Introduction to Cybersecurity tools and Cyber attacks
Vulnerabilities are weaknesses in a system that can be exploited. Which are the two (2) most common ways in which vulnerabilities are introduced to a system?
1. Many systems are shipped with known and unknown security holes, such as insecure default settings. 2. Many vulnerabilities occur as a result of misconfiguration by the system administrator.
What three (3) security challenges face today's organizations?
1.Solutions can be attacked themselves 2.Protection of enforcement structure can complicate solutions 3.Security is not as simple as it seems
Which aspect of a comprehensive approach to cybersecurity includes these items: policies, procedures, standards, user education, incident response, disaster recovery, compliance and physical security?
Administrative controls
Which aspect of a comprehensive approach to cybersecurity includes these items: classification, implementation steps, asset control and documentation?
Asset management
The sender and receiver of a message can positively identity each other's identity is an example of which basic security concept?
Authentication
Only the sender and intended receiver of a message can "understand" the message contents is an example of which basic security concept?
Confidentiality
three components of the CIA Triad
Confidentiality, Integrity, And Availability
Question 7 What security role would be responsible for conducting information security assessments for organizations, including analyzing events, alerts and alarms? 1 / 1 point
Information Security Analyst
Most cyber attacks come from which source?
Internal factors, such as current and former employees.
availability
Security actions that ensure that data is accessible to authorized users.
Which aspect of a comprehensive approach to cybersecurity includes these items: network infrastructure, endpoints, servers, identity management, vulnerability management, monitoring and logging?
Technical controls
Which is the National Institute of Standards' (NIST) definition of cybersecurity?
The protection of information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.
"A flaw, loophole, oversight, or error that can be exploited to violate system security policy." Is the definition of which key cybersecurity term?
Vulnerability
"An event, natural or man-made, able to cause a negative impact to an organization." Is the definition of which key cybersecurity term?
Threat
Exploit
is a defined way to breach the security of an IT system through a vulnerability.
vulnerability
is a flaw, loophole, oversight, or error that can be exploited to violate system security policy.
Threat
is an event, natural or man-made, able to cause negative impact to an organization.
Risk
is the probability of an event or that an event could actually happen.
Vulnerability Assessment
is the process of identifying, analyzing, and ranking vulnerabilities in the specific environment.
integrity
making sure that information is always accurate and stays that way.
Confidentiality
the assurance that messages and information are available only to those who are authorized to view them