Fundamental Security IX

Questions and Answers

Match the following security principles with their definitions:

Least privilege = User has only the access necessary for their duties Encryption = Converting readable data into encoded data Access controls = Regulating who can view or use resources Security-conscious culture = Promoting awareness and proactive behavior towards security

Match the following components with their descriptions:

Antivirus = Protects systems from malicious software Firewall = Monitors and controls network traffic Backup systems = Ensures data recovery in case of loss Intrusion detection system = Identifies unauthorized access attempts

Match the following consequences of weak security with their results:

Identity theft = Unauthorized access to personal data Fraud = Financial deception involving stolen information Data breach = Exposure of sensitive information Cyberbullying = Harassment through digital means

Match the following cybersecurity concepts with their purposes:

Data protection = Safeguarding sensitive data from unauthorized access Cybersecurity = Protecting computer systems and electronic data Risk management = Identifying and mitigating potential threats Incident response = Reacting to and managing a security breach

Match the following types of cyber threats with their examples:

Malware = Software designed to disrupt or damage systems Phishing = Fraudulent attempts to obtain sensitive information Ransomware = Malware that encrypts data for ransom Denial of service = Disabling a service to make it unavailable

Match the following encryption terms with their functions:

Ciphertext = Encoded data that is unreadable without a key Algorithm = Mathematical procedure for encryption/decryption Key = A piece of information that determines the output of an algorithm Plaintext = Readable data before encryption process

Match the following types of data with their protective measures:

Personal data = Protected by data privacy regulations Financial data = Secured through encryption and access controls Medical data = Privileged information that requires stringent security Private property information = Needs legal protection against unauthorized access

Match the following terms with their related security concepts:

Compliance = Meeting regulatory security standards Continuity = Ensuring operations during disruptions Integrity = Maintaining the accuracy and consistency of data Confidentiality = Ensuring information is accessible only to authorized users

Match the following cybersecurity threats with their definitions:

Phishing = Tricking users into giving up confidential information Ransomware = Locking a victim's computer by encryption Malvertising = Injecting malicious code into legitimate ads Exploit Kits = Toolkits for attacking system vulnerabilities

Match the following security concepts with their descriptions:

Confidentiality = Measures to prevent unauthorized access Integrity = Ensuring data accuracy and consistency Availability = Ensuring information is accessible to authorized parties Security Procedures = Practices to protect an organization's systems

Match the following types of IT security policies with their focus areas:

Organizational Policy = Company-wide digital infrastructure policies Issue-specific Policy = Policies focused on specific security issues Data Classification = Categorizing data based on sensitivity Security best practices = Regularly updating security measures

Match the following actions with their corresponding security principles:

Classifying data = Identifying potential damage from unauthorized access Maintaining hardware = Ensuring accessibility of information for users Reviewing procedures = Staying current with evolving threats Implementing measures = Establishing data protection protocols

Match the following cybersecurity methods with their goals:

Phishing Attacks = To trick users into revealing information Ransomware Attacks = To hold data hostage until payment is made Exploit Kits = To target and exploit system vulnerabilities Malvertising Techniques = To spread malware through ads

Match the following cybersecurity terms with their characteristics:

Malvertising = Uses advertisements to distribute malware Ransomware = Prevents access to files until a ransom is paid Phishing = Utilizes social engineering tactics Exploit Kits = Contains tools for exploiting vulnerabilities

Match the following concepts with their relevance in information security:

Security Procedures = Best practices for threat prevention Confidentiality = Privacy measures for sensitive information Integrity = Protection against unauthorized data changes Availability = Reliability of information access

Match the security measures with their descriptions:

Multi-Factor Authentication = Requires two or more verification factors for access Strong Password Policies = Enforces strong, unique passwords that are regularly changed Password Managers = Reduce the risk of password reuse Antivirus Software = Detects, prevents, and removes viruses and malware

Match the types of authentication with their examples:

SMS/Email Codes = Verification through text or email Fingerprint Verification = Biometric authentication using fingerprints Voice Verification = Authentication via voice recognition Face Verification = Biometric authentication using facial recognition

Match the types of malware with their definitions:

Viruses = Malicious software aimed at destroying systems and data Worms = Self-replicating malware that spreads across networks Botnets = Collection of infected devices controlled by malware Drive-By Download Attacks = Malicious code downloaded without user knowledge

Match the security threats with their descriptions:

