Introduction to Cyber Security Concepts

Questions and Answers

What is cyber security?

• It is the collection of technologies, standards, policies and management practices that are applied to digital information to keep it secure (correct)
• It is only using technology to keep digital information secure
• It is just using the best policy to keep digital information secure
• None of the above

Why is cyber security important?

• Many organisations who are still using offline payment systems are depending on cyber security
• Due to hype in the media about cyber security
• The threats from traditional brick and mortar criminals are on the rise
• In today's high technology environment, organisations are becoming more and more dependent on their information systems (correct)

What are the three basic cyber security concepts?

• Confidentiality, Integrity and Access
• Consideration, Integrity, and Availability
• Confidentiality, Integrity, Availability (correct)
• None of the above

If you visit an organization's website and find that you can view sensitive files, it is still considered a cyber security breach.

True (A)

Verifying that users are who they say they are and that each input arriving at the system came from a trusted source is referred to as?

Authenticity (A)

List the three stages in the plan-protect-respond cycle.

Planning, protection, and response (A)

In the plan, protect and respond cycle, which stage consumes the most time?

Planning (C), Protection (A)

How is protection defined?

All of the above (D)

How is the response defined?

Response is defined as recovery according to plan (A)

Why is there a need to understand the cyber security threat landscape?

We will not be able to defend as we will not know how the attackers operate (A)

Automation, speed and action at a distance are adding to online attacks.

True (A)

Most obvious reasons for cyber security attacks are:

All of the above (E)

The fabrication of information that is purported to be from someone who is not actually the author is called?

Spoofing (C), Masquerading (A)

Malware is a generic term for 'evil/malicious software'.

True (A)

Distinguish between viruses and worms.

Virus needs a host program while worms are full programs and don’t need a host program (A)

The interruption or degradation of a data service or information access is called?

Denial of service (A)

How do most viruses spread between computers today?

Mostly via email messages, but also through thumb drives, file sharing programs, downloading infected programs from a malicious website, social networking sites. (A)

What is a Logic Bomb?

Malicious codes that execute when a certain predefined event occurs (B)

Flashcards are hidden until you start studying

Study Notes

What is Cyber Security?

• Cyber security is the combination of technologies, standards, policies, and management practices used to protect digital information.

Why is Cyber Security Important?

• Organizations increasingly rely on information systems in today's technological environment.

Basic Cyber Security Concepts

• Confidentiality: Protecting information from unauthorized access.
• Integrity: Ensuring information remains accurate and unaltered.
• Availability: Guaranteeing access to information when needed.

Cyber Security Breach

• Accessing sensitive files on a web server, even unintentionally, constitutes a cyber security breach.

Authenticity

• Verifying the identity of users and the origin of information.

Plan-Protect-Respond Cycle

• Planning: Developing strategies and procedures for cyber security.
• Protection: Implementing measures to mitigate threats.
• Response: Recovering from incidents and mitigating damage.

Stages in the Plan-Protect-Respond Cycle

• The planning stage usually consumes the most time.

Protection

• Protection involves creating operational procedures and countermeasures based on plans.
• It includes using technologies and policies to safeguard against attacks.

Response

• Response involves recovering from incidents according to predefined plans.

Understanding the Cyber Security Threat Landscape

• Understanding the methods and tactics of attackers is crucial for effective defense.

Increased Online Attacks

• Automation, speed, and remote access contribute to the increase in online attacks.

Reasons for Cyber Security Attacks

• Motivation for attacks typically includes privacy violations, criminal activities, publicity seeking, or legal disputes.

Masquerading

• Creating fabricated information attributed to someone who is not the actual author.

Malware

• A general term encompassing malicious software.

Viruses and Worms

• Viruses require a host program to spread, while worms are self-contained and do not need a host.

Denial of Service

• Interruption or degradation of data services or information access.

Virus Spread

• Viruses commonly spread through email messages, thumb drives, file-sharing programs, infected downloads from malicious websites, and social networking sites.

Logic Bomb

• Malicious code designed to execute when specific predetermined events occur.