Chapter 2

Question 1

What is the core duty of cybersecurity?

Answer 1

to identify, mitigate and manage cyber risk to an organization’s digital assets

Question 2

Types of approaches to cybersecurity implementation

Answer 2

Compliance-based
Risk-based
Ad hoc

Question 3

Explain the compliance-based approach

Answer 3

this approach relies on regulations or standards to

determine security implementations

Question 4

Explain the risk-based approach

Answer 4

relies on identifying the unique risk an organization faces and designing and implementing security controls to address that risk

Question 5

Explain the ad hoc approach

Answer 5

an ad hoc approach simply implements security with no particular rationale or criteria

Question 6

What is a risk?

Answer 6

The combination of the probability of an event and its consequence

Question 7

Define Threat

Answer 7

anything that is capable of acting against an asset in a manner that can result in harm

a potential cause of an unwanted incident

Question 8

Define Asset

Answer 8

Something of value that is worth protecting,

ex: people, information, finances

Question 9

What is a vulnerability?

Answer 9

a weakness in the design, implementation or operation of a process that can expose the system to adverse threats

Question 10

Define Residual risk

Answer 10

the remaining risk after management has implemented a risk response

Question 11

Define Inherent risk

Answer 11

the risk level prior to taking action to secure assets

Question 12

What are the criteria for approaching risk?

Answer 12

Risk Tolerance
Size of the environment
Amount of data available

Question 13

Define cyberattack

Answer 13

a cyberattack is a well-defined, advanced, targeted attack that is stealthy

Question 14

Define attack

Answer 14

the actual occurrence of a threat
or
an activity by a threat agent (or adversary) against an asset

Question 15

Define attack vector

Answer 15

the path used to gain access to the target asset

Question 16

attack vector types

Answer 16

ingress and egress

Question 17

ingress

Answer 17

intrusion into a system

Question 18

egress

Answer 18

data exfiltration

Question 19

attack mechanism

Answer 19

method used to deliver the exploit, may involve a payload

Question 20

payload

Answer 20

the container that delivers the exploit to the target

Question 21

malware

Answer 21

malicious code designed to gain access to targeted computer systems, steal information or disrupt computer operations

Question 22

common malware types

Answer 22

viruses
network worms
trojan horses

Question 23

what is a worm?

Answer 23

they carry out routines related to the payload

Question 24

what is a link file?

Answer 24

propagates copies of the worm

Question 25

what is a rootkit?

Answer 25

hides malicious processes to prevent detection

Question 26

what are policies?

Answer 26

required and prohibited activities and behaviors

Question 27

what are standards?

Answer 27

Interpretation of policies in specific situations

Question 28

what are procedures?

Answer 28

details on how to comply with policies and standards

Question 29

what are guidelines?

Answer 29

general guidance on issues such as “what to do in particular circumstances.” These are not requirements to be met, but are strongly recommended.

Question 30

What are the 5 attack attributes(steps)

Answer 30

``` Attack vector Payload Exploit Vulnerability Target Asset ```