CYBERSECURITY MANAGEMENT REVIEW
QUESTIONS AND ANSWERS 100% CORRECT!!
, threat environment - ANSWER types of attackers and attacks that companies face
security goals - ANSWER confidentiality, integrity, availability
confidentiality - ANSWER people cannot read sensitive information
integrity - ANSWER attackers cannot change or destroy information
availability - ANSWER people who are authorized to use information are not prevented
from doing so
compromises - ANSWER successful attacks
countermeasures - ANSWER tools used to thwart attacks
types of countermeasures - ANSWER preventative, detective, corrective
sony attack method - ANSWER sql injection
sql injection - ANSWER sending modified sql statements through web application to
alter how sql statement is processed
why are employees dangerous - ANSWER knowledge of systems, permissions to
access systems, can avoid detection, trusted
employee sabotage - ANSWER destruction of hardware, software, or data
hacking - ANSWER intentionally accessing a computer resource without authorization
or in excess of authorization
employee financial theft - ANSWER misappropriation of funds
employee extortion - ANSWER perpetrator tries to obtain money or other goods by
threatening to take actions that would be against the victim's interest
other internal attackers - ANSWER contract workers
QUESTIONS AND ANSWERS 100% CORRECT!!
, threat environment - ANSWER types of attackers and attacks that companies face
security goals - ANSWER confidentiality, integrity, availability
confidentiality - ANSWER people cannot read sensitive information
integrity - ANSWER attackers cannot change or destroy information
availability - ANSWER people who are authorized to use information are not prevented
from doing so
compromises - ANSWER successful attacks
countermeasures - ANSWER tools used to thwart attacks
types of countermeasures - ANSWER preventative, detective, corrective
sony attack method - ANSWER sql injection
sql injection - ANSWER sending modified sql statements through web application to
alter how sql statement is processed
why are employees dangerous - ANSWER knowledge of systems, permissions to
access systems, can avoid detection, trusted
employee sabotage - ANSWER destruction of hardware, software, or data
hacking - ANSWER intentionally accessing a computer resource without authorization
or in excess of authorization
employee financial theft - ANSWER misappropriation of funds
employee extortion - ANSWER perpetrator tries to obtain money or other goods by
threatening to take actions that would be against the victim's interest
other internal attackers - ANSWER contract workers
