Test 1

Question 1

The common consensus is that the there is a shortage of cybersecurity professionals, with estimates of about _____ job openings in the US and ______worldwide by 2021

Answer 1

300,000 and 3 million

Question 2

Name the components of an information system

Answer 2

Software
Hardware
Data
People
Procedures
Networks

Question 3

80% of cybersecurity attacks take advantage of one major vulnerability. The weakest link of any system is/are:

Answer 3

People

Question 4

Information is data + _________

Answer 4

Context

Question 5

CIA stands for?

Answer 5

Confidentiality
Integrity
Accessibility

Question 6

Chief Information Officersand any high level information security professionals need some professional certifications . Name one.

Answer 6

CEH

certified ethical hacker

Question 7

enables authonzed users either people or computer systems-to access information without interference or obstruction, and to receive it in the required formation

Answer 7

Availability

Question 8

occurs when information is free from mistakes or errors and has the value that the end user expects

Answer 8

Accuracy

Question 9

of information is the quality or state of being genuine or original, rather than a reproduction or fabrication Information is authentic when it is in the same state in which it was created placed, stored, or transferred.

Answer 9

Authenticity

Question 10

is achieved when disclosure or exposure of information is restricted only to authorized individuals or systems. It ensures that only people with the rights and privileges to access information are able to do so.

Answer 10

Confidentiality

Question 11

of information is maintained when it is wholecomplete, and uncorrupted

Answer 11

Integrity

Question 12

of information is the quality or state of the information having value for some particular purpose or end .

Answer 12

Utility

Question 13

of information is the quality or state of ownership or control of some object or item. Information is said to be in one’s possession if one obtains itindependent of format or other characteristics

Answer 13

Possession

Question 14

Jenny lost a flash drive with critical company data on itthat outsiders should not see. But the data on it is encrypted. This is a loss of _________ but not of ________

Answer 14

Possession

Not confidentiality

Question 15

Mark is working overtime at his computerSuddenly the service he is accessing goes offline, and Mark realizes it’s been taken offline for a scheduled downtime to install updates/patches. This is a loss of __________

Answer 15

Availability

Question 16

The service comes back online. Mark accidentally deletes some data from the server. This affects _______

Answer 16

Integrity

Question 17

Mark uploads the right data from files he has on his computer, but these are older versions of the right data. This leads to lack of _______

Answer 17

Integrity

Question 18

Nancy has downloaded some company data they needBut their computer doesn’t have software which can open that format. This is a loss of _______

Answer 18

Availability

Question 19

Ransomed are encrypts all data on victim’s computer, leading to a loss of _______

Answer 19

Availability

Question 20

Newer versions of ransomware (since about 2020) exfiltrate (transfer out) all the victim’s data over the internet, and threaten them with disclosing it if they don’t pay up. This is a separate issue of _________

Answer 20

Confidentiality

Question 21

CIA triangle addresses the fundamental concerns of information. It ________ address all the critical characteristics of information that define its value.

Answer 21

Does not

Question 22

No one knows for sure why squirrels are drawn to telecom and internet fiber. In the past few years, major carriers have had to spend tremendous resources to protect their networks from squirrel chews by installing cable guards. even those are not enough to stop the squirrels entirely.

This attack falls primarily under the category:

It can also be categorized asforces of nature:

Answer 22

Deviations in Quality Service

Forces or nature

Question 23

Scammers call you and claim to be from the tech support team of Microsoft or other vendors. They then offer to help solve your computer problemsScammers often use publicly available directories, so they might know your name and other personal information when they call you. They might even guess what operating system you’re using

Once they’ve gained your trust, they might ask for your user name and password or ask you to go to a legitimate website to install software that will let them access your computer to fix it. you install the software and provide credentials, your computer and your personal information are vulnerable.

This attack falls primarily under the category:

be categorized as:

Answer 23

Human error or failure

Espionage or trespass

Question 24

Suspects allegedly used social engineering and managed to plant malware onto the targeted companies networks.
Once they had established illegitimate access to corporate email accounts, they then allegedly monitored communications, sniffing around for payment requests. The fraudsters then set up a simultaneous transaction with a targeted company’s real site.
This attack talls primanily under the category:
It can also be categorized as:

Answer 24

Espionage or Trespass

Theft

Question 25

Hancock Health paid hackers $55,000 in January 2018 to unlock systems following a cyberattack. The threat actors behind the attack targeted over 1,400 files and renamed them to "I'm sorry as part of the attack. The hackers believed to be located in Eastern Europe, gained access to hospital systems by logging in with a third-party vendor's credentials into the Hancock Hospital remote access portal, targeted vulnerable servers which were then used to propagate the attack. This attack falls primarily under the category: It can also be categorized as:

Answer 25

Espionage or trespass Sabotage or vandalism

Question 26

Meltdown is a hardware vulnerability affecting Intel microprocessors , IBM POWER processors, and some ARM-based microprocessors . It allows a rogue process to read all memory , even when it is not authorized to do so: Meltdown was issued a Common Vulnerabilities and Exposures ID of CVE -2017-5754, also known as Rogue Data Cache Load (RDCL ), in January 2018. It was disclosed in conjunction with another exploit Spectre, with which it shares somebut not all characteristics. The Meltdown and Spectre vulnerabilities are considered "catastrophic" by security analysts. The vulnerabilities are so severe that initially, security researchers believed the reports to be false This falls primarily under the category: It can also be categorized as:

Answer 26

Human error or failure Technical hardware failures or errors

Question 27

"Malicious websites were used to secretly hack into Phones tor years, says Google” This attack falis primarily under the category: It can also be categorized as: ___ exploit chains were involved, and ___vulnerabilities (security flaws)

Answer 27

Espionage or trespass Information extortion 5 12

Question 28

"Hackers could steal a Tesla Model S by cloning its key fob-again" This attack falls primarily under the category: It can also be categorized as:

Answer 28

Theft Espionage or trespass

Question 29

3) "Microsoft's lead EU data watchdog is looking into fresh Windows 10 privacy concerns” This is: Is Privacy addressed by CIA triad?:

Answer 29

Espionage or Trespass No

Question 30

"U.S. cyberattack hurt Iran's ability to target oil tankers, officials say” This is:

Answer 30

Espionage or Trespass

Question 31

"Apple is turning Siri audio clip review off by default and bringing it in house" Is this a cybersecurity attack ? Where would you categorize it ?

Answer 31

Espionage or Trespass

Question 32

Where does 80 percent of cybercrime come from?

Answer 32

Highly organized and ultrasophisticated criminal gangs

Question 33

How much does cybercrime make?

Answer 33

445 billion dollars

Question 34

How does cyber crime work? How do they operate?

Answer 34

Drye wolf. Would obtain from usually clinking a link from a phishing email and it will sit and wait till you log in into your bank.

Question 35

What is an approach to change the economics for cyber criminals?

Answer 35

Finding what the top priority is. What’s infected and how’s it spreading. Working to stop the spread in its tracks and informing others how to protect themselves.

Question 36

What is the reality of organizations Effected by cybercrime?

Answer 36

Far more likely to keep information on that attack to themselves because they are worried about competitive advantage, litigation, or regulation.

Question 37

What if IBM were to take our data and open it up? And publish it all openly on the internet? They did. What happened?

Answer 37

It opened and helped other organizations on security threats. We need to be more open and collaborative.