Insider Threat = Authorized individuals misusing access to data Security Threat = Malicious acts aiming to corrupt or steal data Security Event = Occurrence involving potential exposure of data Drive-By Download = Malicious code downloaded without user consent

Match the benefits of antivirus software with their functions:

Block pop-ups = Prevents annoying and dangerous pop-ups Protect external devices = Safeguards devices connected externally Scan systems = Real-time scanning of systems and devices Block scam sites = Prevents access to fraudulent websites

Match the components of a strong password with their requirements:

At least one letter = Password must include alphabetic character At least one capital letter = Password should contain an uppercase letter At least one number = Password must include a numeric character Minimum length requirement = Password must meet a predefined length

Match the types of information security with their focus areas:

Data Integrity = Ensures data remains accurate and reliable Data Confidentiality = Protects data from unauthorized access Data Availability = Ensures data is accessible when needed Network Security = Protects networks from malware and threats

Match the types of security software with their purposes:

Antivirus Software = Defends against malware and viruses Firewall = Blocks unauthorized access and threats Antimalware Software = Detects and removes a broader range of malware VPN = Encrypts internet traffic and protects privacy

Match the following IT security policies with their descriptions:

Password Management Policy = Requires unique and strong passwords Acceptable User Policy = Describes proper ways to use technology Backup Policy = Follows the 3-2-1 rule for data protection Preventive Maintenance Policy = Aims to prevent equipment failure before it occurs

Match the preventive maintenance types with their characteristics:

Time-Based Maintenance = Scheduled at regular intervals Condition-Based Maintenance = Scheduled based on equipment condition Predictive Maintenance = Uses data analysis for maintenance timing Reactive Maintenance = Performed after equipment fails

Match the elements of the 3-2-1 backup rule:

Three Copies of Data = Keep multiple backups Two Different Media Types = Utilize various storage mediums One Off-Premises Backup = Store data in a separate location Regular Backup Schedule = Routine intervals for backup tasks

Match the benefits of preventive maintenance with their outcomes:

Increased Equipment Life = Reduces need for costly repairs Enhanced Safety = Maintains high safety levels for employees Operational Efficiency = Keeps systems running smoothly Disruption Minimization = Ensures minimal operational interruptions

Match the terms related to password management:

Strong Passwords = Difficult to guess or brute-force Password Change Policy = Outlines how to securely update passwords Unique Passwords = Each account should have a different password Multi-Factor Authentication = Adds a layer of security to password use

Match the common preventive maintenance tasks with their purposes:

Regular Cleaning = Removes dust and debris from equipment Lubrication = Reduces wear on moving parts Replacing Parts = Ensures optimal performance Equipment Repairs = Addresses existing issues to prolong life

Match the challenges of implementing security policies with their solutions:

User Compliance = Training and awareness programs Policy Updates = Regular reviews and revisions Data Accessibility = Controlled access methodologies Incident Response = Clear protocols and communication plans

Match the preventive maintenance program benefits with their impacts:

Avoid Large Repairs = Saves costs over time Maintain Asset Efficiency = Increases productivity Enhance Safety Standards = Reduces accidents and injuries Prevent Unexpected Downtime = Improves operational reliability

Match the following steps in troubleshooting network security with their descriptions:

Identify problem = Gather information about symptoms and affected devices Isolate cause = Eliminate possible sources of the problem one by one Implement a solution = Resolve the problem and restore network security Document process = Record the details of the problem and its solution

Match the following components of a phishing attack with their actions:

Verify the email = Check for signs of phishing like poor grammar Check for user interaction = Determine if the user clicked any links Block the source = Use filtering tools to prevent future attempts Phishing attack detected = User reports receiving a suspicious email

Match the disadvantages of preventive maintenance with their explanations:

Upfront costs = Requires initial investment in resources and training Possible over-maintenance = Maintenance more frequent than necessary Resource allocation = Can divert resources from other critical areas Scheduling conflicts = May interfere with normal operations or production

Match the type of security issue with the appropriate response:

Unusual behavior = Run security scans for threats Unauthorized access = Review access logs for suspicious activity Reset passwords = Change immediately if credentials are compromised Check firewall settings = Ensure software is up to date

Match the troubleshooting steps with their order:

First = Identify the problem and its scope Second = Isolate the cause of the problem Third = Implement a solution Fourth = Verify the results of the solution

Match the network security maintenance functions with their purposes:

Troubleshooting = Identifying issues like unusual behavior Security scans = Detecting threats in the network Access logs review = Monitoring for suspicious activity Password resets = Protecting against unauthorized access

