Section 2: Cybersecurity Concepts Flashcards

1
Q

Residuals Risk measure criteria

A
  • Risk tolerance
  • Size and scope of the environment in question
  • Amount of data available
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Inherent Risk

A

The risk level or exposure without taking into account the actions that management has taken or might take.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Attack

A

While risk is measured by potential activity, an attack is the actual occurrence of a threat.
More specifically, an attack is an activity by a threat agent (or adversary) against an asset.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

attack vector

A

The path or route used to gain access to the target (asset) is known as an attack vector.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

attack mechanism

A

the method used to deliver the exploit. Unless the attacker is personally performing the attack, the attack mechanism may involve a payload, or container, that delivers the exploit to the target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Exploit and compromise

A

The adversary takes advantage of information and systems in order to compromise them, which may involve the following actions:
• Split tunneling or gaining physical access to organizational facilities
• Exfiltrating data or sensitive information
• Exploiting multitenancy in a cloud environment
• Launching zero-day exploits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Risk

A

The combination of the probability of an event and its consequence. Risk is mitigated through the use of controls or safeguards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Threat

A

Anything (e.g., object, substance, human) that is capable of acting against an asset in a manner that can result in harm. Some organizations make a further distinction between a threat source and a threat event, classifying a threat source as the actual process or agent attempting to cause harm, and a threat event as the result or outcome of a threat agent’s malicious activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Threat source

A

the actual process or agent attempting to cause harm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Threat event

A

the result or outcome of a threat agent’s malicious activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Asset

A

Something of either tangible or intangible value that is worth protecting, including people, information, infrastructure, finances and reputation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Vulnerability

A

A weakness in the design, implementation, operation or internal control of a process that could expose the system to adverse threats from threat events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Three different approaches to implementing cybersecurity

A
  • Compliance-based: Also known as standards-based security, this approach relies on regulations or standards to determine security implementations. Controls are implemented regardless of their applicability or necessity, which often leads to a “checklist” attitude toward security.
  • Risk-based: Risk-based security relies on identifying the unique risk a particular organization faces and designing and implementing security controls to address that risk above and beyond the entity’s risk tolerance and business needs.
  • Ad hoc: An ad hoc approach simply implements security with no particular rationale or criteria. Ad hoc implementations may be driven by vendor marketing, or they may reflect insufficient subject matter expertise, knowledge or training when designing and implementing safeguards.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

cyberrisk assessment

A

Assets, threats and vulnerabilities must all be analyzed to determine an organization’s particular risk. The process of doing this analysis is called a cyberrisk assessment. While every risk assessment methodology has different nuances and approaches, most have three common inputs:

  • asset identification
  • threat assessment
  • vulnerability assessment
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Third-party Risk

A

Cybersecurity can be more difficult to control when third parties are involved, especially when different entities have different security cultures and risk tolerances. No organization exists in a vacuum, and information must be shared with other individuals or organizations, often referred to as third parties. It is important to understand third party risk, such as information sharing and network access, as it relates to cybersecurity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Risk Management

A

Assessing risk is one of the most critical functions of a cybersecurity organization. Effective policies, security implementations, resource allocation and incident response preparedness are all dependent on understanding the risk and threats an organization faces. Using a risk-based approach to cybersecurity allows more informed decision-making to protect the organization and to apply limited budgets and resources effectively. If controls are not implemented based on awareness of actual risk, then valuable organizational assets will not be adequately protected while other assets will be wastefully overprotected.

17
Q

core duty of cybersecurity

A

The core duty of cybersecurity is to identify, mitigate and manage cyberrisk to an organization’s digital assets

18
Q

Security Controls

A

Once risk is identified and prioritized, existing controls should be analyzed to determine their effectiveness in mitigating the risk. This analysis will result in a final risk ranking based on risk that has adequate controls, inadequate controls and no controls.
The cost of the control (including its operation) should not exceed the value of the asset it is protecting.

19
Q

Control

A

The means of managing risk, including policies, procedures, guidelines, practices or organizational structures, which can be of an administrative, technical, management, or legal nature.

20
Q

Residual Risk

A

Even after safeguards are in place, the remaining risk after management has implemented a risk response.

21
Q

Risk Acceptance

A

If the risk is within the enterprise’s risk tolerance or if the cost of otherwise mitigating the risk is higher than the potential loss, the enterprise can assume the risk and absorb any losses.

22
Q

Hacktivists

A

Although they often act independently, politically motivated hackers may target specific individuals or organizations to achieve various ideological ends.

23
Q

Cyberterrorists

A

Characterized by their willingness to use violence to achieve their goals, Cyberterrorists frequently target critical infrastructures and government groups.