CYB281 Chapter 2: Cyber Risks and Threats

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary principle affected by interception attacks?

Confidentiality (correct)

Authenticity

Integrity

Availability

How can an interruption attack affect data security?

By making data temporarily unavailable (correct)

By encrypting the data

By modifying the data content

By generating new data entries

What is a potential consequence of a modification attack on a configuration file?

Loss of data integrity (correct)

Improved data confidentiality

Enhanced data availability

Increased data utility

Which of the following types of attacks can generate new, falsified information?

Fabrication Signup and view all the answers

What happens to data utility if the decryption key is lost despite data being encrypted?

Utility is breached Signup and view all the answers

Which attack is likely to be classified as a denial of service (DoS) attack?

Interruption Signup and view all the answers

In which scenario would an interrupted service also affect data integrity?

When a configuration file is altered Signup and view all the answers

Fabrication attacks primarily target which principle of the CIA triad?

Integrity Signup and view all the answers

What should be implemented to counter unauthorized access to systems and data?

Strict access control policies Signup and view all the answers

Which approach is recommended for maintaining the confidentiality of data on WLANs?

Enabling encryption between workstations and WAP Signup and view all the answers

What action should be taken regarding LAN server vulnerabilities?

Conduct vulnerability assessments regularly Signup and view all the answers

What is the purpose of second-level identity in accessing sensitive systems?

To enhance security for access control Signup and view all the answers

Which of the following is recommended concerning unauthorized probing and port scanning?

Disabling these functions on exterior IP devices Signup and view all the answers

What should be done with security fixes and software patches in the LAN-to-WAN domain?

Update devices immediately Signup and view all the answers

How should rogue users on WLANs be managed?

By eliminating unauthorized access Signup and view all the answers

What is a primary precaution to take regarding LAN server operating system vulnerabilities?

Establish strict vulnerability window policies Signup and view all the answers

What is the primary focus of risk management processes in an organization?

Balancing opportunities for gains and minimizing vulnerabilities Signup and view all the answers

Which step comes first in the typical risk management process?

Identify assets Signup and view all the answers

How is risk defined in the context of asset management?

A combination of threats and vulnerabilities Signup and view all the answers

What should be assessed about assets during the risk management process?

The potential threats that can impact them Signup and view all the answers

What is a key element of good governance in risk management?

Recurrent risk management seeking organizational improvement Signup and view all the answers

Which of the following is NOT a step in the risk management process?

Evaluating employee performance Signup and view all the answers

In risk management, how do controls contribute to mitigating risks?

They are measures taken to address identified threats Signup and view all the answers

What is the potential impact of a cyber threat on an organization?

Negative effects on reputation and ability to do business Signup and view all the answers

Which of the following is NOT an example of a technical attack vector?

Social engineering Signup and view all the answers

What is a common consequence of poor training and awareness in an organization?

Increased likelihood of social engineering attacks Signup and view all the answers

Which of the following physical vulnerabilities can dramatically affect security?

Building and equipment room access Signup and view all the answers

Cyber impacts can be categorized into which of the following levels?

Personal, organizational, financial, and people impacts Signup and view all the answers

What is one of the leading factors that has increased cyber risk for organizations today?

Surge in Ransomware attacks Signup and view all the answers

Which of the following vulnerabilities is primarily related to employee behavior?

Failure to comply with company policies Signup and view all the answers

How can cyber risks be quantified?

In terms of data loss or failure of IT systems Signup and view all the answers

Which of the following is a consequence of cyber incidents for organizations?

Financial losses Signup and view all the answers

Which of the following principles are included in the Parkerian Hexad?

Confidentiality Signup and view all the answers

What does the 'Possession or Control' principle in the Parkerian Hexad emphasize?

The physical safety of data storage media Signup and view all the answers

What is the primary focus of the authenticity principle within the Parkerian Hexad?

The truth of the origin of information Signup and view all the answers

How does Parker's definition of integrity differ from the classic view in the CIA triad?

