Topic 1 Flashcards
Introduction to the management of cyber security
What is information security? What essential protections must be in place to protect information systems from danger?
InfoSec is the protection of information and its critical elements, including the systems and hardware that use, store, and transmit the information. The elements of InfoSec that must be in place in order to have “complete” security are physical security, personal security, operations security, communications security, and network security.
What is the CNSS security model. What are its three dimensions?
The CNSS security model is a comprehensive model of InfoSec. It has three dimensions, one of which is composed of the components of the C.I.A. triad. The other dimensions are composed of (1) policy, education, and technology and (2) storage, processing, and transmission. The CNSS model comprises 27 cells, and any security solution must address all of these cells to be considered complete.
Define the InfoSec processes of identification, authentication, authorization, and accountability.
Identification is an information system’s recognition of individual users. It is the first step in a user gaining access to secured information or areas. Authentication occurs when a user provides proof that he or she is who he or she really purports to be. Authorization assures that the user or the computer has been authorized to access specific information. Accountability is in place when a control provides assurance that all activities can be linked or attributed to a certain person or a process.
How does technological obsolescence constitute a threat to information security? How can an organization protect against it?
Technological obsolescence is a security threat caused by management’s potential lack of planning and failure to anticipate the technology needed for evolving business requirements. Technological obsolescence occurs when infrastructure becomes outdated, which leads to unreliable and untrustworthy systems. As a result, an organization risks loss of data integrity from attacks.
One of the best ways to prevent this obsolescence is through proper planning by management. Once discovered, outdated technologies must be replaced. Information technology personnel must help management identify probable obsolescence so that technologies can be replaced or upgraded as needed and in a timely fashion.
What are the three levels of planning? Define each. List the types of InfoSec plans and planning functions.
The three levels of planning are tactical, strategic, and operational. Tactical planning focuses on resource planning by those just under “senior management” to cover a time period of no more than five years. Strategic planning is planning done at the highest level of an organization and usually covers a time period of more than five years. Operational planning is short-term, day-to-day planning of resources.
InfoSec planning includes incident response planning, business continuity planning, disaster recovery planning, policy planning, personnel planning, technology rollout planning, risk management planning, and security program planning.
How has the perception of the hacker changed over recent years? What is the profile of a hacker today?
The classic perception of hackers is frequently glamorized in fictional accounts as people who stealthily manipulate their way through a maze of computer networks, systems, and data to find the information that resolves the dilemma posed in the plot and saves the day. However, in reality, hackers frequently spend long hours examining the types and structures of targeted systems because they must use skill, guile, or fraud to bypass the controls placed on information owned by someone else.
The perception of a hacker has evolved over the years. The traditional hacker profile was a male, aged 13 to 18, with limited parental supervision who spent all his free time at the computer. The current profile of a hacker is a male or female, aged 12 to 60, with varying technical skill levels, and who can be internal or external to the organization. Hackers today can be expert or unskilled. The experts create the software and schemes to attack computer systems, while the novices merely use software created by the experts.
What is ransomware? How does an organization protect against it?
Ransomware is computer software specifically designed to identify and encrypt valuable information in a victim’s system in order to extort payment for the key needed to unlock the encryption. The primary defense against ransomware is a tested and frequently validated backup-and-restore program for all data. In addition, user training to avoid malware infections in general can lower exposure to more specific ransomware attacks
