Cybersecurity Concepts Quiz

Questions and Answers

What does copyright specifically grant to creators?

The right to prevent others from using their ideas.

Ownership over all intangible assets related to their work.

Legal rights to anything they create that embodies an idea. (correct)

The right to prevent others from making or selling their inventions.

Which type of security policy is focused on how data should be classified?

Acceptable Use Policy

Data Classification Policy (correct)

Access Control Policy

Incident Response Policy

Which of the following represents an example of a patent?

A unique chemical formula.

A secret recipe for a soft drink.

A business strategy for a startup.

A new type of plant developed through breeding. (correct)

What is an act that constitutes patent infringement?

Selling a patented invention without consent from the patent holder.

Which right is NOT associated with the Data Privacy Act of 2012?

Right to prevent others from using your identity.

What is the primary goal of proactive intrusion detection?

To prevent unauthorized access through physical measures

Which feature enhances the transition to a new physical security system?

Easy scalability and quick setup

What does operational security primarily focus on?

Viewing operations from the adversary's perspective

How does the Data Privacy Act of 2012 protect individuals?

By regulating the processing of personal data

Which of the following represents a risk brought by data breaches?

Identity theft or fraud

What is an example of tracking technology?

Cookies and mobile apps

What does criminal defamation laws frequently lead to?

Abuse and suppression of public interest cases

What is informal censorship intended to prevent?

Critical publications or broadcasts

What type of exploit has not been disclosed to the public?

Zero-day exploits

Which of the following best describes a Denial of Service (DoS) attack?

An attack that floods a system with data to cause disruption

What is a primary goal of Malware Forensics?

Finding and tracking attacking malware

Which type of forensics involves investigating data from physical storage devices?

Disk Forensics

What does identity theft primarily involve?

Accessing personal information for unauthorized use

Which of the following measures is considered an aspect of physical security?

Physical access restrictions to buildings

What is the primary feature of Cross-Site Request Forgery (CSRF)?

Executing unwanted actions on a web application

What is the main purpose of network forensics?

To investigate network traffic for malicious activity

Study Notes

Security Incident

• A security event damaging network resources or data, part of an attack or security threat.

Exploit

• Code, software, or method used by attackers to exploit vulnerabilities in applications, systems, or networks.
• Known exploits are vulnerabilities already discovered, documented, and made public.
• Unknown exploits (zero-day exploits) are vulnerabilities not yet known or disclosed.

Denial of Service (DoS) Attack

• Cyber attack flooding a computer or website with data, overloading the system to prevent proper functioning.

Malware

• Harmful software (spyware, viruses, ransomware, worms) accessing system data.

Identity Theft

• Criminal accessing a user's personal information for personal gain.

Cryptojacking

• Cybercriminals using a victim's computer resources to mine cryptocurrencies without their knowledge.

Cross-Site Request Forgery (CSRF)

• Attack forcing an end user to execute unwanted actions on a web application while authenticated.

Disk Forensics

• Process of recovering data from physical storage devices, finding deleted files, and hidden partitions.

Network Forensics

• Investigating network traffic to find evidence of security incidents, unauthorized access, or malicious activity.

Database Forensics

• Collecting information contained in a database, including data and metadata.

Mobile Forensics

• Procedure of extracting, investigating and recovering data from mobile devices.

Malware Forensics

• Identifying, examining, and tracking malicious software.

Physical Security

• Measures protecting buildings and equipment from unauthorized access.
• Preventing unauthorized entry and ensuring authorized access.

Proactive Intrusion Detection

• First line of defense for a building, physical security crucial in preventing intrusions.

Scalable Physical Security Implementation

• Easy-to-install, quick-to-set-up solution for physical security, ensuring seamless transition to a new system.

Seamless System Integrations

• Physical security systems integrating with other software, applications, and systems through cloud operation.

Audit Trails and Analytics

• Easily detecting system weaknesses allowing implementing new physical security plans.

Operational Security

• Risk management process viewing operations from an adversary's perspective to protect sensitive information.

Information Privacy

• Right of individuals to control how their personal data is collected, stored, and shared.

Data Ownership

• Individuals own their personal data and control its usage.

Data Collection Practices

• Companies and organizations collecting data through various means (online forms, cookies, apps).

Consent

• Organizations obtaining clear, informed consent before collecting individual data.

Tracking Technologies

• Tools (cookies, mobile apps) tracking user activity.

Data Breaches

• Unauthorized access to sensitive data leading to identity theft or fraud.

Social Media Privacy

• Over-sharing and lack of privacy controls on social media exposing personal information.

Data Privacy Act of 2012 (RA 10173)

• Protecting individual privacy by regulating personal data processing.

Freedom of Expression

• Ability to express beliefs, thoughts, ideas, and emotions without government censorship.

Criminal Defamation Laws

• Frequently abused laws used in cases not involving public interest, used as a first, not last resort.

Media Attacks and Harassment

• Harassment of journalists and media workers posing a significant threat to independent journalism.

Informal Censorship

• Preventing or punishing publication/broadcast of critical/sensitive material.

Hate Speech

• Insidious and pervasive ways of undermining rights enjoyment.

Gender Equity Media

• Ensuring proper coverage of women's issues and perspectives.

Intellectual Property (IP)

• Non-physical assets, owned by individuals or companies
• Intellectual property examples: Copyright, Patents

Copyright

• Legal rights over creative works.

Patents

• Legal rights over inventions.

Patent Infringement

• Unlawful use of a patented invention without permission.

Trade Secret

• Confidential business information granting a competitive advantage.

Security Policies

• Acceptable Use Policy
• Data Classification Policy
• Incident Response Policy
• Access Control Policy

Data Privacy Act of 2012 Provisions

• Transparency in data collection
• Secure storage of personal information
• Individuals' rights to access and correct their data

Freedom of Speech: Key Issues

• Key terms related to freedom of speech (specific issues related to freedom of speech may vary)

IP Key Terms

• Confidentiality
• Copyright
• Indigenous rights
• Patents
• Registered designs
• Trade marks
• Trade secrets

Examples of Trade Secrets

• Formulas
• Patterns
• Methods, techniques, and processes

Examples of Patents

• Utility patents
• Design patents
• Plant patents

Description

Test your knowledge on various cybersecurity concepts such as security incidents, malware, and denial of service attacks. This quiz covers critical topics including exploit types, identity theft, and cryptojacking. Perfect for anyone looking to improve their understanding of cyber threats and defenses.