Foundations of Data Protection and IT Security

Question 1

What is the difference between Information Security and Cyber Security?

Answer 1

Information Security: is used to secure data in its analogous form.
Cyber Security: tries to protect information that is vulnerable through the use of information and communication technology.

Question 2

What are the CIA triad of Cyber Security?

Answer 2

Cyber Security is put in place to protect the confidentiality, integrity, and availability of information.

Question 3

Define Confidentiality in Cyber Security?

Answer 3

It means that information is only made available to those authorized to have access.

Question 4

What could be the Consequences of an Attack on Confidentiality!

Answer 4

An attack on confidentiality could lead to the unintended disclosure of a customer database that is stored on a cloud storage space.

Question 5

Define Integrity in Cyber Security?

Answer 5

The maintenance and assurance of the accuracy and completeness of information over its entire life cycle.

Question 6

Give an example of an Attack on Integrity!

Answer 6

A hacker who, changes marks in a university information system to increase a student’s grades.

Question 7

Give an example of an Attack on Integrity!

Answer 7

A hacker who, changes marks in a university information system to increase a student’s grades.

Question 8

Give an example of an Attack on Availability!

Answer 8

distributed denial of service (DDoS), rendering the system unavailable for use.

Question 9

Give an example of an Attack on Availability!

Answer 9

distributed denial of service (DDoS)

Question 10

What is Resilience in Cyber Security?

Answer 10

Ensures that systems are built to withstand an attack or outage.

Question 11

What is Authenticity in Cyber Security?

Answer 11

Ensures that personnel and users are who the say the are.

Question 12

What is Authenticity in Cyber Security?

Answer 12

Ensures that personnel and users are who the say the are.

Question 13

What is Non repudiation in Cyber Security?

Answer 13

Means that a person cannot deny having taken action.

Question 14

What does a structured risk management process, consists of?

Answer 14

• identification of risk,
• analysis of risk,
• mitigation of risk
• reporting risks.

Question 15

What are the eight cyber security domains according to (ISC)^2?

Answer 15

• security and risk management.
• asset security
• security architecture and engineering.
• communication and network security.
• identity and access management.
• security assessment and testing.
• security operations.
• software development security.

Question 16

What is the role of Governance in cyber security?

Answer 16

it is used to proactively manage cyber security and implement and monitor necessary controls, but it must also align with the business in relation to the goals of the cyber security program.

Question 17

What is the role of Governance in cyber security?

Answer 17

it is used to proactively manage cyber security and implement and monitor necessary controls.

Question 18

What is the role of Risk Management in cyber security?

Answer 18

It helps to identify, assess, and mitigate cyber security risks, as will as implement adequate controls in order to bring risks to a tolerable level.

Question 19

What is social engineering?

Answer 19

It is an Attack vector that manipulates people into performing actions that could harm an organization.

Question 20

State some examples of social engineering attacks?

Answer 20

• phishing emails,
• unsolicited phone calls
• impersonation attacks

Question 21

What makes up a security awareness program?

Answer 21

Awareness, training, and certification

Question 22

What is Identity and Access Management?

Answer 22

Identity and access management ensures that users in an organization are identified and manages users’ access to resources.

Question 23

What is IAAA?

Answer 23

“Identification” means that a user states who they are. This can be achieved by typing in a username or stating one’s name at an entrance gate.

“Authentication” is the process where a user shows that they are the individual they claimed to be in step one. This should be done by presenting multiple factors, as one factor could be easily be compromised. There are five different factors:

Something you know: Type 1 authentication (passwords, pass phrase, PIN, etc.)

Something you have: Type 2 authentication (ID, passport, smart card, token, cookie on PC, etc.)

Something you are: Type 3 authentication (biometrics such as a fingerprint, iris scan, facial geometry, etc.)

Somewhere you are: Type 4 authentication (IP/MAC address)

Something you do: Type 5 authentication (signature, pattern unlock)

“Authorization” checks which resources a user has access to. This is done via RBAC, DAC, or MAC and ACLs.

