Security and Privacy Chapter 1

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

What is another way of saying layering security?

"Defense in depth" or "security in depth"

What are the seven layers of security?

1.) Policies, procedures and awareness, 2.) Physical, 3.) Perimeter 4.) Network, 5.) Host, 6.) Application, 7.) Data

What does it mean to breach the system in terms of threat agent attacks?

A breach is the penetration of system defenses. it is often achieved by using information gathered by reconnaissance

What is a zombie?

A computer that is infected with malware and is controlled by a command and control center called a zombie master.

What is the SCALE and VELOCITY of cyber attacks?

A cyber attack can grow to millions of computers in a matter of minutes or days

What is an example of an threat?

A data breach that results in a database being stolen

What is an example of a threat agent?

A disgruntled employee who copies a database to a thumb drive and sells it to a competitor

What is a fileless virus?

A fileless virus uses legitimate programs to infect a computer. Because it doesn't rely on files, it leaves no footprint, making it undetectable by most security solutions.

What is a botnet?

A group of zombie computers that are commanded from a central control infrastructure

What is a hacker in terms of threat agents?

A hacker is a threat agent who uses their technical knowledge to bypass security mechanisms to exploit a vulnerability to access information

What is a trojan horse?

A malicious program that is disguised as legitimate or desirable software

What is a virus?

A program that attempts to damage a computer system and replicate itself to other computer systems.

What is layered security?

A security approach that combines multiple security controls and defenses to create a cummulative effect.

What is Layered security model?

A security approach that defines seven layers of security

What is a worm?

A self-replicating malware program.

What is a rootkit?

A set of programs that allows attackers to maintain hidden, administrator-level access to a computer

What is a gray hat hacker?

A skilled hacker who falls in the middle of white hat and black hat hackers. The gray hat may cross the line of what is ethical, but usually has good intentions and isn't malicious like a black hat hacker.

What is a white hat hacker?

A skilled hacker who uses skills and knowledge for defensive purposes only. The white hat hacker interacts only with systems for which express access permission is given.

What is black hat hacker?

A skilled hacker who uses skills and knowledge for illegal or malicious purposes

What is a nation state in terms of threat agents?

A sovereign state threat agent that may wage an all-out war on a target and have significant resources for the attack

What does a corporate spy do?

A spy applies for a job within a competitor and then exploits internal vulnerabilities to steal information and return it to their client.

What is an competitor in terms of threat agents?

A threat agent who carries out attacks on behalf of an organization and targets competing companies

What is an insider in terms of threat agents?

A threat agent who has authorized access to an organization and either intentionally or unintentionally carries out an attack.

What is an internal threat in terms of threat agents?

A threat from authorized individuals (insiders) who exploit assigned privileges and inside information to carry out an attack

What is an external threat in terms of threat agents?

A threat from individuals or groups not associated with the organization, who seek to gain unauthorized access to data.

What is a threat?

A threat is an entity that can cause the loss of an asset or any potential danger to the confidentiality, integrity, or availability of information or systems.

What is a Non-persistent threat threat in terms of threat agents?

A threat that focuses on getting into a system and stealing information. It is usually a one-time event, so the attacker is not concerned with detection.

What is a persistent threat threat in terms of threat agents?

A threat that seeks to gain access to a network and remain there undetected.

What is a targeted attack?

A type of threat in which threat actors actively pursue and compromise a target entity's infrastructure while maintaining anonymity.

What is vulnerability?

A weakness that allows a threat to be carried out

What are ACLs in networking?

Access Control Lists, it contains rules for who can access and environment

What is an exploit?

An act, procedure, or piece of software that takes advantage of a vulnerability to carry an attack

What is an asset?

An asset is something that has value to the person or organization

What is an opportunistic attack?

An attack in which the threat actor is almost always trying to make money as fast as possible and with minimal effort.

What does it mean to exploit vulnerabilities in terms of threat agent attacks?

An exploitation takes advantage of known vulnerabilities in software and systems

What is an hacker in terms of threat agents?

Any threat agent who uses technical knowledge to bypass security, exploit a vulnerability, and gain access to protected information

List the items that risk management takes into account:

Assets, threats, threat agents, vulnerabilities, exploits

What is the application layer of security?

Authentication and authorization, user management, group policies, and web application security.

What is availability?

Availability ensures the uptime of the system so that data is available when needed.

How can employee's be threat agents?

Become disgruntled with their employer, be bribed by a competitor, be an unintentional participant in an attack, accidentally delete or cause data corruption

What are sophisticated attacks?

Complex, difficult to thwart cyber attacks that use common tools and protocols

What is the "CIA" of Security?

Confidentiality, Integrity, Availability

What does it mean to create a backdoor in terms of threat agent attacks?

Creating a backdoor is an alternative method of accessing an application or operating system for troubleshooting. Hackers often create backdoors to exploit a system without being detected.

List a subcategory of hackers in terms of threat agents

Cybercriminals

What is an cybercriminal in terms of threat agents?

Cybercriminals are willing to take more risks and use more extreme tactics for financial gain

What is a another term for layered security?

Defense in-depth security model

How is non-repudiation enforced?

