week 9

Question 1

disclosure

Answer 1

confidentiality

Question 1

alteration

Answer 1

integrity

Question 2

denial

Answer 2

availability

Question 3

What’s Cyber Security

Answer 3

• The protection of information assets by addressing threats to
  information processed,

Question 4

Cyber Security Awareness

Answer 4

Cybersecurity addresses both internal and external threats to an organization

Question 5

Risk :

Answer 5

The likelihood that something bad will happen that causes harm to an informational asset

Question 6

Asset:

Answer 6

Something that has tangible or intangible value that is worth protecting

Question 7

Vulnerability :

Answer 7

A weakness that could be used to endanger or cause harm to an informational asset

Question 8

Threat :

Answer 8

A potential cause of an unwanted incident.

Question 9

Residual risk:

Answer 9

Even after controls are in place, there will always be residual risk, defined as the remaining risk after management has implemented a risk response.

Question 10

Inherent risk:

Answer 10

The risk level or exposure without taking into account the actions that management has taken or might take

Question 11

Third party risk :

Answer 11

Information sharing , restricted access

Question 12

Risk Management

Answer 12

the process of identifying vulnerabilities and
threats to information resources, and deciding what
countermeasures to take to reduce risk

Question 13

Cyber Security Implementation Approaches Compliance Based :

Answer 13

relying on industry standards, controls are
implemented disregard their applicability.

Question 14

Risk Based :

Answer 14

Discover risks affecting organization and then design
appropriate security controls to address the risk

Question 15

Ad-hoc approach:

Answer 15

Implements Security with no relevant standard or
criteria

Question 16

How to measure risks

Answer 16

Risk tolerance
Size and scope of the environment
Amount of Data available

Question 17

Threat agents
Corporations:

Answer 17

breach security boundaries and perform malicious acts to gain a competitive advantage.

Question 18

Nation States

Answer 18

target government and private entities with a high level of sophistication to obtain intelligence or carry out other destructive activities.

Question 19

Hacktivists

Answer 19

hackers may target specific individuals or
organizations

Question 20

Cyberterrorists

Answer 20

use violence to achieve their goals, cyberterrorists frequently target critical infrastructures and government groups.

Question 21

Cybercriminals:

Answer 21

Motivated by the desire for profit,

Question 22

Cyber warriors

Answer 22

act on behalf of a political party or against another political party that threatens them.

Question 23

Script Kiddies

Answer 23

young individuals who are learning to hack

Question 24

Online Social Hackers

Answer 24

involved in cyberbullying, identity theft

Question 25

Employees

Answer 25

dissatisfied current or former employees represent a clear cybersecurity risk.

Question 26

Attack:

Answer 26

the occurrence of a threat caused by threat agent to an asset.

Question 27

Attack vector:

Answer 27

is the path used to get access to the target (asset).

Question 28

Attack mechanism:

Answer 28

how to deliver an exploit.

Question 29

Attack process steps

Answer 29

Perform reconnaissance Create attack tools Deliver malicious capabilities Exploit and compromise Conduct an attack Achieve results Maintain a presence or set of capabilities Coordinate a campaign

Question 30

malware

Answer 30

A software designed to gain access to targeted computer systems, steal information or disrupt computer operations

Question 31

Malware types

Answer 31

virus : replicate itself and spread from one computer to another worm :replicate itself spread in computer network trojan horse : hide within application botnet : network of infected machines spyware : gathers information adware : show unwanted ads to users

Question 32

Ransomware

Answer 32

type of malware that locks your files or computer until you pay up