Unit 4 - Basic Cybersecurity Concepts Flashcards
What is NIST?
US National Institute for Standards and Technology
What are the five cybersecurity components for ‘Security by Design’?
- Identify (your valuable assets)
- Protect (with appropriate security)
- Detect (any compromised account or device)
- Respond (quarantine the problem and identify countermeasures)
- Recover (replace, restore or otherwise fix compromised assets)
Which of the five cybersecurity framework stages supports security by design?
The proactive stages…
- Identify
- Protect
Which of the five cybersecurity framework stages deals with what to do after things have gone wrong (protection through detection)?
The Reactive stages…
- Detect
- Respond
- Recover
What is Cybersecurity in it’s simplest form?
Cybersecurity is intended to protect digital devices from being exploited or compromised
What question can you ask yourself when looking at the cybersecurity position of something?
Do I feel confident that we have sufficiently considered and addressed all of the possible methods that might be used to attack or compromise this digital device or digital landscape?
What information do you need to have to know whether all cybersecurity measures have been considered?
Need to consider:
1) all locations within digital landscape
2) all potential vectors of either point of failure or attack
3) inherent value that each digital location has
What do you need to have to Identify what to protect?
- Information Classification (to sort out which groups of info are the most valuable)
- Cyber Defense Points (determine where info is located and where it passes through)
When working out how to Protect our assets appropriate to the potential value and impact they could have, we consider…
- Control Types (Physical, Procedural, Technical and Legal)
- Control Modes (Preventive, Detective and Corrective)
How do we Identify what information we want to protect?
- Information Asset Register (list of the sets of data we need to evaluate and protect)
- Information Classification (evaluation of each info asset to help understand how it should be protected
What do we assign values to when undertaking Information Classification?
- Confidentiality
- Integrity
- Availability
- Consent
What is the difference between ‘Data’ and ‘Information’?
‘Data’ only refers to electronic information, whereas ‘Information’ also includes physical forms, such as paper records.
What are the six Cyber Defense Points?
1) Data - any info in electronic or digital format.
2) Devices - any hardware used to create, modify, process, store or transmit data. E.g. Computers, smartphones, USB drives.
3) Applications - any programs (software) that reside on any device.
4) Systems - groups of applications that operate together to serve a more complex purpose.
5) Networks - the group name for a collection of devices, wiring and applications used to connect, carry, broadcast, monitor or safeguard data.
6) Other Communication Channels - any other routes used to transmit or transfer any electronic data of value between devices.
Why is ‘Data’ itself considered to be a cyber defense point?
Because security controls can be applied directly to data. E.g. Encryption, so even if intercepted cannot immediately be accessible without further effort.
How do we go about determining the ‘What’, ‘Where’ and ‘How’ of what we need to defend?
What = Information Classification Where = Cyber Defense Points How = Security Control Types
