High-Yield OA Review, Questions & Study Guide|
Frequently Most Tested Questions and 100% Accurate
| Expert Guarantee Pass , Well Rationalized ,Updated
and Verified | Latest Exam and Newest Version!!!
Define security
Correct Answer:
The practice dealing with all aspects of prevention, protection, and remediation
from any type of harm to an asset.
Define cybersecurity
Correct Answer:
The ongoing application of best practices intended to ensure and preserve
confidentiality, integrity, and availability of digital information as well as the
safety of people and environments
Define standards in a cybersecurity context
Correct Answer:
A set of properties that something must meet to be considered appropriate to its
function.
What are some of the most common cybersecurity standards?
Correct Answer:
International Standards Organization (ISO), Institute of Electrical and
Electronics Engineers (IEEE) 802.3 Ethernet standard, and The National
Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
What are the three pillars of cybersecurity?
AKA the CIA Triad.
Correct Answer:
,Confidentiality, integrity, and availability
Define confidentiality
Correct Answer:
Synonymous with private or secret; seeks to prevent the unauthorized
disclosure of information.
What are the three degrees of confidentiality?
Correct Answer:
Top secret, secret, and confidential
What are the degrees of harm of the confidential classifications?
Correct Answer:
Exceptionally grave prejudice, serious harm, and harm
Define integrity
Correct Answer:
The set of practices and tools (controls) designed to protect, maintain, and
ensure both the accuracy and completeness of data over its entire life cycle.
Define availability
Correct Answer:
The set of practices and tools designed to ensure timely access to data.
What are the two ways to ensure availability?
Correct Answer:
Redundancy and backup
What are the five key functions of NIST CSF?
Correct Answer:
Identify, protect, detect, respond, and recover.
What is the general purpose of access security controls?
Correct Answer:
They are actions that mitigate risk
,Define preventative controls
Correct Answer:
Designed to prevent the attack from reaching the asset in the first place.
Define detective controls
Correct Answer:
Designed to identify that an attack is occurring, including what kind of an attack,
where it came from, what it used, and, if you're lucky, who may be behind it.
Define corrective controls
Correct Answer:
Designed to minimize the damage from an attack.
Define compensating controls
Correct Answer:
Designed to compensate for the failure or absence of other controls and
mitigate the damage from an attack
Define deterrent controls
Correct Answer:
Designed to deter users from performing actions on a system
Define threat agents
Correct Answer:
The people behind cyberattacks
What motivates cybercriminals?
Correct Answer:
Money
What motivates insider threats?
Correct Answer:
Money or revenge, in no particular order
What motivates nation-state threats?
, Correct Answer:
Cyberwarfare or intellectual property theft, competitive intelligence gathering,
etc.
What motivates corporation threats?
Correct Answer:
Cyber‐corporate‐warfare or intellectual property theft, competitive intelligence
gathering, etc
What motivates hacktivists?
Correct Answer:
Activism of one sort or another, often but not always altruistically motivated
What motivates cyber-fighters?
Correct Answer:
Nationally motivated "patriots"
What motivates cyberterrorists?
Correct Answer:
To create fear or chaos
What motivates script kiddies?
Correct Answer:
Young people "hacking for the fun of it" and causing havoc, be it intentional or
not.
Define attack vector
Correct Answer:
The path that the attacker takes to compromise your asset
Define attack payload
Correct Answer:
The "container" that delivers the exploit that take advantage of one or more
vulnerabilities exposing the target to the attacker.
Define Advanced Persistent Threat (APT)