Match the terms related to preventive maintenance with their implications:

Initial investment = Can be daunting for small businesses Over-maintenance = Leads to wasted time and resources Training programs = Essential for effective maintenance execution System setup = Involves proper resource allocation and planning

Match the response to a detected phishing attack with the corresponding action:

Ask user to forward email = Verify the email for signs of phishing Find out user actions = Check if links were clicked or credentials entered Use filtering tools = Block the sender’s domain or email address Change passwords = Immediately if credentials were compromised

Match the maintenance type with its description:

Condition-Based Maintenance (CBM) = Maintenance performed when specific indicators show signs of decreasing performance Predictive Maintenance (PdM) = Uses condition-monitoring tools to track performance and condition Preventive Maintenance = Scheduled maintenance to prevent unexpected equipment failures Challenges of Preventive Maintenance = Drawbacks or challenges associated with scheduled maintenance

Match the maintenance benefits with their descriptions:

Reduced Downtime = Prevents unexpected equipment failures that disrupt operations Extended Equipment Life = Prolongs the life of machinery through regular servicing Cost Savings = Saves money by preventing expensive emergency repairs Improved Safety = Less likelihood of malfunctions that endanger users

Match the maintenance strategy with its execution timing:

Condition-Based Maintenance (CBM) = Performed based on actual asset conditions Predictive Maintenance (PdM) = Executed when thresholds or parameters are breached Preventive Maintenance = Scheduled on a regular basis regardless of equipment state Preventive Maintenance Challenges = Understanding the potential drawbacks of scheduled maintenance

Match the examples with their respective maintenance types:

Monitoring vibration in bearings = Predictive Maintenance (PdM) Regular inspection of critical equipment = Preventive Maintenance Scheduled based on condition indicators = Condition-Based Maintenance (CBM) Checking for thermal hotspots = Predictive Maintenance (PdM)

Match the maintenance terms with their characteristics:

Condition-Based Maintenance (CBM) = Proactive maintenance strategy Predictive Maintenance (PdM) = Utilizes monitoring tools and analysis Preventive Maintenance = Aims to avoid breakdowns through routine checks Challenges of Preventive Maintenance = Factors that may hinder its effectiveness

Match the maintenance advantages with their impact:

Increased Efficiency = Ensures optimal output and energy savings Cost Savings = Reduces long-term maintenance expenditures Improved Safety = Minimizes risk of accidents and equipment failure Extended Equipment Life = Enhances longevity of machinery and equipment

Match the following maintenance strategies with their approach:

Condition-Based Maintenance (CBM) = Relies on performance indicators Predictive Maintenance (PdM) = Anticipates maintenance needs based on data Preventive Maintenance = Follows a pre-established schedule Challenges of Preventive Maintenance = Examines potential limitations of scheduled practices

Match the type of maintenance with its requirement:

Condition-Based Maintenance (CBM) = Requires constant monitoring of equipment Predictive Maintenance (PdM) = Needs specific tools to assess performance Preventive Maintenance = Demands regular scheduling of inspections Challenges of Preventive Maintenance = Needs awareness of potential issues in execution

Flashcards

Information Security

Protecting data and systems from threats and vulnerabilities.

Least Privilege

Giving users only the access needed to do their job.

Encryption

Converting data into a secret code to protect it.

Access Controls

Rules for who can see and change information.

Cybersecurity

Protecting computer systems and data from attacks.

Data Protection

Protecting sensitive information from unauthorized access.

Cyberattack

An attack on computer systems to cause harm.

Cryptography

Using math and codes to secure information.

Antivirus Software

A program that detects, prevents, and removes viruses and malware from your devices.

Firewall

A security system that acts as a barrier between your computer and the internet, blocking unauthorized access.

Multi-Factor Authentication

An extra layer of security that requires you to provide two or more pieces of information to access a system.

Strong Password Policy

Rules that make your password stronger and harder to guess, using a unique combination of letters, numbers, and symbols.

Security Threat

A malicious act that aims to steal data, disrupt systems, or harm an organization.

Insider Threat

A threat from someone inside an organization who has unauthorized access and uses it to harm the company.

Viruses and Worms

Types of malware that can harm your computer systems, data, and network.

Botnet

A group of infected computers controlled by a hacker, used for malicious activities.

Phishing Attack

A type of online scam using social engineering to trick users into revealing sensitive information like passwords or credit card details.

Ransomware

A type of malware that locks your computer or encrypts your data, demanding a ransom payment for access.

