Section 1 Overview to Security

Question 1

Act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction.

Answer 1

Information Security

Question 2

Act of protecting the systems that hold and process our critical data.

Answer 2

Information Security Systems

Question 3

Confidentiality, Integrity, Availability

Answer 3

CIA Trad

Question 4

Information has not been disclosed to unauthorized people.

Answer 4

Confidentiality

Question 5

Information has not been modified or altered without proper authorization.

Answer 5

Integrity

Question 6

Information is able to be stored, accessed, or protected at all times.

Answer 6

Availability

Question 7

When a person’s identity is established with proof and confirmed by all systems. Example: Logging in

Answer 7

Authentication

Question 8

1. Something you know
2. Something you have
3. Something you are
4. Something you do
5. Somewhere you are

Answer 8

Five methods of Authentication

Question 9

Occurs when a user is given access to a certain piece of data or certain areas of a building.

Answer 9

Authorization

Question 10

Tracking of data, computer usage, and network resources. (Information is stored in a log file)

Answer 10

Accounting

Question 11

Occurs when you have proof that someone has taken an action.

Answer 11

Non-Repudiation

Question 12

Short-hand term for malicious software.

Answer 12

Malware

Question 13

Occurs when a computers crashes or an individual application fails.

Answer 13

System Failure

Question 14

Occurs when access to a computer resources and data happens without the consent of the owner.

Answer 14

Unauthorized Access

Question 15

Act of manipulating users into revealing confidential information or performing other detrimental actions.

Answer 15

Social Engineering

Question 16

Alarm systems, locks, surveillance, cameras, identification cars, and security guards.

Answer 16

Physical Controls

Question 17

Smart cords, encryption, access control list (ACL’s), intrusion detection systems, and network authentication.

Answer 17

Technical Controls

Question 18

Policies, procedures, security awareness training, contingency, planning, and disaster recovery plans. (Sometimes called Managerial Controls)

Answer 18

Administrative Controls

Question 19

The most effective security control to use.

Answer 19

User Training

Question 20

1. White Hats
2. Black Hats
3. Grey Hats
4. Blue Hats
5. Elite

Answer 20

Five Types of Hackers

Question 21

Non-malicious hackers who attempt to break into a company’s systems at their request. (Ethical hackers and Pen Testers)

Answer 21

White Hats

Question 22

Malicious hackers who break into computer systems and networks without authorization or permission.

Answer 22

Black Hats

Question 23

Hackers without any affiliation to a company that attempts to break into a company’s network and risks breaking the law.

Answer 23

Grey Hats

Question 24

Hackers who attempt to hack into a network with permission of the company but are not employed by the company.

Answer 24

Blue Hats

Question 25

Hackers who find and exploit vulnerabilities before anyone else does. ( 1 in 10,000 hackers are elite)

Answer 25

Elite

Question 26

Have limited skills and only run other peoples exploits and tools.

Answer 26

Script Kiddies

Question 27

Hackers who are driven by a cause like social change, political agendas, or terrorism.

Answer 27

Hacktivists

Question 28

Hackers who are part of a crime group that is well funded and highly sophisticated.

Answer 28

Organized Crime

Question 29

Highly trained and funded groups hackers (often by nation states) with covert and open source intelligence at their disposal.

Answer 29

Advanced Persistent Threats

Question 30

Property of an intelligence source that ensures it is up to date.

Answer 30

Timeliness

Question 31

Property of an intelligence source that ensures it matches the use cases intended for it.

Answer 31

Relevancy

Question 32

Property of an intelligence source that ensures it produces effective results.

Answer 32

Accuracy

Question 33

Property of an intelligence source that ensures it produces qualified statements about reliability.

Answer 33

Confidence Levels

Question 34

Codifies the use of the admiralty scale for grading data and estimative language.

Answer 34

MISP Project

Question 35

Threat intelligence is very widely provided as a commercial service offering, where access to updates and research is subjected to a subscription fee.

Answer 35

Proprietary

Question 36

Data that is derived from the providers own research and analysis efforts, such as data from honeynets that they operate, plus information mined from its customers' systems, suitably anonymized.

Answer 36

Closed-Source

Question 37

Data that is available to use without subscription, which may include threat feeds similar to the commercial providers and many contain reputation lists and malware signature databases.

Answer 37

Open-Source

Question 38

Methods of obtaining information about a person or organization through public records, websites, and social media.

Answer 38

Open-Source Intelligence (OSINT)

Question 39

A cybersecurity technique designed to detect presence of threats that have not been discovered by a normal security monitoring.

Answer 39

Threat Hunting

Question 40

A hypothesis is derived from the threat modeling and is based on potential events with higher likelihood and higher impact.

Answer 40

Establishing a Hypothesis

Question 41

Involves the creation of scenarios that show how a prospective attacker might attempt an intrusion and what their objectives might be.

Answer 41

Profiling Threat Actors and Activites

Question 42

A model developed by Lockheed Martin that describes the stages by which a threat actor progresses a network intrusion.

Answer 42

Lockheed Martin Killchain

Question 43

1. Reconnaissance 2. Weaponization 3. Delivery 4. Exploitation 5. Installation 6. Command and Control (C2) 7. Actions on Objectives

Answer 43

Seven stop Method for the Killchain

Question 44

A knowledge base maintained by the MITRE Corporation for listing and explaining specific adversary tactics, techniques, and common knowledge or procedures.

Answer 44

MITRE Att&ck Framework

Question 45

A framework for analyzing cybersecurity incidents and intrusions by exploring the relationships between four core features: adversary, capability, infrastructure, and victim.

Answer 45

Diamond Model of Intrusion Analysis