Information Security and IoT Overview

Questions and Answers

What is a primary function of Internet of Things (IoT)?

• Prevent data from being accessed over the Internet
• Reduce the number of networked devices
• Enhance offline data processing capabilities
• Connect personal devices, home devices, and vehicles to the Internet (correct)

Which of the following best describes a vulnerability in the context of information security?

• A weakness that allows a threat to affect an asset (correct)
• An external force that could harm an asset
• The effect of a harmful action on an asset
• A potential threat that can damage an asset

What does the term 'risk' imply in information systems security?

• The exposure level to an event affecting an asset (correct)
• The likelihood of a threat successfully damaging an asset
• The amount of damage a threat can cause
• A specific weakness that leads to system failures

Who is deemed responsible for ensuring data security?

Every organization needing to protect its data (A)

In information systems security, how is 'security' defined?

Being free from danger or risk (D)

What role do compliance laws and regulations play in information systems security?

They drive the need for implementing security protocols. (D)

Which statement best describes information system security?

Processes that protect data and the information system. (B)

What is one major consequence of the IoT in terms of cybersecurity?

Increased data available for theft (B)

What is a common threat related to unauthorized access through the LAN-to-WAN domain?

Denial of service attacks (A)

Which of the following vulnerabilities can arise from configuration file errors?

Firewall bypass (C)

Which method is NOT a responsibility in ensuring WAN security?

Maintaining server uptime (A)

What is a significant risk associated with most Internet traffic being sent as cleartext?

Eavesdropping risk (C)

Which of the following is a potential consequence of downloading unknown file types from unfamiliar sources?

Malware infection (C)

What attack strategy involves overwhelming a network to disrupt service availability?

SYN flooding (B)

What type of malware is specifically designed to steal sensitive information via email?

Trojan horses (B)

What is a significant threat posed by commingling of WAN IP traffic?

Increased risk of data breaches (B)

What is considered the weakest link in the security of an IT infrastructure?

Human behavior (C)

What strategy is NOT recommended for reducing risk in IT security?

Ignore background checks for new employees (B)

What defines a course of action that applies to an entire organization in IT security?

IT security policy (C)

Which of the following is an aspect of the growing demand for systems security professionals?

Increasing online human behavior issues (B)

What core responsibility falls under the Remote Access Domain?

Maintaining, updating, and troubleshooting remote access connections (B)

What action should be regularly performed to maintain effective IT security?

Evaluate staff regularly (A)

Which of the following is a common threat in the Remote Access Domain?

Brute-force user ID and password attacks (D)

What is a potential negative consequence of a data breach?

Downtime of IT systems (C)

What is a primary role of the System/Application Domain?

Secure mission-critical applications and intellectual property (C)

Which of the following is NOT a part of the acceptable use policy defined by the U.S. government and IAB?

Mandating adherence to privacy regulations (B)

What is a common problem faced when recovering from server downtime after a disaster?

Loss of backed-up data (B)

Which of the following does NOT represent a responsibility of the System/Application Domain?

Developing mobile applications (B)

What type of monitoring is essential for the Remote Access Domain?

SNMP alarms and 24/7 security monitoring (B)

Which common threat involves unauthorized attempts to gain access by repeatedly inputting credentials?

Multiple logon retries and access control attacks (C)

Who is accountable for ensuring compliance with security policies within the System/Application Domain?

Admins of the System/Application Domain (C)

Which of the following can lead to a violation of data classification standards in remote access settings?

Data leakage during remote access (D)

Which of the following correctly describes cryptography?

The practice of hiding data from unauthorized users. (D)

What is ciphertext?

The scrambled data resulting from the encryption process. (C)

Which metric measures the total uptime relative to both uptime and downtime?

Availability (D)

If a system's data is lost, which term refers to the maximum acceptable amount of data loss in time?

Recovery Point Objective (RPO) (C)

Which of the following is NOT a way to measure availability?

Mean time between transactions (A)

What role do users have in a typical IT infrastructure?

Users have access based on their defined roles and tasks. (A)

Which of the following is a key characteristic of encryption?

It converts cleartext into a secure format. (C)

Which of the following terms refers to the total time users can access a system?

Uptime (B)

Flashcards are hidden until you start studying

Study Notes

Internet of Things (IoT)

• Connects personal, home devices, and vehicles to the Internet.
• Creates more potential data for theft.
• Cybersecurity is a national security responsibility.

