Cybersecurity Principles Quiz

Questions and Answers

What is the primary goal of the principle of confidentiality in cybersecurity?

To prevent unauthorized access to sensitive data (correct)

To collect as much data as possible for analysis

To ensure data is accessible by all users at any time

To maintain the integrity and accuracy of data during transmission

Which of the following cybersecurity certifications focuses specifically on ethical hacking?

CCNA

CISM

CISSP

CEH (correct)

Which cybersecurity safeguard is primarily concerned with the people aspect?

Encryption techniques

Training and awareness (correct)

Policies and practices

Technology tools

What are the three states of data within cybersecurity?

Data in transit, data at rest, data in process (D)

Which of the following best describes the concept of data integrity in cybersecurity?

Maintains the accuracy and reliability of data (C)

What is the primary focus of ISO 27001 within the ISO 27000 model?

Control objectives (C)

Which of the following is NOT part of the ISO 27000 model?

ISO 27006 (D)

What does the CIA in the CIA triad stand for?

Confidentiality, Integrity, Availability (C)

What is the purpose of the Cybersecurity Cube?

To represent the dimensions of cybersecurity (C)

Which type of malware is designed to trigger under certain conditions?

Logic bomb (A)

Which standard is primarily used in the credit card industry?

PCI DSS (D)

What does ISO 27004 focus on within the ISO 27000 family?

Verification of practices (B)

Which of the following models is considered a high-level framework for cybersecurity?

NIST CSF (C)

What constitutes Entity Integrity in a database?

Each table must have a unique identifier. (A)

Which of the following describes Domain Integrity?

It limits the values of data in a field. (B)

What is a primary key's role in a database?

To ensure each row of data is unique and identified. (B)

What type of integrity ensures security in the relationship between tables?

Referential Integrity (C)

Which strategy is NOT a measure to improve availability in a system?

SSH access limitation (A)

What does the Five Nines concept refer to in terms of availability?

99.999% uptime during peak periods. (C)

Which of the following is considered a threat to availability?

Natural disasters (C)

What is the purpose of validation rules in data entry?

To ensure data adheres to specified parameters. (A)

What is the primary function of ransomware in a cyberattack?

To encrypt user data and demand a ransom for decryption (C)

Which method is NOT commonly used in social engineering?

Dummy training (D)

What type of attack involves overwhelming a server with excessive traffic?

Denial-of-Service attack (B)

Which of the following best describes spyware?

Software that monitors and gathers information from the computer (D)

What tactic is used by attackers when they impersonate a trusted person to gain unauthorized access?

Impersonation (C)

Which type of phishing targets specific individuals, usually high-profile targets?

Whaling (A)

What does a keylogger do?

Record keystrokes to capture user information (D)

What is SEO poisoning in the context of cyber attacks?

Manipulating search engine results to elevate malicious sites (D)

Which of the following is considered a defensive measure against email and browser attacks?

User education on phishing (D)

What is the primary purpose of a rootkit in a cybersecurity context?

To conceal malicious activities from the user and system (D)

Which type of hacker is primarily motivated by ethical reasons and aims to report vulnerabilities?

White hat hacker (D)

What term is used for amateur hackers who typically use existing scripts to carry out attacks?

Script kiddies (A)

Which hacker category is characterized by acting without permission and may sometimes disclose their findings?

Grey hat hacker (D)

Which of the following is typically excluded from the category of ethical hackers?

Cyber criminals (D)

Which type of hacker is specifically known for targeting Linux systems?

Red hat hacker (A)

What is the main motivation for black hat hackers?

Personal gain (D)

Which type of hacktivist is generally considered organized and is classified as a cyber criminal?

State-sponsored hacker (D)

Which one of the following accurately describes a characteristic of grey hat hackers?

May operate illegally but disclose findings sometimes (B)

Which of these hacker types is primarily defined by legal compliance and ethical hacking?

White hat hacker (A)

Among the various categories of hackers, which one is specifically tied to ethical behavior?

White hat hacker (D)

What distinguishes organized hackers from other types of hackers?

