Bascs

Question 1

Where was organizational data typically stored 10 years ago?

Answer 1

A: On systems owned by and physically inside the organization.

Question 2

Where is organizational data stored now?

Answer 2

In the cloud, internet applications, personal computers, mobile devices, and third-party service providers.

Question 3

Why is cybersecurity important?

Answer 3

Because organizational systems are connected to the internet and vulnerable to attacks from malicious actors.

Question 4

Who are the malicious actors in cybersecurity?

Answer 4

Criminals, competitors, and sometimes other countries.

Question 5

What are the three ways malicious actors harm organizations?

Answer 5

Unauthorized access to confidential information.

Making information unavailable to the organization.

Tampering with an organization’s information.

Question 6

What is cybersecurity?

Answer 6

The practice of protecting internet-connected organizations from malicious attacks and user accidents.

whether online or offline.

Question 7

Does cybersecurity have an official definition?

Answer 7

No, but different organizations define it in various ways.

Question 8

What does US NIST stand for?

Answer 8

U.S. National Institute of Standards and Technology

Question 9

How does the US NIST define cybersecurity?

Answer 9

As protecting systems and data from malicious attacks.

Question 10

UK NCSC

Answer 10

UK National Cyber Security Centre

Question 11

How does the UK NCSC define cybersecurity?

Answer 11

As protecting systems from both malicious attacks and user-related security failures (intentional or accidental).

Question 12

What is information security

Answer 12

The discipline of protecting all of an organization’s data, including both digital and physical information.

Question 13

How is cybersecurity related to information security?

Answer 13

Cybersecurity is a subset of information security, which protects all organizational data.

Question 14

Do people use the terms cybersecurity and information security interchangeably?

Answer 14

Yes, even though cybersecurity is technically a subset of information security.

Question 15

How are modern organizational systems different from older ones?

Answer 15

They are highly interconnected and spread across various platforms, including cloud services and third-party providers.

Question 16

What role do third-party service providers play in cybersecurity?

Answer 16

They store and process organizational data, making them potential targets for cyber threats.

Question 17

What is social engineering in cybersecurity?

Answer 17

Manipulating users into breaking security protocols, often by pretending to be a trusted source.

Question 18

How can users accidentally cause cybersecurity risks?

Answer 18

By failing to follow security procedures or being tricked into bypassing them.

Question 19

What is the lifeblood of an organization?

Answer 19

Data, which needs to be available, accurate, and accessible only by the right people.

Question 20

What are the key terms in cybersecurity related to data protection?

Answer 20

Availability: Ensuring data is there when needed.
Integrity: Ensuring data is accurate and hasn’t been tampered with.
Confidentiality: Ensuring data is only accessed by the right people.

Question 21

What is an information asset in cybersecurity?

Answer 21

A set of data that holds value for an organization, such as customer purchase history.

Question 22

Where can information assets be found in a system?

Answer 22

They can be found in multiple systems, such as an accounting system, customer relationship management system, or a database.

Question 23

What does protecting information assets involve?

Answer 23

It involves protecting both the data and the systems that store, process, and transmit that data.

Question 24

What is a vulnerability in a computer system?

Answer 24

A weakness in a system that can be exploited by cyber attackers to make the system do what the attacker wants.

Question 25

Can all computer systems have vulnerabilities?

Answer 25

Yes, all systems have vulnerabilities, ranging from simple ones to more complex ones that require significant effort to exploit.

Question 26

Can vulnerabilities be found in different areas of a system?

Answer 26

Yes, vulnerabilities can exist in hardware, operating systems, applications, and even in people.

Question 27

What is a malicious threat actor trying to do?

Answer 27

They aim to exploit vulnerabilities to gain unauthorized access to a system.

Question 28

What are controls in cybersecurity?

Answer 28

Technical and procedural actions taken by an organization to defend against cyberattacks, such as buying software, hardware, services, or training.

Question 29

Why are controls important in cybersecurity?

Answer 29

They help mitigate vulnerabilities, making it harder for attackers to succeed and ensuring that those who do succeed are detected quickly.

Question 30

How does the probability of a cyberattack's success depend on system vulnerabilities?

Answer 30

It depends on the number and significance of the vulnerabilities in the system and the effectiveness of the controls in place to reduce the chance of a successful attack.

Question 31

What is the ultimate goal of cybersecurity?

Answer 31

To protect the confidentiality, integrity, and availability of an organization's information assets from malicious actors.

Question 32

What can happen if the confidentiality, integrity, or availability of an information asset is affected?

Answer 32

The organization could experience operational, financial, regulatory, or reputational impacts.

Question 33

Why do some assets need more protection than others?

Answer 33

Because some assets are more valuable to the organization and more attractive to malicious actors, depending on the asset's value and the actor's intent.

Question 34

What makes an asset more attractive to malicious actors?

Answer 34

The motives and intent of the attacker. For example, criminals often target financial systems or valuable information that can be monetized.

Question 35

What are some examples of assets criminals might target?

Answer 35

Financial or money transfer systems Payment card data Management information that could affect share prices Confidential information that can be sold

Question 36

What do competitors or other countries typically want to steal?

Answer 36

They are interested in stealing information for their own purposes, such as gaining a competitive advantage or national security benefits.

Question 37

What is a cyber threat?

Answer 37

Any malicious actor who attempts to affect the confidentiality, integrity, or availability of an organization's information assets.

Question 38

Why is understanding the motivation and intent of a malicious actor important?

Answer 38

It helps estimate the probability of an attack occurring and the potential impact it would have on the organization.

Question 39

What is the purpose of a cyber risk assessment?

Answer 39

To identify which information assets are most at risk and prioritize protection efforts based on the likelihood of attack and potential damage.

Question 40

Why would a defense contractor be more worried about another nation stealing its secrets than a criminal attacking its payment system?

Answer 40

Because stealing secrets would have a higher impact on the organization's operations and security than a financial attack.

Question 41

How should an organization invest in cybersecurity?

Answer 41

By investing more in protecting information assets that malicious actors are most likely to target and that would cause significant harm if attacked.

Question 42

What is the next step after identifying a threat actor’s interest in assets?

Answer 42

We need to understand how vulnerable our systems and information assets are to attack and assess how likely it is that an attack would succeed.

Question 43

What are the three main ways attackers gain unauthorized access to a system?

Answer 43

Exploiting a misconfiguration. Taking advantage of software vulnerabilities. Using the username and password of a real, authorized user.

Question 44

What is a denial-of-service (DoS) attack?

Answer 44

An attack where the attacker overloads the system with requests, making it unavailable to legitimate users. It can also be a precursor to extorting money.

Question 45

Can denial-of-service attacks happen without accessing the system?

Answer 45

Yes, attackers can overload the system by making numerous simultaneous legitimate requests.

Question 46

Where can attackers launch an attack on a system?

Answer 46

From systems the organization exposes on the internet. From inside the organization's network, typically by tricking the system into executing a malicious program.

Question 47

How do attackers trick a system or user into running malicious software?

Answer 47

They use tactics like sending infected email attachments, phishing links, or tricking users into revealing credentials on fraudulent websites.

Question 48

What is phishing in cybersecurity?

Answer 48

A technique where attackers trick users into divulging their credentials or running malicious programs through deceptive emails or websites.

Question 49

For an attacker to succeed, what must be vulnerable in an organization?

Answer 49

The organization's systems, software, or people must have vulnerabilities that can be exploited by the attacker.