Threats, Risks, and Vulnerabilities

• Risk: Level of exposure to a damaging event.
• Threat: Action that could damage an asset, natural or human induced.
• Vulnerability: Weakness that allows a threat to have an effect on an asset.

Information Systems Security

• Consists of hardware, operating systems, and applications.
• Security means being free from danger or risk.
• Involves safeguarding systems and data.

Tenets of Information Security: Confidentiality

• Protects private data of individuals, intellectual property, and national security.
• Cryptography: Practice of hiding data from unauthorized users.
• Encryption: Transforms data from cleartext into ciphertext.
• Ciphertext: Scrambled data resulting from encryption.

Tenets of Information Security: Integrity

• Maintains data accuracy.

Tenets of Information Security: Availability

• Measures how much time users can access systems, applications, and data.

Availability Time Measurements

• Uptime: Time when a system is operational.
• Downtime: When a system is not operational.
• Availability: Calculated by (Total Uptime) / (Total Uptime + Total Downtime).
• Mean Time To Failure (MTTF): Average time a system operates between failures.
• Mean Time To Repair (MTTR): Average time to fix a failed system.
• Mean Time Between Failures (MTBF): Average time between failures, including repair time.
• Recovery Point Objective (RPO): Max amount of data allowed to be lost in a disaster.
• Recovery Time Objective (RTO): Maximum amount of time acceptable for a system to be down after a failure.

Seven Domains of a Typical IT Infrastructure

• User Domain
• WAN Domain
• Remote Access Domain
• System/Application Domain
• LAN-to-WAN/Internet Domain
• Data Domain
• Security Domain

User Domain

• Roles and tasks: User access to systems, applications, and data based on their role.
• Threats: Unauthorized access, denial of service (DoS) attacks, distributed denial of service (DDoS) attacks, vulnerabilities in network equipment, configuration errors, data download, unknown file attachments, and lost productivity from web browsing.

WAN Domain

• Roles and tasks: Allows users access while ensuring data security.
• Responsibilities: Maintaining physical and logical components.
• Accountability: Ensuring compliance with security policies, standards, and guidelines.

Common Threats in the WAN Domain

• Open and public data.
• Vulnerable to eavesdropping.
• Vulnerable to malicious attacks.
• Vulnerable to DoS and DDoS attacks, TCP synchronize (SYN) flooding, and IP spoofing attacks.
• Vulnerable to information corruption.
• Insecure TCP/IP applications.
• Trojans, worms, and malware.

Common Threats in the WAN Domain: Connectivity

• Commingling of WAN IP traffic.
• Maintaining high WAN service availability.
• Maximizing WAN performance and throughput.
• Malicious use of Simple Network Management Protocol (SNMP) applications and protocols.

Remote Access Domain

• Roles and tasks: Allows mobile users to connect to IT systems over the internet.
• Responsibilities: Maintaining and troubleshooting remote connections..
• Accountability: Ensuring compliance with security standards and guidelines.

Common Threats in the Remote Access Domain

• Brute-force user ID and password attacks.
• Multiple logon retries and access control attacks.
• Unauthorized remote access.
• Private or confidential data compromise.
• Data leakage.
• Stolen laptops or authentication tokens.

System/Application Domain

• Roles and tasks: Includes hardware, software, applications, and data; secures mission-critical applications and intellectual property.
• Responsibilities: Server systems administration, database management, and design.
• Accountability: Ensuring compliance with security standards and guidelines.

Common Threats in the System/Application Domain

• Unauthorized access to data centers and infrastructure.
• Data breach.
• Data corruption or loss.
• Backup media reuse and loss.
• Recovery difficulties.
• Prolonged IT system downtime.

Weakest Link in IT Security: Humans

• People are often the source of security breaches.
• Strategies to reduce risk: Background checks, regular employee evaluations, access rotation, application testing, security plan review, and security audits.

Ethics and the Internet

• Digital behavior can be less mature than in real-life settings.
• High demand for systems security professionals.
• U.S. government and Internet Architecture Board (IAB) defined a policy regarding acceptable Internet use, but it's not a law.
• Systems security professionals are responsible for ethical conduct.

IT Security Policy Framework

• Policy: A short written statement defining a course of action for an organization.
• Standard: Detailed specification of rules, processes, or procedures.
• Procedure: Step-by-step instructions for executing a policy or standard.
• Guideline: Recommended practices or suggestions.
• Baseline: Common security configuration used as a starting point.