Exploit Kit

A set of tools used by cybercriminals to exploit vulnerabilities in software and distribute malware.

Malvertising

Concealing malicious code within legitimate online advertising networks to infect users.

Security Procedures

Guidelines designed to protect an organization's systems and data from threats.

Confidentiality

Measures to prevent unauthorized access to sensitive information, keeping it private.

Data Integrity

Ensuring data remains accurate, reliable, and unchanged throughout its lifecycle, preventing tampering.

Data Availability

Making sure authorized users can access information consistently and easily.

System-Specific Policy

A policy protecting only a specific system, like a company website's backend, granting access only to authorized individuals.

Acceptable User Policy

Guidelines for using computers, internet, social media, email, and sensitive data, emphasizing responsible access and usage.

Regular Backup Policy

A plan for creating and storing multiple data copies on diverse media, including off-site backups for disaster recovery.

3-2-1 Rule

A backup strategy: three data copies, two different media types, one copy off-site.

Preventive Maintenance

Regular tasks like cleaning, lubrication, repairs, and part replacement, focused on preventing equipment failure and accidents.

Time-Based Maintenance (TBM)

Scheduling preventive maintenance tasks at set time intervals, like every 10 days.

Importance of Preventive Maintenance

Foundation for successful facility management, ensuring equipment efficiency, employee safety, and cost savings by preventing major repairs.

Condition-Based Maintenance (CBM)

A proactive maintenance strategy where equipment is monitored for signs of wear and tear. Maintenance is only performed when indicators suggest a potential issue.

Predictive Maintenance (PdM)

Uses tools and techniques to monitor equipment performance and predict potential failures. Maintenance is scheduled before problems arise.

Preventive Maintenance Advantages

Regular maintenance offers benefits such as reduced downtime, extended equipment life, cost savings, improved safety, and increased efficiency.

Reduced Downtime

Scheduled maintenance prevents unexpected equipment failures, minimizing disruption to operations.

Extended Equipment Life

Regular servicing and care prolong the lifespan of machinery and equipment.

Cost Savings

Though there are upfront costs, preventive maintenance saves money in the long run by preventing expensive emergency repairs.

Improved Safety

Well-maintained equipment is less likely to malfunction, reducing risks to workers and users.

Increased Efficiency

Regular maintenance ensures equipment operates at peak performance, often resulting in better output and energy savings.

What is the first step in troubleshooting network security?

Identifying the problem and its scope. This includes gathering information about the symptoms, affected devices or users, network topology, security policies, and protocols.

What's the second step in network security troubleshooting?

Isolating the cause of the problem by eliminating potential sources one by one.

What's the third step in network security troubleshooting?

Implementing a solution that resolves the problem and restores network security.

What's the fourth step in network security troubleshooting?

Verifying the results of the solution and ensuring the problem is solved and network security is restored.

What's the final step in network security troubleshooting?

Documenting the process and outcome, including details of the problem, cause, solution, and results.

How do you verify a phishing email?

Check for signs like poor grammar, unfamiliar email addresses, or URLs that don't match the legitimate domain.

What's the next step after verifying a phishing email?

Determine if the user clicked on any links or entered credentials.

How do you protect against future phishing attempts?

Use email filtering tools to block the sender's domain or email address.

Study Notes

Fundamental Security IX

• Information security is critical in today's digital world. Adopting fundamental principles like least privilege, encryption, access controls, and a security-conscious culture is essential to protect against threats and maintain data privacy, integrity, and availability.
• A secure information system is fundamental to building a secure information system and protecting sensitive data from threats and vulnerabilities.
• A secure information system relies on several essential components and must be designed to address various security threats and vulnerabilities.
• Cybersecurity consists of technologies that keep computer systems and electronic data safe. Business and social lives are increasingly online.
• Data protection safeguards personal data, financial data, medical and private property for unauthorized access.
• Without security measures, sensitive data can be stolen, leading to identity theft, fraud, and exposure of sensitive information.
• Cyberattacks and data breaches expose private information, which can be used for blackmail, discrimination, cyberbullying, or to invade personal privacy. Strong security protects personal privacy.
• Securing communication and information involves mathematical techniques and algorithms to protect data from unauthorized access and tampering.
• Encryption converts readable data (plaintext) into coded data (ciphertext) using an algorithm and a key.

Examples of Security

• Antivirus programs detect, prevent and remove malicious software, playing a critical role in protecting systems from threats.
• Firewalls act as the first line of defense by monitoring and controlling incoming and outgoing network traffic based on security rules.

