SYO 701 - Jason Dion

Question 1

Information Security

Answer 1

Act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, and corruption, and destruction.

*Securing the Data, not the Systems

Question 2

Information Systems Security

Answer 2

Act of protecting the system that hold and process the critical data

Question 3

CIA Triad

Answer 3

Confidentiality - ensures that information is only accessible to those with the appropriate authorization.

Integrity - ensured that data remains accurate and unaltered unless modification is required.

Availability - ensures that information and resources are accessible and functional when needed by authorized users

Question 4

Non Repudiation

Answer 4

Guaranteeing that a specific action or event has taken place and cannot be denied by the parties involved

Question 5

AAA of Security

Answer 5

Authentication - Process of verifying the identity of a user or system

Authorization - defines what actions or resources a User can access

Accounting - act of tracking user activities and resource usage, typically for audit or billing purposes

Question 6

Security Controls

Answer 6

Technical -

Managerial (Administrative) -

Operational -

Physical -

Question 7

Zero Trust

Answer 7

New Security model that operates on the principle that no one, whether inside or outside the organization, should be trusted by default.

Question 8

Vulnerability

Answer 8

Any weakness in the system design or implementation

Question 9

Risk Management

Answer 9

Finding different ways to minimize the likelihood of an outcome occurring and achieve the desired outcomes

Question 10

Confidentiality

Answer 10

Refers to the protection of information from unauthorized access and disclosure

• Protect personal privacy
• Maintain a business advantage
• Achieve regulatory compliance

Question 11

Encryption

Answer 11

Process of converting data into code to prevent unauthorized access. Data is scrambled, aka Cypher Text, and can only be viewed using the correct decryption key.

Question 12

Access Controls

Answer 12

Ensure only authorized personal can access certain types of data

Question 13

Data Masking

Answer 13

Method that involves obscuring data within a database to make it inaccessible for unauthorized users while retaining the real data authenticity and use for authorized users

Question 14

Physical Security Measures

Answer 14

Used to ensure confidentiality for physical types of data and for digital information contained on servers and workstations.

Question 15

Training and Awareness

Answer 15

Conducting regular training on the security awareness best practices that employees can use to protect the organization’s sensitive data

Question 16

Integrity

Answer 16

Helps to ensure information and data remain accurate and unchanged from their original state unless intentionally modified by an authorized individual. Verifies the accuracy and trustworthiness of data over the entire lifecycle.

*Ensure Data Accuracy
*Maintain Trust
*Ensure System Operability

In order to maintain Integrity, we utilize the following:
1 - Hashing
2 - Digital Signatures
3 - Checksums
4 - Access Controls
5 - Regular Audits

Question 17

Hashing

Answer 17

The process of converting data into a fixed-size value

*Hash Digest

Question 18

Digital Signatures

Answer 18

Use Encryption to ensure integrity and authenticity

*Hash > Hash Digest > Encrypted with Private Key > Digital Signature

Question 19

Checksums

Answer 19

Method to verify the integrity of data during transmission

Question 20

Access Controls

Answer 20

Ensure that only authorized individuals can modify data and reduce the risk of unintentional or malicious alterations.

Question 21

Regular Audits

Answer 21

Involve reviewing logs and operations to ensure that only authorized changes havce been made and any discrepancies are addressed.

Question 22

Authentication

Answer 22

Security measure that ensures individuals or entities are who they claim to be during a communication or transaction

*Something you know (Username/ PW)
*Something you have (VPN token)
*Something you are (Bio-metric)
*Something you do
*Somewhere you are (geographic location)

2FA - Two Factor Authentication

MFA - Multifactor Authentication

Question 23

Authorization

Answer 23

Permissions and privileges granted to Users or Entities after they have been Authenticated

Question 24

Zero Trust

Answer 24

“Trust nothing and verify everything”

Demands Verification for every device, user, and transaction within the Network, regardless of its origin.

Cybersecurity approach that assumes no User or system is trusted by default and requires continuous verification for access to organizational resources

Question 25

Threat Actor Motivation

Answer 25

Data Exfiltration Blackmail Philosophical / Political beliefs Ethical Reasons Espionage Revenge Service Disruption Disruption or Chaos Financial Gain War

Question 26

Threat Actor Attributes

Answer 26

Internal vs External Resources and Funding Level of Sophistication & Capability

Question 27

Script Kiddie

Answer 27

An Unskilled Attacker. An individual who lacks the technical knowledge to develop their own hacking tools or exploits. *Fueled by Recognition or Thrill of causing Disruption *Low level skills

Question 28

Hacktivists

Answer 28

Individuals or groups that use their technical skills to promote a cause (ideologies) or drive Social (political) Change instead of for personal gain *website defacement (electronic graffiti) *DDOS attacks *Doxing (release of private information to Public) *Leak sensitive data

Question 29

Organized Crime

Answer 29

Sophisticated and well-structured entities that leverage resources and technical skills for illicit gains *Operates within political sector *Hired by Gov entities to conduct attacks on their behalf *generate financial gains for their group

Question 30

Nation State Actors

Answer 30

Groups that are sponsored by a government to conduct cyber operations against other nations, organizations, or individuals. Highly sophisticated and capable. *creating custom malware *using Zero-day exploits *becoming advanced persistent threat (long term persistence and stealth) *funded by Gov *motivated by long term strategic goals

Question 31

Insider Threats

Answer 31

Cybersecurity threats that originate from within the Organization *Data Theft *Sabotage *Misuse of access privileges *Financial Gain *Revenge

Question 32

Shadow IT

Answer 32

Use of Information Technology systems, devices, software, applications, and services without explicit organizational approval. When the security posture of an Org is too restrictive. *Use of personal Devices for Work Purposes *Installation of Unapproved Software *Use of Cloud Services that have not been approved by the Org

Question 33

Threat Vector

Answer 33

The means or pathway by which an attacker can gain unauthorized access to a computer or network to deliver a malicious payload or carry out an unwanted action. *The "How" of an Attack *Messages - Email, SMS, Text *Images - embedded malicious code *Files - malicious files hosted on malicious sites *Voice Calls - aka Vishing *Removable Devices - threats delivered via USB drives *Unsecure Networks - Wireless/ Wired/ BT (Evil Twin / Rogue Access Points)

Question 34

Attack Surface

Answer 34

Encompasses all the various points where an unauthorized user can try to enter data to or extract data from an environment *The "Where" of an Attack *Restricting Access *Removing Unnecessary Software *Disabling Unused Protocols

Question 35

Deceptive & Disruptive Technologies

Answer 35

Designed to mislead, confuse, and divert attackers from critical assets while simultaneously detecting and neutralizing threats.