CompTIA® Security+ Guide to Network Security Fundamentals - Chapter 1 - Introduction to Security

Sarbanes-Oxley Act (Sarbox)

A U.S. law designed to fight corporate corruption.

Health Insurance Portability and Accountability Act (HIPAA)

A U.S. law designed to guard protected health information and implement policies and procedures to safeguard it.

Gramm-Leach-Bliley Act (GLBA)

A U.S. law that requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

vulnerability

A flaw or weakness that allows a threat agent to bypass security.

cybercriminals

A network of attackers, identity thieves, spammers, and financial fraudsters.

threat agent

A person or element that has the power to carry out a threat.

cyberterrorism

A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violence.

Payment Card Industry Data Security Standard (PCI DSS)

A set of security standards that all U.S. companies processing, storing, or transmitting credit card information must follow.

risk

A situation that involves exposure to danger.

Cyber Kill Chain®

A systematic outline of the steps of a cyberattack, introduced at Lockheed Martin in 2011.

threat

A type of action that has the potential to cause harm.

asset

A(n) ____ is defined as something that has a value.

risk

A(n) ____ is the likelihood that a threat agent will exploit a vulnerability.

acceptance

Acknowledging a risk but taking no action to address it.

mitigation

Addressing a risk by making it less serious is known as ____________.

mitigation

Addressing a risk by making it less serious.

obscurity

An example of _____ in information security would be not revealing the type of computer, version of operating system, or brand of software that is used.

obscurity

An example of _____________ is not revealing the type of computer, operating system, software, and network connection a computer uses. a. layering b. diversity c. obscurity d. limiting

asset

An item that has value.

diversity

An organization that purchased security products from different vendors is demonstrating which security principle? a. obscurity b. diversity c. limiting d. layering

state-sponsored attacker

Attacker commissioned by governments to attack enemies' information systems.

hactivist

Attacker who attacks for ideological reasons that are generally not as welldefined as a cyberterrorist's motivation.

broker

Attacker who sells knowledge of a vulnerability to other attackers or governments.

cyberterrorist

Attacker whose motivation may be defined as ideological, or attacking for the sake of principles or beliefs.

script kiddies

Attackers who do their work by downloading automated attack software from websites and use it to perform malicious acts are known as ______________.

exploit kit

Automated attack package that can be used without an advanced knowledge of computers.

stockholders

Each of the following can be classified as an "insider" EXCEPT ___________________________. a. business partners b. contractors c. stockholders d. employees

limit access control

Each of the following is a goal of information security EXCEPT __________________________. a. avoid legal consequences b. foil cyberterrorism c. prevent data theft d. limit access control

purposes

Each of the following is a successive layer in which information security is achieved EXCEPT . a. products b. purposes c. procedures d. people

insiders

Employees, contractors, and business partners who can be responsible for an attack.

risk avoidance

Identifying the risk but making the decision to not engage in the activity.

script kiddie

Individual who lacks advanced knowledge of computers and networks and so uses downloaded automated attack software to attack information systems.

Advanced Persistent Threat (APT)

Multiyear intrusion campaign that targets highly sensitive economic, proprietary, or national security information.

availability

Security actions that ensure that data is accessible to authorized users.

confidentiality

Security actions that ensure that only authorized parties can view the information.

integrity

Security actions that ensure that the information is correct and no unauthorized person or malicious software has altered the data.

identity theft

Stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain.

cybercrime

Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.

cybercrime

Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information.

chief information security officer (CISO)

The _______________________ is primarily responsible for assessing, managing, and implementing security. a. security administrator b. security manager c. security technician d. chief information security officer (CISO)

accounting

The ability that provides tracking of events.

authorization

The act of providing permission or approval to technology resources.

Cyber Kill Chain

The basic steps of an attack are known as _____________________.

California's Database Security Breach Notification Act

The first state electronic privacy law, which covers any state agency, person, or company that does business in California.

threat vector

The means by which an attack could occur.

cyberterrorists

The motivation of ____ may be defined as ideology, or attacking for the sake of their principles or beliefs.

