Section 1 - Cybersecurity Flashcards
What are 3 Core Security Objectives that focuses on Protecting Systems and Data?
Confidentiality, Integrity, Availability Confidentiality, Risk, Authentication Vulnerability, Exploit, Threat Non-Repudiation, Integrity Access Confidentiality, Risk, Availability
Confidentiality, Integrity, Availability
What is an expected capability of the GRC Function? (Select All that Apply)
Security Ops Compliance and Audit Incident Response Pen Testing Risk Analysis
Compliance and Audit
Risk Analysis
What technology allows computers to communicate with each other?
Endpoints
Servers
Exploitation
Networking
Networking
What threats must a GRC Analyst consider? (Select All that Apply)
Human-Based
Environmental
Natural
Thought
Human-Based
Environmental
Natural
What is the typical motivation for a Hactivist based Threat Actor?
Financial
Espionage
Political/Ideological
Curiosity
Political/Ideological
What is the CIA Triad?
Confidentiality, Risk, Authentication Vulnerability, Exploit, Threat Confidentiality, Integrity, Availability Non-Repudiation, Integrity Access Confidentiality, Risk, Availability
Confidentiality, Integrity, Availability
Only the people who should have access, do have access. No one else. - Is What?
Confidentiality
Data/Systems/Apps are exactly what it should be - Is what?
Integrity
The System is there when you need it - Is what?
Availability
What are the 5 Layers of NIST Framework?
Identify Protect Detect Respond Recover
Weakness in a Person, Process, Technology.
Not all _________ are Exploitable, but they are still Weaknesses.
What is this?
Vulnerability
An attack on a Vulnerability is what?
Exploit
How likely and how bad an Exploited Vulnerability is.
All Exploits are BAD, but some could be Low _____, while others are High.
How bad is the Impact?
You can’t close all the ______, you have to calculate the _______ and prioritize High/Med/Low.
What is this?
Risk
An actively Exploited Vulnerability is?
Incident
Malicious Software, bad guys write the Software, intended to Exploit Vulnerabilities, resulting in an Incident.
What is this?
Malware