CompTIA® Security+ Guide to Network Security Fundamentals - Chapter 1 - Introduction to Security
Sarbanes-Oxley Act (Sarbox)
A U.S. law designed to fight corporate corruption.
Health Insurance Portability and Accountability Act (HIPAA)
A U.S. law designed to guard protected health information and implement policies and procedures to safeguard it.
Gramm-Leach-Bliley Act (GLBA)
A U.S. law that requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.
vulnerability
A flaw or weakness that allows a threat agent to bypass security.
cybercriminals
A network of attackers, identity thieves, spammers, and financial fraudsters.
threat agent
A person or element that has the power to carry out a threat.
cyberterrorism
A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violence.
Payment Card Industry Data Security Standard (PCI DSS)
A set of security standards that all U.S. companies processing, storing, or transmitting credit card information must follow.
risk
A situation that involves exposure to danger.
Cyber Kill Chain®
A systematic outline of the steps of a cyberattack, introduced at Lockheed Martin in 2011.
threat
A type of action that has the potential to cause harm.
asset
A(n) ____ is defined as something that has a value.
risk
A(n) ____ is the likelihood that a threat agent will exploit a vulnerability.
acceptance
Acknowledging a risk but taking no action to address it.
mitigation
Addressing a risk by making it less serious is known as ____________.
mitigation
Addressing a risk by making it less serious.
obscurity
An example of _____ in information security would be not revealing the type of computer, version of operating system, or brand of software that is used.
obscurity
An example of _____________ is not revealing the type of computer, operating system, software, and network connection a computer uses. a. layering b. diversity c. obscurity d. limiting
asset
An item that has value.
diversity
An organization that purchased security products from different vendors is demonstrating which security principle? a. obscurity b. diversity c. limiting d. layering
state-sponsored attacker
Attacker commissioned by governments to attack enemies' information systems.
hactivist
Attacker who attacks for ideological reasons that are generally not as welldefined as a cyberterrorist's motivation.
broker
Attacker who sells knowledge of a vulnerability to other attackers or governments.
cyberterrorist
Attacker whose motivation may be defined as ideological, or attacking for the sake of principles or beliefs.
script kiddies
Attackers who do their work by downloading automated attack software from websites and use it to perform malicious acts are known as ______________.
exploit kit
Automated attack package that can be used without an advanced knowledge of computers.
stockholders
Each of the following can be classified as an "insider" EXCEPT ___________________________. a. business partners b. contractors c. stockholders d. employees
limit access control
Each of the following is a goal of information security EXCEPT __________________________. a. avoid legal consequences b. foil cyberterrorism c. prevent data theft d. limit access control
purposes
Each of the following is a successive layer in which information security is achieved EXCEPT . a. products b. purposes c. procedures d. people
insiders
Employees, contractors, and business partners who can be responsible for an attack.
risk avoidance
Identifying the risk but making the decision to not engage in the activity.
script kiddie
Individual who lacks advanced knowledge of computers and networks and so uses downloaded automated attack software to attack information systems.
Advanced Persistent Threat (APT)
Multiyear intrusion campaign that targets highly sensitive economic, proprietary, or national security information.
availability
Security actions that ensure that data is accessible to authorized users.
confidentiality
Security actions that ensure that only authorized parties can view the information.
integrity
Security actions that ensure that the information is correct and no unauthorized person or malicious software has altered the data.
identity theft
Stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain.
cybercrime
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.
cybercrime
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information.
chief information security officer (CISO)
The _______________________ is primarily responsible for assessing, managing, and implementing security. a. security administrator b. security manager c. security technician d. chief information security officer (CISO)
accounting
The ability that provides tracking of events.
authorization
The act of providing permission or approval to technology resources.
Cyber Kill Chain
The basic steps of an attack are known as _____________________.
California's Database Security Breach Notification Act
The first state electronic privacy law, which covers any state agency, person, or company that does business in California.
threat vector
The means by which an attack could occur.
cyberterrorists
The motivation of ____ may be defined as ideology, or attacking for the sake of their principles or beliefs.