They are usually motivated by activism or personal gain (A)

Which hacker type may operate in a legal grey area and is less predictable in their actions?

Grey hat hacker (A)

Which category of hackers could include individuals working for a government entity?

State-sponsored hackers (B)

What is the primary function of an Intrusion Detection System (IDS)?

To monitor network traffic passively (A)

Which disaster recovery strategy focuses on maintaining essential business functions during a crisis?

Business Continuity Plan (BCP) (D)

Which type of backup enables the restoration of a complete system or data?

Full backup (C)

What is the main security risk associated with WEP encryption?

It has vulnerabilities that render it easily hackable (A)

Which encryption method is commonly used for securing files on Windows systems?

BitLocker (B)

What essential feature must a system have to utilize a VPN effectively?

Encryption for data protection (C)

What is the role of Network Admission Control (NAC) in network security?

To allow only authorized users access to the network (B)

What is one of the primary functionalities of a Host Intrusion Detection System (HIDS)?

Monitor for suspicious activity on the host (D)

Which risk category does vandalism belong to in disaster contexts?

Human-caused disruptions (A)

What is the main purpose of patch management?

To update system security to prevent vulnerabilities (B)

Which of the following is a feature of mutual authentication?

Ensures both parties in a communication verify each other's identity (C)

Which type of filter is typically used to control email spam?

Email filter (B)

What is the main function of a disk cloning tool?

To create a complete copy of a system state or disk (A)

Which of the following is NOT a common physical security measure?

Drop-in voltage regulators (A)

Study Notes

Security Essentials - Images

• Images depict a keypad lock and a picture of a blank face with a security lock. The number 3944 is visible on the keypad lock.
• The images are associated with security measures.

Cybersecurity Criminals vs Specialists

• Cybercriminals are categorized as amateurs, hackers (ethical, vulnerability broker), organized hackers (hacktivists, cybercriminals, state-sponsored, terrorists), white hats and grey hats.
• Motives for cybercriminals include personal profit and illegal gain.

• Ethical hackers report vulnerabilities, grey hats compromise without permission sometimes disclosing, black hats act unethically to gain personal profit, red hats attack systems, and Blue hats test systems before launch.
  

Common Threats

• Threats target Internet Services (DNS, HTTP, databases, wireless access points, packet interception).
• Threats target key industry sectors including ICS, SCADA systems, and Smart meters (manufacturing, transportation, energy, communications).

Spreading Cybersecurity Threats

• Internal Threats: former employees, external contractors, or partners
• These individuals may have access to sensitive data or networks and pose a security risk.
• External Threats: amateurs, hackers, organized hackers and their tactics.
• External attacks often exploit vulnerabilities or knowledge of systems to gain access.

Vulnerability of Mobile Devices

• BYOD (Bring Your Own Device) management
• Lack of central control, updates, and software vulnerabilities.

The Internet of Things (IoT)

• IoT is the collection of technologies that enable the connection of various devices to the Internet. These devices include appliances, locks, motors, and entertainment devices.
• Managing and securing the data from these devices presents a growing challenge.

Big Data

• Data encompasses volume, velocity (speed of data), and variety (types of data).
• Data volume, velocity, and variety present challenges for storing, securing, and analyzing data.

Advanced Weapons

• Software vulnerabilities (bugs, protocol weaknesses, implementation errors) are often exploited by criminals.
• Criminals also use sophisticated attacks such as those categorized as Advanced Persistent Threats, which are targeted attacks, algorithm attacks that track system data, and trigger false alarms to select targets, overload the computer and attack vulnerable targets.

Broader Scope & Cascade Effect

• Network interconnections allow cascade effects, where vulnerabilities in one area cause problems in other areas.
• The impact of a cyberattack can be widespread, affecting multiple systems and organizations.

Safety Implications

• Cyberattacks can greatly disrupt services such as electricity, telephone, water, and traffic.