He emphasizes the need for data to be completely unchanged. Signup and view all the answers

Which of the following is NOT one of the six principles of the Parkerian Hexad?

Synchronization Signup and view all the answers

What example illustrates a loss of possession or control in cybersecurity?

A bank card being stolen in an envelope Signup and view all the answers

Which of the following accurately defines the 'utility' principle in the Parkerian Hexad?

The usefulness of the data to the user Signup and view all the answers

In what context might authenticity be particularly emphasized in cybersecurity?

When verifying the source of information Signup and view all the answers

Study Notes

The Parkerian Hexad

Developed by Donn Parker, expands the CIA triad to include possession/control, authenticity, and utility, totaling six principles.
Possession/Control: Refers to the physical security of data storage. Example: Loss of control over a debit card due to theft.
Authenticity: Ensures the accuracy of information’s origin. Example: Use of digital signatures and two-factor authentication.
Utility: Concerns the usefulness of data; can vary in degrees. Example: Encrypted data without a decryption key is secure but useless.

Types of Attacks

Attacks categorized into interception, interruption, modification, and fabrication, impacting CIA principles.
Interception: Unauthorized access to data, primarily affecting confidentiality. Examples include unauthorized file access and eavesdropping.
Interruption: Makes assets unusable or unavailable, impacting availability and potentially integrity. Example: DoS attacks.
Modification: Involves tampering with data, affecting integrity and availability. Example: Unauthorized data alteration can change how services behave.
Fabrication: Generates false data or processes, primarily affects integrity. Example: Use of malware to disrupt services.

Common Threats in the LAN Domain

Unauthorized physical access: Ensure secure access to wiring closets and data centers.
Strict access control policies: Require second-level identity verification for sensitive systems.
Server vulnerabilities: Implement window policies and conduct regular vulnerability assessments.
Rogue users on WLANs: Use password-protected network keys and disable WAP broadcasting.

Common Threats in the LAN-to-WAN Domain

Probing and port scanning: Disable on exterior devices; monitor with IDS/IPS.
Unauthorized access: Apply strict monitoring controls and block suspicious traffic.
Vulnerabilities in routers/firewalls: Define zero-day vulnerability window and update with security fixes.

Cyber Vulnerabilities

People-related vulnerabilities: Arise from lack of training or awareness, leading to social engineering, poor password practices, and non-compliance with policies.
Physical and environmental vulnerabilities: Issues with access to equipment, HVAC systems, and power can lead to significant impacts.

Cyber Impacts

Result from exploited vulnerabilities; can affect individuals, organizations, finances, and people.
Impacts can necessitate critical decision-making processes.

Cyber Risks

Increasing cyber risks faced by organizations globally, correlating with data loss and IT system failures.
Ransomware attacks are leading threats, causing unauthorized access and potential data modification or destruction.
Risk management focuses on potential impacts on reputation, finances, and operational capacities.

Risk Management

Essential for identifying, quantifying, and managing risks within an organization.
Aims to balance opportunities and minimize vulnerabilities through recurrent improvement and decision-making.
Steps include identifying assets, threats, and vulnerabilities, assessing risks, and mitigating them with controls.

Risk Management Process

Identify Assets: Catalog and evaluate the importance of all assets for effective protection.
Identify Threats: Analyze potential threats related to critical assets.
Assess Vulnerabilities: Evaluate vulnerabilities in the context of relevant threats.
Assess Risk: Determine overall risk by connecting threats to vulnerabilities.
Mitigate Risks: Implement controls categorized as physical, technical, and administrative to minimize risk exposure.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Description

This quiz covers Chapter 2 of the CYB281 Cybersecurity Foundations course, focusing on the Parkerian Hexad, types of cyber attacks, and the relationships between cyber threats, vulnerabilities, and risks. Understand the various cyber impacts and risk management strategies critical for cybersecurity professionals.