“Accountability” ensures that an audit trail, such as a log, exists. It traces the actions of users and records what they have done to prove their non-repudiation.

Question 24

State some developments in Firewalls.

Answer 24

First generation firewalls, or packet filter firewalls, inspect each packet and filter it based on specific rules, usually on IP addresses and ports.

Second generation firewalls, or stateful filters, also maintain information based on the connection between two hosts.

Third generation firewalls, or application firewalls, understand certain applications and their vulnerabilities so that they can protect them.

Next generation firewalls (NGFW) can inspect connections on a deeper level. Intrusion Prevention Systems (IPS) learn from the behavior of hosts and network connections so that they can prevent attacks.

Question 25

What is a typical life cycle of an incident Management?

Answer 25

1. Preparation
2. Detection and analysis
3. Containment, eradication, and recovery
4. Post-incident activity

Question 26

What is a typical life cycle of an incident?

Answer 26

1. Preparation
2. Detection and analysis
3. Containment, eradication, and recovery
4. Post-incident activity

Question 27

What is Data privacy?

Answer 27

It refers to the conflict faced when protecting the privacy of individuals as well as processing their data

Question 28

What are The basic principles of data protection?

Answer 28

1. Consent and choice
2. Purpose legitimacy and specification
3. Collection limitation
4. Data minimization
5. Use, retention, and disclosure limitation
6. Accuracy and quality
7. Openness, transparency, and notice
8. Individual participation and access
9. Accountability
10. Information security
11. Privacy compliance

Question 29

What is Cryptography?

Answer 29

It is the Study of secure communication.

Question 30

Define the terminology of cryptography.

Answer 30

“Plaintext” is the name of the message before any encryption is applied, when it is still readable by computers or humans.

“Encryption” is the process of encoding a message so that it cannot be accessed by anyone without the authorization to do so.

“Ciphertext” is the name for the encrypted message.

“Cipher” is the algorithm that encrypts and decrypts the plaintext.

“Decryption” is the process used to apply the cipher to the ciphertext, resulting in the plaintext.

The “key” is the name of the code that, together with the cipher, allows the encryption and decryption of the plaintext and ciphertext.

Question 31

What is does the Term “security by obscurity” means?

Answer 31

It means a cryptographic system can be compromised by knowing the cipher.

Question 32

What is symmetric cryptography?

Answer 32

It is using one key to encrypt and decrypt a Plaintext.

Question 33

What is Asymmetric cryptography?

Answer 33

It is using one public key, known to everyone, and one private key that is secret. The public key can be used to encrypt a message to a person and the private key can be used to decrypt it.

Question 34

State some examples of symmetric cryptography

Answer 34

AES and 3DES

Question 35

State some examples of Asymmetric cryptography

Answer 35

RSA and ECC

Question 36

What does FISMA requires from federal agencies?

Answer 36

1. Plan for security.
   2. Ensure that appropriate officials are assigned security responsibility.
2. Periodically review the security controls in their systems.
3. Authorize system processing prior to operations and periodically thereafter (Hansche, 2005).

Question 37

What does ENISA approach consists of?

Answer 37

recommendations regarding cyber security and independent advice,

activities that support policy-making and implementation,

hands-on work where ENISA collaborates directly with operational teams throughout the EU,

unity of EU communities and coordination of the response to large scale cross-border cyber security incidents, and

composition of cyber security certification schemes (ENISA, n.d.).

Question 38

Give examples of operators of essential services (OESs)?

Answer 38

OESs provide services such as energy utilities, food supply, and financial services

Question 39

What is the risk based approach of the NIS?

Answer 39

Prevent risks. This includes technical and organizational measures that are appropriate and proportionate to the risk.

Ensure security of network and information systems. This includes measures to ensure a level of security around the network and information systems that is appropriate to the risks (European Commission, 2016).