Creating More Experts

• US National Cybersecurity Workforce Framework: includes aspects of 'Operate and Maintain,' 'Protect and Defend', 'Investigate,' 'Collect and Operate,' 'Analyze,' 'Oversight and Development,' 'Securely Provision IT Systems'.
• Roles (operations and maintenance, security, investigation, data collection, analysis, oversight, and provision) provide support and security administration for systems, identifying and mitigating threats, and investigating cyber events.
• Certifications and training are necessary to address the growing need for experts in the industry to conduct cybersecurity work effectively, and a framework that helps in efficiently building and deploying secure IT systems.

Network Security Organisations

• ECS, MITRE, SANS Institute, ISC 2, ENISA are prominent organizations that develop training, certificates, organizations, and frameworks to help individuals advance their skills and roles in cybersecurity.

The Cybersecurity Cube (Three Dimensions)

• The three dimensions of the Cybersecurity Cube are Confidentiality, Integrity, and Availability (CIA triad).
• The cube model illustrates the different states of data.

Principles of Security

• Confidentiality ensures data secrecy.
• Integrity enforces data accuracy.
• Availability ensures data accessibility.

The States of Data

• Data in transit, data at rest, and data in process are the three states in which data exists.

Cyber Security Safeguards

• Data is needed to describe the physical, ethical, technology, and people-related aspects of cyber security, including data privacy and threats, and how to secure it.

Protecting Data Privacy

• Sensitive information (PII) requires protection. Organizational and business information also requires protection as well.

Laws and Liability

• Data integrity ensures data accuracy.
• Integrity is important so data is usable, reliable, and accurate.
• Legal and ethical frameworks for handling data need to be taken into account as well as who is and how data is dealt with.

Principle of Availability

• Data availability means access to data and services, which includes redundancy and fault tolerance, among other measures.

Types of Data Storage

• Includes Direct-attached storage (DAS), Network-attached storage (NAS), and storage area networks(SAN).
• Different methods to store data include Redundant Array of Independent Disks (RAID).

Methods of Transmitting Data

• Data transmissions include wired (ethernet, fiber optic) and wireless methods (WiFi, Bluetooth).

Challenges of Protecting Data in-Transit

• Risks involved with data transmission, including confidentiality, integrity, and availability.

Challenges of Protecting Data in-Process

• Risks involved in protecting data collection, modification, and output, including vulnerabilities in systems, and data manipulation through malicious code.

Cybersecurity Safeguards

• Use technology, policies and procedures, and employee training to safeguard data.

Implementing Cybersecurity Education and Training

• Awareness, procedures, training sessions, and continuous education to ensure relevant knowledge and skill to deal with fast-evolving technology and tactics.

Security Policies, Standards & Procedures

• Policies, standards, and procedures provide a framework for consistently ensuring security.

IT Security Framework

• The ISO 27000 family of standards provides a structured model for information security management.

Other Cybersecurity Models

• NIST SP 800-53, NIST CSF, CIS Controls, ITIL, PCI DSS are frameworks for guidance and management systems.

Cybersecurity Cube Overview

• The cybersecurity cube comprises confidentiality, integrity, and availability, crucial principles for data protection.
• It outlines various phases of data in transition, at rest, and during processing.
• The model describes different countermeasures to maintain security.

Malware and Malicious Code

• Malware encompasses various forms of malicious software including viruses, worms, logic bombs.
• Malware actions include causing disruption and enabling access to systems.

Email and Browser Attacks

• Spam is unsolicited email, often used for advertisement or the distribution of malware.
• Spyware collects user information.
• Phishing attempts to collect sensitive user information through fraudulent means (e.g., emails, websites, etc.) to gain access to accounts.
• Browser vulnerabilities (plugins) are attack points that could allow malicious software and code to be introduced.

Deception or Social Engineering

• Social engineering manipulates individuals rather than systems to gain access to information and/or systems
• Deception tactics include pretexting, quid pro quo, hoaxes, piggybacking, and social engineering tactics.
• Defending against these attacks requires awareness training and policies to prevent exploitation.

Attacks

• Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks flood a system, preventing authorized users from accessing it.
• Sniffing captures network traffic.
• Spoofing impersonates a legitimate entity to gain access.
• Zero-day exploits vulnerabilities unknown to vendors.

