Cysa UPDATED ACTUAL Questions and CORRECT Answers
How secure does the data need to be?
How secure is the information?
Confidentiality
Falure of condifentiality occurs if someone can obtain the
a view the data
Physical Protections -Locked doors, fences, security
guards, security cameras,
Confidentiality best practices
Electronic Protections -Encryption (storage and in transit),
passwords, firewalls,
How correct is the information?
Has the data been modified?
integrity
Failure of integrity occurs if someon modifies the data
being stored or when it is in transit
Hshing of files and informtion
integrity best practices
Checksums during data transimmions
How much uptime is the system providing?
Is the data accessible by users at all times?
avaibility
Failure of avaiability occurs if the data cannot be accessed
by the end user
Redundancy in the system design, including compnents
and data paths
acaibility best practices
Backup strategies and disaster recovery plan
Information or data
Assets Network equipment
servers/comuters
, software
personnel processes
Any weakness in the system design implementation, soft-
ware code, or lack of preventative mechanisms
Internal factors like
vulnerability
Software bugs,
Misconfiured software
Misconfigured network devices
improper physical security
Any condition that can causes harm, loss, damage, or
compromise of asset
Cannon control threats, but can be mitigated.
Threats Nature Disasters,
Cyber Attacks
Breach of integrity of daya
Discolusre of confidential data
Malware
Risk Probability or likelihood of realization of a threat
assessments measure your current level of risk based on
threats, vulnerabilities, and mitigations in place
risk assessment
NIST 800-30
NIST SP 800-30
How secure does the data need to be?
How secure is the information?
Confidentiality
Falure of condifentiality occurs if someone can obtain the
a view the data
Physical Protections -Locked doors, fences, security
guards, security cameras,
Confidentiality best practices
Electronic Protections -Encryption (storage and in transit),
passwords, firewalls,
How correct is the information?
Has the data been modified?
integrity
Failure of integrity occurs if someon modifies the data
being stored or when it is in transit
Hshing of files and informtion
integrity best practices
Checksums during data transimmions
How much uptime is the system providing?
Is the data accessible by users at all times?
avaibility
Failure of avaiability occurs if the data cannot be accessed
by the end user
Redundancy in the system design, including compnents
and data paths
acaibility best practices
Backup strategies and disaster recovery plan
Information or data
Assets Network equipment
servers/comuters
, software
personnel processes
Any weakness in the system design implementation, soft-
ware code, or lack of preventative mechanisms
Internal factors like
vulnerability
Software bugs,
Misconfiured software
Misconfigured network devices
improper physical security
Any condition that can causes harm, loss, damage, or
compromise of asset
Cannon control threats, but can be mitigated.
Threats Nature Disasters,
Cyber Attacks
Breach of integrity of daya
Discolusre of confidential data
Malware
Risk Probability or likelihood of realization of a threat
assessments measure your current level of risk based on
threats, vulnerabilities, and mitigations in place
risk assessment
NIST 800-30
NIST SP 800-30
