Fundamental of Security

Question 1

Threat

What is a threat in the context of information technology systems?

Answer 1

Anything that could cause harm, loss, damage, or compromise to our information technology systems.

Question 2

Threat

What are some sources of threats to information technology systems?

Answer 2

• Natural disasters
• Cyber-attacks
• Data integrity breaches
• Disclosure of confidential information

Question 3

Vulnerability

What is a vulnerability?

Answer 3

Any weakness in the system design or implementation

Vulnerabilities can lead to security breaches and exploitation by attackers.

Question 4

Vulnerability

What are internal factors that can lead to vulnerabilities?

Answer 4

• Software bugs
• Misconfigured software
• Improperly protected network devices
• Missing security patches
• Lack of physical security

These factors can significantly compromise the security of a system.

Question 5

Vulnerability

What is risk management?

Answer 5

Finding different ways to minimize the likelihood of an outcome and achieve the desired outcome.

Risk management involves identifying, assessing, and prioritizing risks followed by coordinated efforts to minimize, monitor, and control the probability or impact of unfortunate events.

Question 6

Confidentility

What does confidentiality refer to?

Answer 6

The protection of information from unauthorized access and disclosure

Confidentiality is crucial in various fields, including healthcare, business, and data management.

Question 7

Confidentility

Why is confidentiality important? List the main reasons.

Answer 7

• To protect personal privacy
• To maintain a business advantage
• To achieve regulatory compliance

These reasons highlight the necessity of confidentiality in both personal and organizational contexts.

Question 8

Confidentility

What is encryption?

Answer 8

The process of converting data into a code to prevent unauthorized access

Encryption is a key method for ensuring data confidentiality.

Question 9

Confidentility

What do access controls do?

Answer 9

Set up strong user permissions to ensure that only authorized personnel can access certain types of data

Access controls are essential for maintaining the integrity of sensitive information.

Question 10

Confidentility

What is data masking?

Answer 10

A method that obscures specific data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity for authorized users

Data masking is often used in testing and development environments.

Question 11

Confidentility

What are physical security measures?

Answer 11

Measures that ensure confidentiality for both physical types of data, such as paper records, and for digital information contained on servers and workstations

Physical security is a critical aspect of overall data protection strategies.

Question 12

Confidentility

What is the purpose of training and awareness in confidentiality?

Answer 12

To conduct regular training on security awareness best practices that employees can use to protect their organization’s sensitive data

Ongoing training helps build a culture of security within an organization.

Question 13

Integrity

What does integrity help ensure regarding information and data?

Answer 13

Integrity helps ensure that information and data remain accurate and unchanged from its original state unless intentionally modified by an authorized individual.

Question 14

Integrity

What are the three main reasons why integrity is important?

Answer 14

• To ensure data accuracy
• To maintain trust
• To ensure system operability

Question 15

Integrity

What is hashing?

Answer 15

Hashing is the process of converting data into a fixed-size value.

Question 16

Integrity

What do digital signatures ensure?

Answer 16

Digital signatures ensure both integrity and authenticity.

Question 17

Integrity

What is the purpose of checksums?

Answer 17

Checksums are a method to verify the integrity of data during transmission.

Question 18

Integrity

What do access controls ensure?

Answer 18

Access controls ensure that only authorized individuals can modify data, reducing the risk of unintentional or malicious alterations.

Question 19

Integrity

What do regular audits involve?

Answer 19

Regular audits involve systematically reviewing logs and operations to ensure that only authorized changes have been made and any discrepancies are immediately addressed.

Question 20

Integrity

Fill in the blank: Integrity verifies the accuracy and trustworthiness of data over its _______.

Answer 20

lifecycle

Question 21

Availability

What is the primary goal of ensuring availability in cybersecurity?

Answer 21

To ensure that information, systems, and resources are accessible and operational when needed by authorized users.

Question 22

Availability

List three reasons why availability is valued by cybersecurity professionals.

Answer 22

• Ensuring Business Continuity
• Maintaining Customer Trust
• Upholding an Organization’s Reputation

Question 23

Availability

What is the best strategy to overcome challenges associated with maintaining availability?

Answer 23

To use redundancy in your systems and network designs.

Question 24

Availability

What is server redundancy?

Answer 24

Using multiple servers in a load balanced or failover configuration to ensure support for end users if one server fails.

Question 25

# Availability What does data redundancy involve?

Answer 25

Storing data in multiple places.

Question 26

# Availability What is the purpose of network redundancy?

Answer 26

To ensure that if one network path fails, the data can travel through another route.

Question 27

# Availability What does power redundancy entail?

Answer 27

Using backup power sources, like generators and UPS systems.

