Overview Flashcards Preview

Cybersecurity > Overview > Flashcards

Flashcards in Overview Deck (26)
Loading flashcards...
1
Q

What is “the protection of information assets by addressing threats to information processed, stored and transported by internetworked information systems.” ?

A

cybersecurity

2
Q

What are attacks by an adversary who possesses sophisticated levels of expertise and significant resources, which allow the attacker to create opportunities to achieve its objectives using multiple attack vectors.

A

Advanced Persistent Threats (APTs),

3
Q

What are some of the factors (6) that can impact security, such as:

A
  • Platforms and tools used
  • Network connectivity (internal, third-party, public)
  • Level of IT complexity
  • Operational support for security
  • User community and capabilities
  • New or emerging security tools
4
Q

When evaluating business plans and the general business environment, consider drivers (7) such as:

A
  • Nature of business
  • Risk tolerance
  • Security profile
  • Industry trends for security
  • Mergers, acquisitions and partnerships
  • Consider type, frequency & level of integration
  • Outsourcing services or providers
5
Q

Cybersecurity addresses both internal and external threats to an organization’s digital information assets by focusing on what (4)?

A

critical electronic data processes,
signal processing,
risk analytics and
information system security engineering.

6
Q

Estimated information security jobs available are expected by 2018

A

over 4.2 million

7
Q

Information security deals with information, regardless of its format—it encompasses paper documents, digital and intellectual property in people’s minds, and verbal or visual communications. Cybersecurity, on the other hand, is concerned with protecting _________

A

digital assets

8
Q

What does ENISA stand for?

A

European Union Agency for Network and Information Security

9
Q

NIST and ENISA have identified five key functions necessary for the protection of digital assets:

A
  • Identify: Use organizational understanding to minimize risk to systems, assets, data and capabilities.
  • Protect: Design safeguards to limit the impact of potential events on critical services and infrastructure.
  • Detect: Implement activities to identify the occurrence of a cybersecurity event.
  • Respond: Take appropriate action after learning of a security event.
  • Recover: Plan for resilience and the timely repair of compromised capabilities and services.
10
Q

To better understand cybersecurity and the protection of cyberassets, it is helpful to consider three key
concepts that are used to guide security policies. The concepts are:

A
  • Confidentiality - protection of information from unauthorized access or disclosure.
  • Integrity - protection of information from unauthorized modification.
  • Availability - ensures the timely and reliable access to and use of information and systems.
11
Q

Confidentiality can be preserved using the following methods:

A
  • Access Controls
  • File Permissions
  • Encryption
12
Q

Integrity can be preserved using the following methods:

A
  • Access controls
  • Logging
  • Digital Signatures
  • Hashes
  • Encryptions
13
Q

Availability can be preserved using the following methods:

A
  • Redundancy
  • Backups
  • Access Controls
14
Q

Nonrepudiation refers to the concept that a message or other piece of information is _______.

A

genuine.

15
Q

Nonrepudiation is implemented through _______.

A

1) transactional logs and

2) digital signatures.

16
Q

The highest level of organizational structure to protect their assets and operations is generally referred to as ________ (GRC)

A

governance,
risk management and
compliance

17
Q

Governance is the responsibility of the board of directors and senior management of the organization. A governance program has several goals:

A
  • Provide strategic direction
  • Ensure that objectives are achieved
  • Ensure risk is being managed appropriately
  • Verify that resources are being used responsibly
18
Q

The board should periodically be provided with the high-level results of comprehensive _________

A

risk assessments and

business impact analyses (BIAs),

19
Q

As opposed to being the decision maker, the manager’s role in this situation is often constrained to presentation of _____________

A

options and

key decision support information.

20
Q

Generally, the cybersecurity manager will be responsible for: (10)

A
  • Developing the security strategy
  • Overseeing the security program and initiatives
  • Coordinating with business process owners
  • Ensuring that risk and BIAs are conducted
  • Developing risk mitigation strategies
  • Enforcing policy and regulatory compliance
  • Monitoring utilization & effectiveness of resources
  • Developing & implementing monitoring and metrics
  • Directing and monitoring security activities
  • Managing cybersecurity incidents and their remediation, as well as incorporating lessons learned
21
Q

The cybersecurity domains covered in this guide are as follows: (5)

A
  • Cybersecurity Concepts
  • Security Architecture Principles
  • Security of Networks, Systems, Applications & Data
  • Incident Response
  • Security Implications & Adoption of Evolving Tech
22
Q

The Cybersecurity Concepts domain provides discussion of critical concepts such as: (4)

A
  • Basic risk management
  • Common attack vectors and threat agents
  • Patterns and types of attacks
  • Types of security policies and procedures
  • Cybersecurity control processes
23
Q

The Security Architecture Principles domain provides information that helps security professionals identify and apply the principles of security architecture. It discusses a variety of topics, including:

A
  • Common security architectures and frameworks
  • System topology and perimeter concepts
  • Firewalls and encryption
  • Isolation and segmentation
  • Methods for monitoring, detection and logging
24
Q

The Security of Networks, Systems, Applications & Data domain addresses basic system hardening techniques and security measures, including:

A

• Process controls
- Risk assessments
- Vulnerability management
- Penetration testing
• Best practices for securing
- System & application security threats & vulnerabilities
- Effective controls for managing vulnerabilities

25
Q

The Incident Response domain articulates the critical distinction between an event and an incident. More importantly, it outlines the steps necessary when responding to a cybersecurity incident. In doing so, it covers the following topics:

A
  • Incident categories
  • Disaster recovery and business continuity plans
  • Steps of incident response
  • Forensics and preservation of evidence
26
Q

The Security Implications & Adoption of Evolving Tech domain outlines the current threat landscape, including a discussion of vulnerabilities associated with the
following emerging technologies:

A
  • Mobile devices
  • Cloud computing and storage
  • Digital collaboration