a Nation-state Actor.
Groups or individuals that are sponsored by a government to conduct cyber operations against other nations, organizations, or individuals
68
What is a False Flag Attack?
Attack that is orchestrated in such a way that it appears to originate from a different source or group than the actual perpetrators
69
What is an Advanced Persistent Threat (APT)?
A prolonged and targeted cyberattack where an intruder gains unauthorized access and remains undetected to steal data or monitor activities
70
What are insider threats?
Cybersecurity threats that originate from within the organization
71
What are some motivations behind insider threats?
* Financial gain
* Revenge
* Carelessness or lack of awareness
72
What is Shadow IT?
Use of information technology systems, devices, software, applications, and services without explicit organizational approval
73
What is a Threat Vector?
Means or pathway by which an attacker can gain unauthorized access to a computer or network
74
Define Attack Surface.
Encompasses all the various points where an unauthorized user can try to enter data to or extract data from an environment
75
What is baiting in cybersecurity?
Attacker leaves a malware-infected USB drive in a location where their target might find it
76
What is Vhishing?
Use of voice calls to trick victims into revealing their sensitive information to an attacker
77
What are honeypots?
Decoy system or network set up to attract potential hackers
78
What are honeynets?
Network of honeypots designed to mimic an entire network of systems
79
What are honeytokens?
Piece of data or a resource that has no legitimate value or use but is monitored for access or use
80
What is port triggering?
Security mechanism where specific services or ports on a network device remain closed until a specific outbound traffic pattern is detected
81
Fill in the blank: An unskilled attacker can launch a DDoS attack by entering the _______ of the target system.
[IP address]
