Cybersecurity Questions and Answers 100% Pass

Cybersecurity Questions and Answers 100% Pass What is cybersecurity preventing the unauthorized access to data and information systems what three goals does cybersecurity have confidentiality, integrity, accessibility what is the confidentiality goal of cybersecurity ensuring no one with authorized can access information what is the integrity goal of cybersecurity ensuring the data hasn't been manipulated and is accurate what is the availability goal of cybersecurity ensuring the systems are available to the end users what are the three main methods or controls that shape cybersecurity? people, process, technology what is the role of people in cybersecurity - giving people the skills and information to implement an effective cybersecurity program - training, awareness, building skills what is process in cybersecurity the policies and organizational procedures used to implement and manage the cybersecurity program what role does technology play in cybersecurity the tools or controls used to implement the cybersecurity lifecycle what is the cybersecurity lifecycle the components of cybersecurity according to NIST what are the NIST components of the cybersecurity lifecycle identify, monitor, protect, detect, respond, recover what is the old model to approach cybersecurity the perimeter model (hard shell, soft inside) why is the perimeter model not fully effective in cybersecurity - the perimeter is not perfect and is only one layer - you have to violate the perimeter all the time to share information between authorized users - too many doors and windows What is the Identify function in the NIST model? Identify The Identify Function assists in developing an organizational understanding to managing cybersecurity risk to systems, people, assets, data, and capabilities. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs. Examples of outcome Categories within this Function include: Identifying physical and software assets within the organization to establish the basis of an Asset Management program Identifying the Business Environment the organization supports including the organization's role in the supply chain, and the organizations place in the critical infrastructure sector Identifying cybersecurity policies established within the organization to define the Governance program as well as identifying legal and regulatory requirements regarding the cybersecurity capabilities of the organization Identifying asset vulnerabilities, threats to internal and external organizational resources, and risk response activities as a basis for the organizations Risk Assessment Identifying a Risk Management Strategy for the organization including establishing risk tolerances Identifying a Supply Chain Risk Management strategy including priorities, constraints, risk tolerances, and assumptions used to support risk decisions associated with managing supply chain risks what is the Protect function in the NIST model The Protect Function outlines appropriate safeguards to ensure delivery of critical infrastructure services. The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event. Examples of outcome Categories within this Function include: Protections for Identity Management and Access Control within the organization including physical and remote access Empowering staff within the organization through Awareness and Training including role based and privileged user training Establishing Data Security protection consistent with the organizat