M1 Cybersecurity Basics
Which of the following best describes a gray hat hacker?
A security professional who sometimes attempts accessing systems they didn't have permission to access with the intention of helping later on
Which of the following best describes a black hat hacker?
A teenager who attempts to access various companies' resources to determine if their information is worth selling
Which of the following best describes a white hat hacker?
A teenager who discovers vulnerabilities in their home lab and reports them to companies like Apple, Google, or Microsoft
Choose the best example of a natural threat
A tornado knocking down powerlines causing a power outage
Choose the best example of an insider threat
An HR clerk that can access next generation engineering designs at an auto company
Authentication
Determining if a user is authorized to access a system
People skilled in hacking are often hired by businesses to discover vulnerabilities in their systems
True
A hospital employee accessing the medical records of a celebrity recently admitted to the hospital would be a breach of which component of the CIA triad?
confidentiality
Which component of the CIA triad would be negatively impacted in the case of a student who changed the grade on their report card before their parent's could see it?
integrity
Unauthorized access or modification of ___ information could adversely impact an organization
sensitive
A _______ defense is one where proactive steps are taken to prevent attacks before they occur
Dynamic
Availability
Ensuring information can be accessed when it is needed
True or False - A virus is considered Malware, but a worm is not
False
Confidentiality
Keeping information secret
Least Privilege
Only granting access to something if it is absolutely required for their job
Integrity
Protecing information from being tampered with
Someone who may carry out hacking activities but lacks actual expertise is called a
Script Kiddy
Layered Security
Securing not only the perimeter, but individual systems within the network
Technique of exploiting human nature to gain access to a system
Social Engineering
Choose two examples of an unintentional threat
Someone tripping over a power cord Someone "replying to all" but including information meant to be confidential