BYOD (bring your own device)

The practice of allowing users to use their own personal devices to connect to an organizational network.

threat likelihood

The probability that a threat will actually occur.

authentication

The steps that ensure that the individual is who he or she claims to be.

information security

The tasks of protecting the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures.

transference

Transferring the risk to a third party.

deterrence

Understanding the attacker and then informing him of the consequences of the action.

cybercriminals

What are attackers called who belong to a network of identity thieves and financial fraudsters? a. cybercriminals b. script kiddies c. hackers d. brokers

1. Reconnaissance - Probe for any information about the system to reveal if the system is a viable target for an attack and how it could be attacked 2. Weaponization - Create an exploit and package it into a deliverable payload that can be used against the target 3. Delivery - The weapon is transmitted to the target 4. Exploitation - The exploitation stage triggers the intruders' exploit 5. Installation - The weapon is installed to either attack the computer or install a remote "backdoor" so the attacker can access the system. 6. Command and Control - System connects back to the attacker so that it can be remotely controlled by the attacker and receive future instructions 7. Actions on Objectives - Attackers take actions to achieve their original objectives.

What are the steps of the Cyber Kill Chain?

Products People Policies and procedures

What are the three entities that through a combination of layers, help to provide Information Security?

Confidentiality: Ensures only authorized parties can view information Integrity: Ensures information not altered Availability: Ensures information accessible when needed to authorized parties

What are the three protections that must be extended over information or CIA?

Authentication: Ensures that the individual is who she claims to be (the authentic or genuine person) and not an imposter Authorization: Providing permission or approval to specific technology resources Accounting: Provides tracking of events

What does AAA mean when it comes to additional protections over information?

threat agent

What is a person or element that has the power to carry out a threat? a. threat agent b. exploiter c. risk agent d. vulnerability

to spy on citizens

What is an objective of state-sponsored attackers? a. to right a perceived wrong b. to spy on citizens c. to sell vulnerabilities to the highest bidder d. fortune instead of fame

The aim of a hactivist is not to incite panic like cyberterrorists.

What is the difference between a hactivist and a cyberterrorist? a. A hactivist is motivated by ideology while a cyberterrorists is not. b. Cyberterrorists always work in groups while hactivists work alone. c. The aim of a hactivist is not to incite panic like cyberterrorists. d. Cyberterrorists are better funded than hactivists.

reconnaissance

What is the first step in the Cyber Kill Chain®? a. weaponization b. exploitation c. actions on objectives d. reconnaissance

Health Insurance Portability and Accountability Act (HIPAA)

Which act requires enterprises to guard protected health information and implement policies and procedures to safeguard it? a. Hospital Protection and Insurance Association Agreement (HPIAA) b. Sarbanes-Oxley Act (Sarbox) c. Gramm-Leach-Bliley Act (GLBA) d. Health Insurance Portability and Accountability Act (HIPAA)

is only used by hactivists against foreign enemies

Which of the following is NOT a characteristic of Advanced Persistent Threat (APT)? a. can span several years b. targets sensitive proprietary information c. uses advanced tools and techniques d. is only used by hactivists against foreign enemies

Availability

Which of the following terms best describes ensuring that data is accessible to authorized users? a. Integrity b. Accounting c. Availability d. BYOD

gray hat hackers

Which of the following was used to describe attackers who would break into a computer system without the owner's permission and publicly disclose the vulnerability? a. white hat hackers b. black hat hackers c. blue hat hackers d. gray hat hackers

The necessary steps to protect a person or property from harm.

Which phrase describes the term "security" in a general sense? a. protection from only direct actions b. using reverse attack vectors (RAV) for protection c. only available on hardened computers and systems d. the necessary steps to protect a person or property from harm

greater sophistication of defense tools

Which the following is NOT a reason why it is difficult to defend against today's attackers? a. increased speed of attacks b. simplicity of attack tools c. greater sophistication of defense tools d. delays in security updating

The vulnerability was previously unknown and is unlikely to be patched quickly.

Why can brokers command such a high price for what they sell? a. Brokers are licensed professionals. b. The attack targets are always wealthy corporations. c. The vulnerability was previously unknown and is unlikely to be patched quickly. d. Brokers work in teams and all the members must be compensated.

They can cause significant disruption by destroying only a few targets.

Why do cyberterrorists target power plants, air traffic control centers, and water systems? a. These targets have notoriously weak security and are easy to penetrate. b. They can cause significant disruption by destroying only a few targets. c. These targets are government-regulated and any successful attack would be considered a major victory. d. The targets are privately owned and cannot afford high levels of security.

Confidentiality

____ ensures that only authorized parties can view the information.

Authentication

____________ ensures that individuals are who they claim to be. a. Demonstration b. Accounting c. Authentication d. Certification

confidentiality

________________ ensures that only authorized parties can view the information. a. Confidentiality b. Availability c. Authorization d. Integrity