Question 28

# Non-Repudiation What is non-repudiation?

Answer 28

Focused on providing undeniable proof in the world of digital transactions

Question 29

# Non-Repudiation What is the main purpose of non-repudiation?

Answer 29

Ensures individuals or entities involved in a communication or transaction cannot deny their participation or the authenticity of their actions

Question 30

# Non-Repudiation What are digital signatures?

Answer 30

Considered to be unique to each user who is operating within the digital domain

Question 31

# Non-Repudiation How is a digital signature created?

Answer 31

By hashing a particular message or communication and then encrypting that hash digest with the user’s private key using asymmetric encryption

Question 32

# Non-Repudiation List the three main reasons why non-repudiation is important.

Answer 32

* To confirm the authenticity of digital transactions * To ensure the integrity of critical communications * To provide accountability in digital processes

Question 33

# Authentication What is authentication?

Answer 33

Security measure that ensures individuals or entities are who they claim to be during a communication or transaction.

Question 34

# Authentication What is the Knowledge Factor in authentication?

Answer 34

Relies on information that a user can recall.

Question 35

# Authentication What does the Possession Factor refer to in authentication?

Answer 35

Relies on the user presenting a physical item to authenticate themselves.

Question 36

# Authentication Define the Inherence Factor in authentication.

Answer 36

Relies on the user providing a unique physical or behavioral characteristic of the person to validate that they are who they claim to be.

Question 37

# Authentication What is the Action Factor in authentication?

Answer 37

Relies on the user conducting a unique action to prove who they are.

Question 38

# Authentication Explain the Location Factor in authentication.

Answer 38

Relies on the user being in a certain geographic location before access is granted.

Question 39

# Authentication What is a Multi-Factor Authentication System (MFA)?

Answer 39

Security process that requires users to provide multiple methods of identification to verify their identity.

Question 40

Why is authentication critical?

Answer 40

To prevent unauthorized access, protect user data and privacy, and ensure that resources are accessed by valid users only.

Question 41

# Authorization What does authorization pertain to?

Answer 41

Permissions and privileges granted to users or entities after authentication

Question 42

# Authorization True or False: Authorization is only concerned with user authentication.

Answer 42

False

Question 43

# Authorization List three purposes of authorization mechanisms.

Answer 43

* To protect sensitive data * To maintain system integrity * To create a more streamlined user experience

Question 44

# Accounting What is accounting in the context of cybersecurity?

Answer 44

A security measure that ensures all user activities during a communication or transaction are properly tracked and recorded.

Question 45

# Accounting What is the purpose of creating an audit trail?

Answer 45

Provides a chronological record of all user activities that can be used to trace changes, unauthorized access, or anomalies back to a source or point in time.

Question 46

# Accounting How does accounting maintain regulatory compliance?

Answer 46

Maintains a comprehensive record of all users’ activities.

Question 47

# Accounting What is forensic analysis in accounting?

Answer 47

Uses detailed accounting and event logs that can help cybersecurity experts understand what happened, how it happened, and how to prevent similar incidents from occurring again.

Question 48

# Accounting What is the goal of resource optimization in accounting?

Answer 48

Organizations can optimize system performance and minimize costs by tracking resource utilization and allocation decisions.

Question 49

# Accounting What does user accountability in accounting ensure?

Answer 49

A thorough accounting system ensures users’ actions are monitored and logged, deterring potential misuse and promoting adherence to the organization’s policies.

Question 50

# Accounting What technology is used to aggregate logs from various network devices?

Answer 50

Syslog Servers.

Question 51

# Accounting What is the function of network analysis tools?

Answer 51

Used to capture and analyze network traffic to gain detailed insights into all the data moving within a network.

Question 52

# Accounting What do Security Information and Event Management (SIEM) Systems provide?

Answer 52

Real-time analysis of security alerts generated by various hardware and software infrastructure in an organization.

Question 53

# Accounting Fill in the blank: A robust accounting system helps to create an _______.

Answer 53

audit trail.

Question 54

# Accounting True or False: Forensic analysis is used to prevent similar incidents from occurring again.

Answer 54

True.

Question 55

# Security Control What are Technical Controls?

Answer 55

Technologies, hardware, and software mechanisms that are implemented to manage and reduce risks ## Footnote Technical controls focus on the use of technology to mitigate security threats.

Question 56

# Security Control What are Managerial Controls?

Answer 56

Also referred to as administrative controls, they involve the strategic planning and governance side of security ## Footnote Managerial controls are essential for setting the framework of security policies.

Question 57

# Security Control What are Operational Controls?

Answer 57

Procedures and measures designed to protect data on a day-to-day basis, governed by internal processes and human actions ## Footnote Operational controls ensure that security practices are followed in daily operations.

Question 58

# Security Control What are Physical Controls?

Answer 58

Tangible, real-world measures taken to protect assets ## Footnote Physical controls include locks, security guards, and surveillance systems.

Question 59

# Security Control Type What are Preventive Controls?

Answer 59

Proactive measures implemented to thwart potential security threats or breaches ## Footnote Examples include firewalls and access controls.

Question 60

# Security Control Type What is the purpose of Deterrent Controls?

Answer 60

Discourage potential attackers by making the effort seem less appealing or more challenging ## Footnote Examples include security signage and visible surveillance cameras.

