NP 235 QUIZ 5 FINAL SCRIPT 2026 COMPLETE
SOLUTION SET
◉ integrity. Answer: Protection from unauthorized modification
◉ Availability. Answer: protection from disruptions in access
◉ Cybersecurity. Answer: the protection of information assets
(digital assets) by addressing threats to information processed,
stored, and transported by internetworked information systems
◉ NIST Functions to Protect Digital Assets. Answer: IPDRR
1) Identify
2) Protect
3) Detect
4) Respond
5) Recover
◉ Nonrepudiation. Answer: Def: ensuring that a message or other
piece of information is genuine
,Examples: digital signatures and transaction logs
◉ Risk. Answer: combination of the probability of an event and its
consequences, mitigated through controls
◉ Threat. Answer: Anything that is capable of acting against an asset
in a harmful manner
◉ Asset. Answer: something of either tangible or intangible value
that is worth protecting
◉ Vulnerability. Answer: A weakness in the design, implementation,
operation or internal control of a process that could expose the
system to adverse threats from threat events
◉ Inherent risk. Answer: The risk level or exposure without taking
into account the actions that management has taken or might take
(e.g., implementing controls)
◉ Residual risk. Answer: the risk that remains after management
implements internal controls or some other response to risk
◉ Likelihood. Answer: A.K.A probability
,measure of frequency of which an event may occur, which depends
on the threat and vulnerability
◉ Approaches to Cybersecurity Risk. Answer: Dependent on:
1) Risk tolerance
2) Size & scope of the environment
3) Amount of data available
Approaches:
1) Ad hoc
2) Compliance-based
3) Risk-based
◉ Threat Agents. Answer: The actors causing the threats that might
exploit a vulnerability
Types:
1) Corporations - competitive advantage
2) Cybercriminals - profit
3) Cyberterrorists - critical infrastructures/government
4) Cyberwarriors - politically motivated
5) Employees - revenge
, 6) Hacktivists - politically motivated
7) Nation states - government/private entities
8) Online social hackers - identity theft, profit
9) Script kiddies - learning to hack
◉ Attack vector. Answer: The path or route used to gain access to the
target (asset)
Types:
1) Ingress - intrusion
2) Egress - Data removal
◉ Attack Attributes. Answer: 1) Attack Vector
2) Payload
3) Exploit
4) Vulnerability
5) Target (Asset)
◉ Threat Process. Answer: 1) Perform reconnaissance (gathering
information)
2) Create attack tools
3) Deliver malicious capabilities
SOLUTION SET
◉ integrity. Answer: Protection from unauthorized modification
◉ Availability. Answer: protection from disruptions in access
◉ Cybersecurity. Answer: the protection of information assets
(digital assets) by addressing threats to information processed,
stored, and transported by internetworked information systems
◉ NIST Functions to Protect Digital Assets. Answer: IPDRR
1) Identify
2) Protect
3) Detect
4) Respond
5) Recover
◉ Nonrepudiation. Answer: Def: ensuring that a message or other
piece of information is genuine
,Examples: digital signatures and transaction logs
◉ Risk. Answer: combination of the probability of an event and its
consequences, mitigated through controls
◉ Threat. Answer: Anything that is capable of acting against an asset
in a harmful manner
◉ Asset. Answer: something of either tangible or intangible value
that is worth protecting
◉ Vulnerability. Answer: A weakness in the design, implementation,
operation or internal control of a process that could expose the
system to adverse threats from threat events
◉ Inherent risk. Answer: The risk level or exposure without taking
into account the actions that management has taken or might take
(e.g., implementing controls)
◉ Residual risk. Answer: the risk that remains after management
implements internal controls or some other response to risk
◉ Likelihood. Answer: A.K.A probability
,measure of frequency of which an event may occur, which depends
on the threat and vulnerability
◉ Approaches to Cybersecurity Risk. Answer: Dependent on:
1) Risk tolerance
2) Size & scope of the environment
3) Amount of data available
Approaches:
1) Ad hoc
2) Compliance-based
3) Risk-based
◉ Threat Agents. Answer: The actors causing the threats that might
exploit a vulnerability
Types:
1) Corporations - competitive advantage
2) Cybercriminals - profit
3) Cyberterrorists - critical infrastructures/government
4) Cyberwarriors - politically motivated
5) Employees - revenge
, 6) Hacktivists - politically motivated
7) Nation states - government/private entities
8) Online social hackers - identity theft, profit
9) Script kiddies - learning to hack
◉ Attack vector. Answer: The path or route used to gain access to the
target (asset)
Types:
1) Ingress - intrusion
2) Egress - Data removal
◉ Attack Attributes. Answer: 1) Attack Vector
2) Payload
3) Exploit
4) Vulnerability
5) Target (Asset)
◉ Threat Process. Answer: 1) Perform reconnaissance (gathering
information)
2) Create attack tools
3) Deliver malicious capabilities
