Introduction to Cybersecurity tools and Cyber attacks

Vulnerabilities are weaknesses in a system that can be exploited. Which are the two (2) most common ways in which vulnerabilities are introduced to a system?

1. Many systems are shipped with known and unknown security holes, such as insecure default settings. 2. Many vulnerabilities occur as a result of misconfiguration by the system administrator.

What three (3) security challenges face today's organizations?

1.Solutions can be attacked themselves 2.Protection of enforcement structure can complicate solutions 3.Security is not as simple as it seems

Which aspect of a comprehensive approach to cybersecurity includes these items: policies, procedures, standards, user education, incident response, disaster recovery, compliance and physical security?

Administrative controls

Which aspect of a comprehensive approach to cybersecurity includes these items: classification, implementation steps, asset control and documentation?

Asset management

The sender and receiver of a message can positively identity each other's identity is an example of which basic security concept?

Authentication

Only the sender and intended receiver of a message can "understand" the message contents is an example of which basic security concept?

Confidentiality

three components of the CIA Triad

Confidentiality, Integrity, And Availability

Question 7 What security role would be responsible for conducting information security assessments for organizations, including analyzing events, alerts and alarms? 1 / 1 point

Information Security Analyst

Most cyber attacks come from which source?

Internal factors, such as current and former employees.

availability

Security actions that ensure that data is accessible to authorized users.

Which aspect of a comprehensive approach to cybersecurity includes these items: network infrastructure, endpoints, servers, identity management, vulnerability management, monitoring and logging?

Technical controls

Which is the National Institute of Standards' (NIST) definition of cybersecurity?

The protection of information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.

"A flaw, loophole, oversight, or error that can be exploited to violate system security policy." Is the definition of which key cybersecurity term?

Vulnerability

"An event, natural or man-made, able to cause a negative impact to an organization." Is the definition of which key cybersecurity term?

Threat

Exploit

is a defined way to breach the security of an IT system through a vulnerability.

vulnerability

is a flaw, loophole, oversight, or error that can be exploited to violate system security policy.

Threat

is an event, natural or man-made, able to cause negative impact to an organization.

Risk

is the probability of an event or that an event could actually happen.

Vulnerability Assessment

is the process of identifying, analyzing, and ranking vulnerabilities in the specific environment.

integrity

making sure that information is always accurate and stays that way.

Confidentiality

the assurance that messages and information are available only to those who are authorized to view them