Reasons to Use Antivirus Software

• Detecting, preventing, and removing viruses and malware that damage devices.
• Blocking annoying and dangerous pop-ups.
• Scanning systems and devices in real-time.
• Protecting external devices.
• Blocking scam sites.
• Making devices faster.

Types of Authentication

• SMS/Email codes
• Password
• Fingerprint
• Face Verification
• Voice

Strong Password Policies

• Passwords must have at least one letter.
• Passwords must have at least one capital letter.
• Passwords must have at least one number.

Security Threats

• A security threat is a malicious act that aims to corrupt or steal data, or disrupt systems, or entire organizations.
• A security event is an occurrence where a company's data or network may have been exposed.
• Insider threats occur when authorized individuals misuse their access to negatively affect critical data or systems.
• Viruses and worms are malicious software programs aimed at destroying systems, data, and networks.
• Botnets are collections of infected Internet-connected devices (Pcs, mobile devices, servers, and IoT devices) remotely controlled by malware.
• In a drive-by download attack, malicious code is downloaded from a website without user permission or knowledge.
• Phishing attacks employ social engineering to trick users into breaking security practices and giving up confidential information.
• Ransomware attacks lock victims' computers, typically by encryption, preventing access to the device or data.
• Exploit kits are toolkits used by cybercriminals to attack system vulnerabilities, distributing malware or performing malicious activities.
• Malvertising is a technique to inject malicious code into legitimate online advertising networks and web pages.

Types of IT Security Policies

• Organizational policies create company-wide blueprints for digital infrastructure policies.
• Issue-specific policies address specific issues such as who can make configuration changes to firewalls.
• System-specific policies protect particular systems such as a company's website backend, ensuring only authorized access.

Most Effective IT Security Policies

• Strict password management policies are essential for accessing important systems. These policies involve unique, strong passwords and guidelines for changing them securely.
• Acceptable user policies describe the appropriate use of computers, the internet, social media, email servers, and sensitive data.
• Follow the 3-2-1 rule for backup: maintain 3 copies of data, save on 2 different media, and store one backup off-premises for disaster recovery.

Common Preventive Maintenance Techniques

• Regular cleaning, lubrication, part replacement, and equipment repair.
• Scheduling requirements differ depending on the maintained equipment.
• The goal is to prevent equipment failure and reduce accidents.

Importance of Preventive Maintenance

• Lays the foundation for successful facility management.
• Keeps equipment and assets running smoothly.
• Maintains a high safety level for employees.
• Prevents large, costly repairs.
• Minimizes operational disruptions

Types of Preventive Maintenance

• Time-based maintenance (TBM) tasks are scheduled at set intervals e.g. every 10 days.
• Examples include regular inspections, critical equipment checks.
• Condition-based maintenance (CBM) monitors asset condition and proactively schedules maintenance tasks based on specific indicators.
• Examples include when vibrations reach a certain threshold, or thermal hotspots.
• Predictive maintenance (PDM) uses condition-monitoring to track equipment and performance. Maintenance is performed when thresholds are breached (i.e. monitoring vibration in bearings or checking for thermal hotspots).

Troubleshooting Network Security

• Identify the Problem: Gather information on symptoms, affected devices, network topology, and security policies.
• Isolate the Cause: Eliminate possible sources of the problem one-by-one.
• Implement a Solution: Apply a solution that resolves the problem and restores network security.
• Verify the Result: Ensure the solution has resolved the problem and network security is restored.
• Document the Process: Document the entire troubleshooting process, including problem details, cause, solution, and results.

Phishing Attack Detected

• Problem: User reports receiving a suspicious email asking for login credentials or financial information.
• Verification Steps: Ask the user to forward the email, check for phishing signs (grammar, unfamiliar email addresses, URLs), find out if user clicked any links, change the password immediately.
• Block the Source: Block the sender's domain/email address to prevent future phishing attempts.
• Monitor for Compromise: Check for unusual user activity, run antivirus/malware scans on affected machines.
• Educate the User: Provide security awareness training for future phishing attempts.

Confidentiality, Integrity, and Availability (CIA)

• Confidentiality: measures prevent sensitive information from unauthorized access. Data classification groups based on potential damage if compromised.
• Integrity: maintaining data consistency, accuracy, and trustworthiness throughout its lifecycle. Ensuring data can't be altered.
• Availability: Ensuring authorized parties have consistent and ready access to information, properly maintaining hardware and technological infrastructure.