Intro to Cybersecurity (2) Flashcards
(84 cards)
What are the four types of Computer Security?
Cybersecurity, Information Security, Application Security, Network Security
These categories help structure the approaches to securing different aspects of computer systems.
What are considered assets in the context of security?
Hardware, Software, Data, People
Identifying and valuing these assets is crucial for effective protection.
Define vulnerability in cybersecurity.
A weakness that can be exploited
Examples include flaws in design or implementation that threat actors can take advantage of.
What is the C-I-A triad?
Confidentiality, Integrity, Availability
These are the three pillars of information security that govern practices for security.
What does confidentiality mean in the C-I-A triad?
Assets are viewed by authorized people only.
What does integrity mean in the C-I-A triad?
The system ensures that assets can be modified only by authorized people.
What does availability mean in the C-I-A triad?
Data is accessible for authorized users.
What is authentication in cybersecurity?
The process of verifying that an identity matches the person.
What is accountability in cybersecurity?
The ability of the system to confirm that a sender cannot deny an action.
List the four acts that can harm the CIA of computer assets.
- Interception
- Modification
- Fabrication
- Availability loss
Each act represents a potential threat to the confidentiality, integrity, and availability of data.
What are the three basic actions a person or system can perform?
- Viewing
- Modifying
- Using
What type of threat is an Advanced Persistent Threat (APT)?
A threat from wealthy, organized, sophisticated hackers.
What is risk management in cybersecurity?
Controlling threats and using resources to minimize damages.
What three elements do malicious hackers need to succeed?
- Method
- Opportunity
- Motive
What is the method in the context of a successful cyber attack?
The skills and tools that hackers use.
What does opportunity refer to in a cyber attack?
The time and access available to attack.
What are controls and countermeasures?
Ways to counter threats and protect against them.
What is the difference between identification and authentication?
Identification is recognizing a person, while authentication is proving who they are.
List three methods of authentication.
- Knowledge (e.g., passwords)
- Biometric (e.g., fingerprints)
- Possession (e.g., identity badges)
Each method has its own strengths and weaknesses.
What is a dictionary attack?
An attack using commonly used words or phrases to crack passwords.
What is a brute force attack?
An attack that guesses the password until the correct one is found.
What is credential stuffing?
An attack where stolen information from one website is used to access other websites.
What are some advantages of using biometrics for authentication?
- Less likely to be stolen
- More convenient
- Cannot be forgotten
- Difficult to replicate
Biometrics offer a higher level of security compared to traditional methods.
What are some problems associated with biometrics?
- False positives
- False negatives
- Privacy concerns
- Expensive to implement
These issues can hinder the widespread adoption of biometric systems.