Lecture 1-1
12 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Explain what secrecy, confidentiality and privacy mean as the cybersecurity goals.

Secrecy: Methods to restrict access to information (e.g., cryptography, access control). Confidentiality: Duty to protect others' secrets. Privacy: Right to control your personal information and space.

Explain what Iaas, Paas and Saas are give examples on how you would use them for you start up tech.

Infrastructure as a service provides scalable and automated computer resources for monitoring, networking and storage. I will use this to create virtual servers to store data and monitor them virtually and configure network so that the users can use it safely and efficiently. Platform as a service allows developers to implement and deliver applications within the cloud environment. This will help the developers in my company to focus coding without worrying about the infrastructure. Software as a service is using the cloud-based software with a subscription. This is for the non-coding employees, cloud based software will allow them to access their work materials anywhere they want or on any devices as long as they have internet. They can use collaborative apps and work more effectively.

Caution with Saas

A personal device cannot access on-premise resources but if that device gets hacked, the hacker could open their cooperate email, access the saas applications on the device to steal or destroy the company data and if the employee uses the same password for their personal and work email, it can lead to compromise through brute force or password guessing.

Explain what the Multifactor Authentication (MFA) is and provide an example.

<p>Multi-Factor Authentication (MFA) adds an extra layer of security by requiring multiple forms of verification. For example, when you log into your corporate account, you may receive a one-time password on your mobile device that you need to enter in addition to your regular password. This makes it significantly harder for a hacker to compromise your account because they would need both your login credentials and access to your mobile device.</p> Signup and view all the answers

Explain what "Shadow IT" means and why it is problematic.

<p>Shadow IT refers to the use of software, applications, or services that are installed on organizational devices without the explicit approval or knowledge of the IT. The main issue is that the IT managers do not have the visibility to know how the employees are using them, which can lead to security vulnerabilities, data fragmentation, and loss of control over the technology environment.</p> Signup and view all the answers

What could be the threat and counter measurement when data is at rest on the user's device or on the server's on-premise hard-drive or cloud server?

<p>Threat: unauthorized or malicious process could read and modify the data. Counter measurement: file level or disk encryption.</p> Signup and view all the answers

What could be the threat and counter measurement when data is in transit?

<p>Threat: man-in-the-middle attack could read and modify the data. Counter measurement: SSL/TLS with valid certificate.</p> Signup and view all the answers

What are the top causes for the costliest data breach in an order?

<p>Malware, lack of trained employees, phishing and social engineering, targeted attack, ransomware, government sponsored attack</p> Signup and view all the answers

What is the process to perform a targeted attack?

<p>The attacker has a specific target in mind when he/she creates a plan of attack. During this phase, the attacker will spend a lot of time and resources to gather information to carry out the attack. The objective is to stay within the target's network for a long period of time and move around and compromise different systems until goal is met.</p> Signup and view all the answers

Explain the two metrics that evaluate the performance of the Red Team.

<p>Mean Time to Compromise (MTTC): This starts counting from the time the red team started the attack to the time they compromised the target. Mean Time to Privilege Escalation (MTPE): this starts the same point as the previous metric but goes until the target is fully compromised, that is until the red team has administrative privileges.</p> Signup and view all the answers

Explain the two metrics that evaluate the performance of the Blue Team.

<p>Estimated Time to Detection (ETTD) and Estimated Time to Recovery (ETTR)</p> Signup and view all the answers

What does the Blue Team do when the Red Team is able to breach the system?

<p>save evidence: it is important to save evidence during the incident so that you have information to analyze, justify and mitigate in the future. validate the evidence: not every single alert or evidence will lead to valid attempt to compromise. so when it does, it needs to be catalogued as indication of compromise (IOC). engage whoever is necessary: at this point, the blue team must know what to do with the ioc and which teams should be aware of this. Engage all relevant teams which may vary according to the organization. determine the urgency for the incident: sometimes the blue team must get involved with law enforcements, or they may need a warrant to perform further investigation. Scope the breach: At this point, the Blue Team has enough information to scope the breach. Create a remediation plan: The Blue Team should put together a remediation plan to either isolate or evict the adversary. Execute the plan: Once the plan is finished, the Blue Team needs to execute it and recover from the breach.</p> Signup and view all the answers

More Like This

Network Security Focus and Goals
3 questions
Aim of Computer Forensics Quiz
4 questions
Information Security Protection Goals
10 questions
Métricas de Seguridad
48 questions

Métricas de Seguridad

PlentifulMonkey avatar
PlentifulMonkey
Use Quizgecko on...
Browser
Browser