Chapter 1

Question 1

CIA Triad

Answer 1

Confidentiality, integrity, availability

Question 2

Confidentiality

Answer 2

Unauthorized individuals are not able to gain access to sensitive information

prevent using: fireballs, access control lists, and encryption

Question 3

Integrity

Answer 3

No unauthorized modifications are made to information or systems

Prevent using: basing and integrity monitoring solutions

Question 4

Availability

Answer 4

Information and systems are ready to meet the needs to legitimate users when they are requested

Prevent using: fault tolerance, clustering, and backups

Question 5

Security incidents

Answer 5

Organizations experience a breach of the CIA triad of information or information systems

Question 6

DAD Triad

Answer 6

Three key threats to cybersecurity efforts: disclosure, alteration, denial

Question 7

Disclosure

Answer 7

Exposure if sensitive information to unauthorized individuals, violating confidentiality

Question 8

Alteration

Answer 8

Unauthorized modification of information violating integrity

Question 9

Denial

Answer 9

Unintended disruption of an authorized users legitimate access to information violating availability

Question 10

Data exfiltration

Answer 10

Attacker gains access to sensitive information and removes It from the organization

Question 11

Breach impact

Answer 11

Measured risk by: financial, reputations, strategic, operational, and compliance

Question 12

Financial risk

Answer 12

Risk of monetary damage to the organization

Question 13

Reputational risk

Answer 13

Negative publicity surrounding a breach causes loss of customers, employees, suppliers, and stakeholders

Question 14

Strategic risk

Answer 14

Risk that an organization will become less effective in meeting major goals and objectives

Question 15

Operational risk

Answer 15

Risk to the organizations ability to carry out day to day functions

Question 16

Compliance risk

Answer 16

Security breach causes an organization to run afoul of legal or regulatory requirements

Question 17

Security controls

Answer 17

Specific measures that fulfill the security objectives of an organization

Categories: technical, operational, managerial

Question 18

Technical controls

Answer 18

Enforce CIA in the digital space

Examples: firewall rules, access control lists, intrusion prevention systems, encryption

Question 19

Operational controls

Answer 19

The process to manage technology in a secure manner

Examples: user access reviews, log monitoring, and vulnerability management

Question 20

Managerial controls

Answer 20

Procedures focused in the mechanics of the risk management process

Examples: risk assessment, security planning exercises, incorporation if security into change management/service acquisition/project management practices

Question 21

Preventative controls

Answer 21

Stop a security issue before It occurs

Examples: firewalls, encryption

Question 22

Detective controls

Answer 22

Identify security events that have already occurred

Example: intrusion detection systems

Question 23

Corrective controls

Answer 23

Remediate security issues that have occurred

Example: restoring backups after an attack

Question 24

Deterrent controls

Answer 24

Seek to prevent an attacker from attentions to violate security policies

Example: guard dogs, wired fence

Question 25

Physical controls

Answer 25

Security controls that impact the physical world Example: fences, perimeter lighting, locks, fire suppression, burglar alarm

Question 26

Compensating controls

Answer 26

Designed to mitigate the risk associated with exceptions made to a security policy

Question 27

Data loss prevention (DLP) systems

Answer 27

Search systems for stores of sensitive information that might be unsecured and monitor network traffic for potential attempts to remove sensitive information from the organization Environments: host-based DLP and network DLP

Question 28

Host-based DLP

Answer 28

Uses software agents installed on a system to search for the presence of sensitive information and monitors system configurations and users actions, blocking undesirable actions

Question 29

Network-based DLP

Answer 29

Devices dedicated to sit on the network and monitor outbound network traffic, watching for any transmissions that contain unencrypted sensitive information

Question 30

DLP mechanisms of action

Answer 30

Pattern matching and watermarking

Question 31

Pattern matching

Answer 31

Watch for signs of sensitive information Example: numbers formatted like a credit card or ssn

Question 32

Watermarking

Answer 32

Systems or administrators apply electronic tags to sensitive documents and the DLP system monitors systems and networks for unencrypted content containing those tags

Question 33

Data minimization

Answer 33

Reduce risk by reducing the amount of sensitive information that we maintain on a regular basis

Question 34

De-identification

Answer 34

Removed the ability to link data back to an individual

Question 35

Data obfuscation

Answer 35

Data is transformed into a format where the original information cannot be retrieved Tools: hashing, tokenization, masking

Question 36

Hashing

Answer 36

Transform a value in a dataset to a corresponding hash value

Question 37

Tokenization

Answer 37

Replaced sensitive values with a unique identifier using a look up table

Question 38

Masking

Answer 38

Partially redacts sensitive information by replacing some or all sensitive fields with blank characters Example: credit cards numbers replaced with * except for the last 4 numbers