Section 1 - Overview Of Security

Question 1

What are the exams 5 domains?

Answer 1

Attacks Threats & Vulnerabilities
Architecture & Design
Implementation
Operations and Incident Response
Governance, Risk & Compliance

Question 2

What is the CIA Triad?

Answer 2

Confidentiality, Integrity & Availability

Question 3

AAA of security?

Answer 3

Authentication
Authorization
Accounting

Question 4

What are the 4 security threats categories?

Answer 4

Malware
Unauthorized Access
System Failure
Social Engineering

Question 5

What are the three means to threat mitigation?

Answer 5

Physical contols
Technical controls
Administrative controls

Question 6

What are the 5 types of hackers?

Answer 6

White hat
Black hat
Grey hat
Blue hat
Elite

Question 7

What arethe four categories of threat actors?

Answer 7

Script kiddies
Hacktivists
Organized crime
APTs

Question 8

What are the four aspects of an intelligence source to consider to evaluate its quality?

Answer 8

Timeliness
Relevancy
Accuracy
Confidence levels

Question 9

What are the 4 types of intelligence sources?

Answer 9

Proprietary
Closed-source
Open-source (US-CERT, UK’s NCSC, MISP…)
Open-source intelligence (OSINT)

Question 10

Describe each one of the 3 classic Attack Framework

Answer 10

SP