Cybersecurity Fundamentals and Motivations

Questions and Answers

What is the purpose of establishing policies for cybersecurity?

To manage financial resources

To outline roles and responsibilities (correct)

To maintain software licenses

To enforce hardware purchases

Which activity helps to manage access to assets and information?

Installing software patches

Implementing identity management controls (correct)

Conducting regular backups

Performing inventory checks

What is the primary goal of conducting regular backups?

To monitor user access

To protect sensitive data

To facilitate quicker recovery from incidents (correct)

To ensure compliance with legal regulations

What is meant by maintaining and monitoring logs?

Recognizing anomalies in operations

Which protective measure involves the patching of operating systems?

Protective technology

What is a key feature of implementing continuous monitoring activities?

Maintaining awareness of network anomalies

What kind of plans are created to address detected cybersecurity events?

Response and recovery plans

What is a critical component of identifying risk management processes?

Identifying external partner contracts

What is the first step in practicing cybersecurity risk management?

Identify your business’ assets

Which of the following can be considered an environmental threat to businesses?

Floods

Which option is NOT a step in identifying the value of business assets?

Determine the financial investment in the asset

What should be prioritized after determining business assets and their values?

Mitigate activities according to priorities

What should be evaluated to determine the potential damage to a business asset?

The impact of loss or damage to the asset

Which of the following is a likely effect of downtime on a business?

Loss of customers

What is the primary objective of a ransomware attack?

To demand a ransom in exchange for restoring data

What type of scams can recovery efforts attract during natural disasters?

Financial fraud

Which scale could be used to document asset values on a worksheet?

low, medium, high

What is the focus of NIST Special Publication 800-30?

Guide for conducting risk assessments

Which of the following types of attacks is a form of social engineering?

Phishing

What should be considered when identifying the likelihood of loss or damage to an asset?

The potential threats to each asset

Which factor is NOT directly related to evaluating the impact of asset loss?

Market share during recovery

What is a common characteristic of 'spear phishing' compared to regular phishing?

It is specifically targeted at individuals or organizations

How should assets with high impact and likelihood scores be prioritized?

Implement immediate resolution

Which step is performed after identifying the impact and likelihood scores of assets?

Identify priorities and potential solutions

How can businesses be financially impacted by cyber attacks?

Attacks can lead to costly recoveries and legal repercussions

What type of threat does 'vishing' represent?

Phishing through phone calls

What is a recommended action if a business process has manual backup methods?

Evaluate their effectiveness

What risk does hacking pose to businesses?

It can lead to unauthorized access and stolen data

What does the NIST Cybersecurity Framework provide for organizations?

A continuous process for cybersecurity risk management

In the context of cybersecurity, what do customers and employees expect from a business?

To keep their information secure and private

What type of scale can be used to determine the impact to business of asset loss?

A low, medium, high scale

What is the primary problem associated with paying a ransom in a ransomware attack?

There is no guarantee that the ransom will work

What is the primary goal of cybersecurity?

To protect electronic devices and associated data

Which of the following is a component of confidentiality in cybersecurity?

Secure storage of company trade secrets

Which example illustrates a breach of integrity?

Altering payroll information without authorization

What is meant by the term 'availability' in cybersecurity?

Guaranteeing that information can be accessed as needed

Which of the following is NOT a part of the threat landscape in cybersecurity?

Marketing strategy development

What does 'BYOD' stand for in the context of cybersecurity?

Bring Your Own Device

Why is risk management important in cybersecurity?

It helps identify and mitigate potential threats

Which of the following best defines information security?

Protection of data from unauthorized access and breaches

Which of the following is an example of a method to ensure availability?

Implementing robust backup systems

What impact does a successful cybersecurity attack have on an organization?

It can disrupt access to information and services

Study Notes

Cybersecurity Fundamentals

• Cybersecurity involves protecting electronic devices and associated data and information.
• Key objectives include confidentiality, integrity, and availability.
• Confidentiality protects data from unauthorized access and disclosure.
• Integrity ensures data accuracy and prevents unauthorized modification.
• Availability ensures data and systems are accessible when needed. A common example of a breach of availability is when customers cannot access online services.

Motivations Behind Cyberattacks

• A global study of large organizations targeted by cyberattacks revealed various motivations:
  • 41% of breaches were due to ransomware.
  • 27% were due to insider threats.
  • 26% were for political competition.
  • 26% were for cyberwarfare.
  • 24% occurred due to angry users.
  • 20% were motivated by business competition.
  • 11% had unknown motives.
• A global study of almost 2,000 data breaches revealed that outsiders are the most frequent perpetrators, followed by organized criminal groups.

Cybersecurity Threats

• Phishing attacks are social engineering tactics to gain access to systems or steal data.
• Ransomware attacks harm data and require ransom payments for restoration.
• Hacking involves unauthorized access to systems, information, denial of services or theft of resources.
• Imposter scams involve individuals posing as legitimate entities.
• Environmental events like fires, earthquakes, or floods can disrupt business access.

Cybersecurity Framework

• The NIST Cybersecurity Framework provides a continuous process for cybersecurity risk management, for organizations of any size and sector.
• The framework has proven useful across various industries.
• The framework's core functions include:
  • Identify: Recognize and analyze your organizational cybersecurity risks.
  • Protect: Implement appropriate safeguards to protect your systems.
  • Detect: Develop proper measures that detect intrusions.
  • Respond: Define activities that respond to an incident.
  • Recover: Maintain planning, resilience, and restoration of impaired services.

Elements of Risk

• Risk assessment involves identifying threats, vulnerabilities, likelihood, and impact on the business
• Identify valuable business assets and evaluate their worth.

NIST Identified Activities

• Identify: Assess business environment (e.g., processes, data flows)
• Protect: Implement safeguards to protect the asset
• Detect: Methods to identify occurrences.
• Respond: Act on detected intrusions
• Recover: Maintain plans to restore systems and capability.

Description

This quiz covers key principles of cybersecurity, including the protection of electronic devices and data, focusing on confidentiality, integrity, and availability. It also explores the various motivations behind cyberattacks, such as ransomware and insider threats, based on global studies of data breaches.