Wireless and Mobile Attacks

• Grayware, SMS phishing, Rogue access points, RF jamming, Bluetooth attacks (bluejacking, bluesnarfing) and WEP/WPA attacks (key capture) can target wireless and mobile devices in an organization.

Application Attacks

• Cross-site scripting (XSS) exploits website vulnerabilities.

Cybersecurity Models Overview

• Overview of various security frameworks and models like NIST SP 800-53, frameworks developed by the Center for Internet Security (CIS). ITIL, PCI DSS, and other relevant models/frameworks.

The Art of Protecting Secrets

• Covers encryption types (symmetric, asymmetric), algorithm types (block, stream), standards (3DES, IDEA, AES), key management, and cryptographic practices.

Digital Signatures

• Digital signatures authenticate and confirm the integrity of a message, comparable to a physical signature on a document

Certificates

• Certificates (X.509) verify the authenticity of entities on the network.

Multi-Tiered Certification Authorities

• Multi-layered approaches to certificate management
• Provides more trust and security for end-user interactions

Cipher Suite

• A combination of cryptographic algorithms (for key exchange, encryption, MAC).

Database Integrity Enforcement

• Ensuring the integrity of databases; aspects include rules, constrains, input controls, and measures to prevent security risks.

High Availability - Five Nines Concept

• Measurement of the availability of a system as a percentage.
• The goal is to minimize data losses and enhance system performance.

Measures to Improve Availability

• Methods for enhancing system availability, including asset identification, classification, standardization, and threat identification.

Risk Analysis

• Methods of analyzing and mitigating risk in an organization.

Defense in Depth

• Multiple layers of security to lessen the chance of a security incident

Redundancy

• Includes a backup system to prevent loss of data or system disruption that may be critical.

System Resiliency

• The ability of a system to maintain operations during an incident, attack, or disaster.

Incident Response

• Processes and procedures to manage and resolve security incidents in an appropriate manner. Includes various steps like containment, eradication, and post-incident analysis.

Disaster Recovery

• Methods for restoring a damaged organization's systems and operations, and the importance of DRPs and backup plans.

Operational System Security

• Methods for operational system security
• Includes operating systems, patches, and policies for security in a given system, and the ways to improve the security.

Secure Communication

• VPN, remote access, data encryption and protocols.

Hardening Wireless and Mobile

• Methods for enhancing wireless, mobile, and network security configurations.

Images and Content Control

• Filtering content on a website
• Disk cloning and deep freeze

Cables and Locks

• Protecting physical systems

GPS Tracking and RFID

• Methods to monitor and secure systems

Server Hardening

• Enhancing security in server configurations, including privileges, ports, services, logs, etc.

Securing Network Devices

• Protection of devices in the network

Network and Routing Services

• Operational components for networks such as DHCP, DNS, ICMP, NTP

Physical Access Control

• Control of access to physical locations
• Surveillance

Cybersecurity Domains

• Categorizes the different areas of a cybersecurity system (users, devices, LAN, clouds, physical facilities and applications)

User Domain

• Security awareness training, access control, software updates.

Device Domain

• User account policies, software updates, and acceptable use policy.

LAN Domain

• Secure wiring, access control, operating system & application patches.

Private Cloud Domain

• Network probing, access to resources, errors, and remote user data.

Public Cloud Domain

• Data breach, property loss.

Physical Facilities Domain

• Natural threats, unauthorized access, power issues and security breaches.

Understanding Ethics

• Ethical considerations in cybersecurity

Belgian Legislation

• Laws, regulations, and punishments for cybersecurity crimes.

GDPR/AVG and PCI DSS

• Compliance with data privacy regulations.

Additional notes

• These notes cover the core concepts and different aspects of security in detail, including details on practical applications and standards.

Description

Test your knowledge of key concepts in cybersecurity with this quiz covering confidentiality, ethical hacking, data integrity, and more. Ideal for those looking to enhance their understanding of cybersecurity principles and practices.