Cybersecurity threats and controls
10 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the main goal of a control or countermeasure in computer security?

  • To realize threats against vulnerabilities
  • To neutralize threats or close vulnerabilities (correct)
  • To promote malicious attacks
  • To increase risk of harm
  • What type of attack is intended to harm specific computers or users?

  • Vulnerability attack
  • Random attack
  • Malicious attack
  • Directed attack (correct)
  • What is the term used to describe a malicious computer security event?

  • Vulnerability
  • Risk
  • Threat
  • Attack (correct)
  • What is the term used to describe the possibility of harm occurring?

    <p>Risk</p> Signup and view all the answers

    What type of attackers are motivated by fun, challenge, or revenge?

    <p>Individuals</p> Signup and view all the answers

    What is the goal of attackers involved in organized crime?

    <p>To engage in fraud, extortion, and money laundering</p> Signup and view all the answers

    What is the link between computer security and terrorism?

    <p>Evident</p> Signup and view all the answers

    What occurs when a threat is realized against a vulnerability?

    <p>Harm occurs</p> Signup and view all the answers

    What type of attack can harm any computer or user?

    <p>Random attack</p> Signup and view all the answers

    What is the term used to describe a weakness that can be exploited by a threat?

    <p>Vulnerability</p> Signup and view all the answers

    Study Notes

    Dealing with Harm

    • Harm can be dealt with in several ways: preventing it, deterring it, deflecting it, mitigating it, detecting it, and recovering from its effects.

    Controls

    • Controls can be used simultaneously to deal with harm.
    • Controls can be grouped into three largely independent classes: physical, procedural (or administrative), and technical.

    Physical Controls

    • Physical controls stop or block an attack using tangible means, such as locks, guards, and fire extinguishers.

    Procedural or Administrative Controls

    • Procedural or administrative controls use commands or agreements that require or advise people how to act, such as laws, regulations, policies, procedures, guidelines, copyrights, patents, and contracts.

    Technical Controls

    • Technical controls counter threats using technology (hardware or software), including passwords, access controls, network protocols, firewalls, intrusion detection systems, encryption, and network traffic flow regulators.

    Vulnerabilities

    • Computer systems have vulnerabilities, such as weak authentication, lack of access control, errors in programs, finite or insufficient resources, and inadequate physical protection.
    • Each vulnerability can allow harm if paired with a credible attack.

    Threats

    • A threat to a computing system is a set of circumstances that has the potential to cause loss or harm.
    • Threats can be considered in two ways: what bad things can happen to assets and who or what can cause or allow those bad things to happen.

    Control Paradigm

    • A control or countermeasure is an action, device, procedure, or technique that removes or reduces a vulnerability.
    • A threat is blocked by control of a vulnerability.

    Types of Threats

    • Human errors can lead to harm, and malicious attacks can be random or directed.
    • Malicious attacks can be committed by individuals, organized groups, organized crime, and terrorists.

    Types of Attackers

    • Individuals may attack for fun, challenge, or revenge.
    • Organized, worldwide groups, organized crime, and terrorists may also attack.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Learn about the different ways to deal with harm from cybersecurity threats, including prevention, deterrence, deflection, mitigation, detection, and recovery. Understand the importance of controls in protecting against attacks.

    More Like This

    ICT Security Threats Level 6: Risk Management
    5 questions
    CH 13
    44 questions

    CH 13

    SafeSaturn9598 avatar
    SafeSaturn9598
    Use Quizgecko on...
    Browser
    Browser