Question 61

# Security Control Type What do Detective Controls do?

Answer 61

Monitor and alert organizations to malicious activities as they occur or shortly thereafter ## Footnote Examples include intrusion detection systems and security audits.

Question 62

# Security Control Type What are Corrective Controls?

Answer 62

Mitigate any potential damage and restore our systems to their normal state ## Footnote Examples include data backups and incident response plans.

Question 63

# Security Control Type Define Compensating Controls.

Answer 63

Alternative measures that are implemented when primary security controls are not feasible or effective ## Footnote Examples include additional monitoring when a firewall is not possible.

Question 64

# Security Control Type What are Directive Controls?

Answer 64

Guide, inform, or mandate actions, often rooted in policy or documentation and set the standards for behavior within an organization ## Footnote Examples include security policies and procedures.

Question 65

# Gap Analysis What is Gap Analysis?

Answer 65

Process of evaluating the differences between an organization's current performance and its desired performance ## Footnote Gap analysis helps organizations improve operations, processes, performance, or overall security posture.

Question 66

# Gap Analysis What are the steps involved in conducting a gap analysis?

Answer 66

* Define the scope of the analysis * Gather data on the current state of the organization * Analyze the data to identify performance shortfalls * Develop a plan to bridge the gap ## Footnote These steps ensure a systematic approach to identifying and addressing gaps.

Question 67

# Gap Analysis What is a Technical Gap Analysis?

Answer 67

Involves evaluating an organization's current technical infrastructure ## Footnote It identifies areas where the organization lacks the technical capabilities required to fully utilize their security solutions.

Question 68

# Gap Analysis What is a Business Gap Analysis?

Answer 68

Involves evaluating an organization's current business processes ## Footnote It identifies areas where the organization falls short of the capabilities required to fully utilize cloud-based solutions.

Question 69

# Gap Analysis What does POA&M stand for?

Answer 69

Plan of Action and Milestones ## Footnote POA&M outlines specific measures to address vulnerabilities.

Question 70

# Gap Analysis What are the components of a POA&M?

Answer 70

* Outlines the specific measures to address each vulnerability * Allocate resources * Set up timelines for each remediation task ## Footnote These components help in effective management of remediation efforts.

Question 71

# Gap Analysis True or False: Gap analysis can help improve an organization's security posture.

Answer 71

True ## Footnote Conducting gap analysis is valuable for enhancing overall security.

Question 72

# Gap Analysis Fill in the blank: The first step in conducting a gap analysis is to _______.

Answer 72

[Define the scope of the analysis] ## Footnote Defining the scope sets the boundaries for the analysis.

Question 73

# Gap Analysis What is the purpose of analyzing data in a gap analysis?

Answer 73

To identify any areas where the organization's current performance falls short of its desired performance ## Footnote This analysis is crucial for developing effective improvement plans.

Question 74

# Zero Trust What does Zero Trust demand for every device, user, and transaction within the network?

Answer 74

Verification regardless of its origin.

Question 75

# Zero Trust What are the two different planes used to create a Zero Trust architecture?

Answer 75

Control Plane and Data Plane.

Question 76

# Zero Trust What is the Control Plane in Zero Trust architecture?

Answer 76

The overarching framework and components responsible for defining, managing, and enforcing access policies.

Question 77

# Zero Trust What key element of the Control Plane relies on real-time validation?

Answer 77

Adaptive Identity.

Question 78

# Zero Trust What does Adaptive Identity take into account?

Answer 78

User's behavior, device, location, and more.

Question 79

# Zero Trust What is the purpose of Threat Scope Reduction in Zero Trust?

Answer 79

Limits users' access to only what they need for their work tasks.

Question 80

# Zero Trust How does Threat Scope Reduction minimize risks?

Answer 80

By reducing the network’s potential attack surface and minimizing the 'blast radius' of a breach.

Question 81

# Zero Trust What does Policy-Driven Access Control entail?

Answer 81

Developing, managing, and enforcing user access policies based on roles and responsibilities.

Question 82

# Zero Trust What are Secured Zones in a network?

Answer 82

Isolated environments designed to house sensitive data.

Question 83

# Zero Trust What are the two components of the Control Plane that make access decisions?

Answer 83

Policy Engine and Policy Administrator.

Question 84

# Zero Trust What is the function of the Policy Engine?

Answer 84

Cross-references the access request with predefined policies.

Question 85

# Zero Trust What does the Policy Administrator do?

Answer 85

Establishes and manages access policies.

Question 86

# Zero Trust What does the Data Plane consist of?

Answer 86

Subject/System and Policy Enforcement Point.

Question 87

# Zero Trust What does Subject/System refer to in the Data Plane?

Answer 87

The individual or entity attempting to gain access.

Question 88

# Zero Trust What is the Policy Enforcement Point?

Answer 88

Where the decision to grant or deny access is executed.