Digital signatures

List some threat agents:

Employees, spies, hackers

Example of confidentiality:

Encryption, which converts data into a form that makes it less likely to be useable by an unintended recipient

What is confidentiality?

Ensures that data is not disclosed to unintended persons.

What does it mean to escalate privileges in terms of threat agent attacks?

Escalating privileges is a primary objective of an attacker. Once an attacker has breached the system obtaining higher privileges allows the attacker to access more information and gain greater control with the system

What are some examples physical security in terms of cybersecurity?

Firewalls and antivirus software

What is the perimeter layer of security?

Firewalls using ACLs and securing the wireless network.

What are script kiddies?

Hackers that download and run attacks available on the internet, but generally are not technically savvy enough to create their own attacking code or script

What are cyber terrorists?

Hackers who use the Internet to carry out terrorist activities, such as disrupting network-dependent instructions

What are cyber-criminals?

Hackers who usually seek to exploit security vulnerabilities for some kind of financial reward or revenge

What is an example of integrity in cyber-security?

Hashing, the practice of using an algo to map data

What is an example of non-repudiation?

If a user sends a digitally signed email, they cannot claim later that the email was not sent

What is Open-source intelligence (OSINT)?

Information that is readily available to the public and doesn't require any type of malicious activity to obtain

What is integrity?

Integrity ensures that data is not modified or tampered with

When considered a threat agent what are employee's also known as?

Internal threats

What is layering in cybersecurity?

Lasyering involves implementing multiple security strategies to protect the same asset

What are 5 defense methodologies for cybersecurity?

Layering, principle of least privilege, variety, randomness, simplicity

What is LAN?

Local Area Network, a series of computers linked together to form a network in a location

What is the host layer of security?

Log management, OS hardening, patch implementation, patch management, auditing, anti-malware, and password attack prevention on each workstation, laptop, and mobile device.

What does OSINT stand for?

Open-source intelligence

What are administrators?

People who manage the software

What are users?

People who use the software

What are 8 attack strategies that threat agents practice?

Perform reconnaissance, use social engineering, use technical approaches, breach the system, escalate privileges, create a backdoor, stage computers, exploit vulberabilities

What is physical security in terms of cybersecurity?

Physical security includes all hardware and software necessary to secure data

What are policies?

Policies are the rules an organization implements to protect information

What is non-repudiation?

Providing validation of a message's origin?

What does it mean to in terms of threat agent attacks?

Reconnaissance is the process of gathering information about an organization, including system hardware information, network configuration, individual user information

What is the reason for the SCALE and VELOCITY of cyber attacks?

Scale and Velocity grows due to it's ability to proliferate on the internet.

What are the subcategories of hackers?

Script kiddies, cyber criminals and cyber terrorists

What is an example of an asset?

Sensitive information in a database

What does it mean to use social engineering in terms of threat agent attacks?

Social engineering is the process of manipulating others into providing sensitive information. Social engineering tactics include intimidation and sympathy

What is malware?

Software designed to take over or damage a computer without the user's knowledge or approval

What is a threat agent?

Sometimes known as an attacker, an entity that can carry out a threat

What are spies in terms of threat agents?

Spies can be employed in corporate espionage to obtain information about competitors for commercial purposes

What does it mean to stage computers in terms of threat agent attacks?

Staging a computer involves preparing it to preform additional tasks in the attack, such as installing software designed to attack other system. this is an optional step

Once a vulnerability has been exploited an attacker can often?

Steal information, deny services, crash systems, modify information

What is the data layer of security?

Storing data properly, destroying data, classifying data, cryptography, and data transmission security.

What is an example of vulnerability?

Such as a USB port that is enabled on the server hosting the database or a server room door that is frequently left ajar, copies the database to a thumb drive, and then sells it.

What is security?

The degree of protection against danger, damage, loss and criminal activity

What is the network layer of security?

The installation and configuration of switches and routers; implementation of VLANs; penetration testing; and virtualization use.

What is risk management?

The process of identifying security issues and deciding which countermeasures to take in reducing risks to an acceptable level

What makes sophisticated attacks dangerous?

The use of common tools make it difficult to distinguish an attack from legitimate traffic. They also vary their behavior, making the same attack appear different each time.

What is the reason for the VOLUME of cybersecurity threats?

There is a high quantity and a variety of attack tools available to anyone for download on the internet.

Why are employee threat agent's so dangerous?

They are the most overlooked and most dangerous threat agents because they have greater access to information assets than anyone in the outside trying to break in.

What is the policies, procedures and awareness layer of security?

User education; manageable network plans; and employee onboarding and off-boarding procedures.

What is a VLAN?

Virtual Local Area Network, allows network admins to limit access to a specific group of workstations

Can a spy operate externally of a company? How?

Yes, they just exploit external vulnerabilities


Set pelajaran terkait

Intermediate Accounting Exam 1 - Chapter 14

View Set

Wrapper Classes - Integer and Double

View Set

Pharmacological and Parenteral Therapies

View Set

Language of Medicine - Ch. 19: Cancer Medicine

View Set

Inquisitive Chapter 5: Civil Rights

View Set

Chapter 13 The spinal cord, spinal nerves, and somatic reflexes

View Set