Tools of Defense #2

Question 1

Defense in depth

Answer 1

A security discipline that refers to having layers of protection in an IT infrastructure.

It’s intent is to provide redundancy in the event a security control fails or a vulnerability is exploited.

Question 2

Policies, Procedures, & Awareness:

Answer 2

Published policies, implemented security procedures, and trained employees.

PERIMETER
INTERNAL NETWORK
HOST
APPLICATION
DATA

Question 3

PERIMETER

Answer 3

A firewall to prevent unauthorized access to the network.

Question 4

INTERNAL NETWORK

Answer 4

Software or hardware tools that scan the network for attackers and traffic that shouldn’t be there.

Question 5

HOST

Answer 5

The Individual computers on the network, running antivirus.

Question 6

APPLICATION

Answer 6

Correct configurations, securely written code, and access privileges.

Question 7

DATA

Answer 7

Encrypting confidential data, or password protecting databases.

Question 8

Social Engineering Indicators (SEI)

Answer 8

A feature of KnowBe4’s simulated phishing campaigns that shows a user the red flags they missed when clicking on a link in a simulated phishing campaign.

Question 9

Artificial Intelligence Driven Agent (AIDA)

Answer 9

A tool that uses AI to automatically create integrated campaigns that send emails, text, and voicemail to an employee, simulating a multi-vector social engineering attack.