BYOD (bring your own device)
The practice of allowing users to use their own personal devices to connect to an organizational network.
threat likelihood
The probability that a threat will actually occur.
authentication
The steps that ensure that the individual is who he or she claims to be.
information security
The tasks of protecting the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures.
transference
Transferring the risk to a third party.
deterrence
Understanding the attacker and then informing him of the consequences of the action.
cybercriminals
What are attackers called who belong to a network of identity thieves and financial fraudsters? a. cybercriminals b. script kiddies c. hackers d. brokers
1. Reconnaissance - Probe for any information about the system to reveal if the system is a viable target for an attack and how it could be attacked 2. Weaponization - Create an exploit and package it into a deliverable payload that can be used against the target 3. Delivery - The weapon is transmitted to the target 4. Exploitation - The exploitation stage triggers the intruders' exploit 5. Installation - The weapon is installed to either attack the computer or install a remote "backdoor" so the attacker can access the system. 6. Command and Control - System connects back to the attacker so that it can be remotely controlled by the attacker and receive future instructions 7. Actions on Objectives - Attackers take actions to achieve their original objectives.
What are the steps of the Cyber Kill Chain?
Products People Policies and procedures
What are the three entities that through a combination of layers, help to provide Information Security?
Confidentiality: Ensures only authorized parties can view information Integrity: Ensures information not altered Availability: Ensures information accessible when needed to authorized parties
What are the three protections that must be extended over information or CIA?
Authentication: Ensures that the individual is who she claims to be (the authentic or genuine person) and not an imposter Authorization: Providing permission or approval to specific technology resources Accounting: Provides tracking of events
What does AAA mean when it comes to additional protections over information?
threat agent
What is a person or element that has the power to carry out a threat? a. threat agent b. exploiter c. risk agent d. vulnerability
to spy on citizens
What is an objective of state-sponsored attackers? a. to right a perceived wrong b. to spy on citizens c. to sell vulnerabilities to the highest bidder d. fortune instead of fame
The aim of a hactivist is not to incite panic like cyberterrorists.
What is the difference between a hactivist and a cyberterrorist? a. A hactivist is motivated by ideology while a cyberterrorists is not. b. Cyberterrorists always work in groups while hactivists work alone. c. The aim of a hactivist is not to incite panic like cyberterrorists. d. Cyberterrorists are better funded than hactivists.
reconnaissance
What is the first step in the Cyber Kill Chain®? a. weaponization b. exploitation c. actions on objectives d. reconnaissance
Health Insurance Portability and Accountability Act (HIPAA)
Which act requires enterprises to guard protected health information and implement policies and procedures to safeguard it? a. Hospital Protection and Insurance Association Agreement (HPIAA) b. Sarbanes-Oxley Act (Sarbox) c. Gramm-Leach-Bliley Act (GLBA) d. Health Insurance Portability and Accountability Act (HIPAA)
is only used by hactivists against foreign enemies
Which of the following is NOT a characteristic of Advanced Persistent Threat (APT)? a. can span several years b. targets sensitive proprietary information c. uses advanced tools and techniques d. is only used by hactivists against foreign enemies
Availability
Which of the following terms best describes ensuring that data is accessible to authorized users? a. Integrity b. Accounting c. Availability d. BYOD
gray hat hackers
Which of the following was used to describe attackers who would break into a computer system without the owner's permission and publicly disclose the vulnerability? a. white hat hackers b. black hat hackers c. blue hat hackers d. gray hat hackers
The necessary steps to protect a person or property from harm.
Which phrase describes the term "security" in a general sense? a. protection from only direct actions b. using reverse attack vectors (RAV) for protection c. only available on hardened computers and systems d. the necessary steps to protect a person or property from harm
greater sophistication of defense tools
Which the following is NOT a reason why it is difficult to defend against today's attackers? a. increased speed of attacks b. simplicity of attack tools c. greater sophistication of defense tools d. delays in security updating
The vulnerability was previously unknown and is unlikely to be patched quickly.
Why can brokers command such a high price for what they sell? a. Brokers are licensed professionals. b. The attack targets are always wealthy corporations. c. The vulnerability was previously unknown and is unlikely to be patched quickly. d. Brokers work in teams and all the members must be compensated.
They can cause significant disruption by destroying only a few targets.
Why do cyberterrorists target power plants, air traffic control centers, and water systems? a. These targets have notoriously weak security and are easy to penetrate. b. They can cause significant disruption by destroying only a few targets. c. These targets are government-regulated and any successful attack would be considered a major victory. d. The targets are privately owned and cannot afford high levels of security.
Confidentiality
____ ensures that only authorized parties can view the information.
Authentication
____________ ensures that individuals are who they claim to be. a. Demonstration b. Accounting c. Authentication d. Certification
confidentiality
________________ ensures that only authorized parties can view the information. a. Confidentiality b. Availability c. Authorization d. Integrity
