Introductory IC-02 Information Security

Questions and Answers

What does CIA stand for?

• Confidentiality, Instruction, Availability
• Control, Integrity, Availability
• Confidentiality, Integrity, Availability (correct)
• Confidentiality, Integrity, Access

What is confidentiality?

The act of sharing or revealing information only to authorized personnel.

What is integrity in the context of information security?

The ability to ensure the reliability, consistency, and accuracy of information.

What does availability refer to in information security?

Ensuring data or services are accessible to authorized users.

What is a vulnerability?

A flaw, breach, or weakness in software or hardware of a computer system.

What are some causes of vulnerabilities?

Human Factor, Misconfigurations, Complexity, Connectivity, Unsuitable Security Policies, Lack of validation of input.

How is the term 'human factor' related to cybersecurity?

Considered the weak link in the cybersecurity chain.

What is misconfiguration in cybersecurity?

A common cause of vulnerabilities within applications and settings.

How does complexity increase vulnerabilities?

The probability of vulnerabilities increases in large organizations with complex systems.

What does connectivity refer to in the context of vulnerabilities?

Physical connection options, open port protocols, and available services.

What are unsuitable security policies?

Security policies that are not strong enough to prevent unauthorized access.

What can lack of validation of input lead to?

Numerous critical vulnerabilities.

What are vulnerability assessments?

The process of defining, identifying, classifying, and prioritizing vulnerabilities.

What is hacking?

The process of exploiting or identifying weaknesses in a network or system.

Who is a hacker?

A person capable of manipulating a system for a different purpose.

What skills are important for hackers?

Linux, Windows, Networking, Programming, Security Mechanisms, Web Applications, Analytical Thinking, Hardware.

What defines unethical hackers?

They operate for personal or financial gain at the expense of others.

What do ethical hackers do?

They use their skills for legitimate purposes to test security levels.

Describe grey hat hackers.

They perform both ethical and unethical activities.

What is incident response?

Defining how to handle an incident as soon as it is discovered.

What is the role of the IR team?

Intervenes during a cyberattack to protect company assets.

The IR Six Important Guidelines are Preparation, Identification, Containment, Eradication, Recovery and ______.

Lessons Learned

Match the following NIST RMF Process Steps:

Prepare = 1 Categorize = 2 Select = 3 Implement = 4 Assess = 5 Authorize = 6 Monitor = 7

Flashcards are hidden until you start studying

Study Notes

Core Principles of Information Security

• CIA is an acronym for Confidentiality, Integrity, and Availability, fundamental concepts in information security.

Confidentiality

• Involves sharing information exclusively with authorized individuals.
• Maintained through authentication techniques and access permissions.

Integrity

• Ensures data reliability, consistency, and accuracy.
• Protects against unauthorized modifications using methods like hashing and checksums.

Availability

• Guarantees that authorized users can access data and services as needed.
• Achieved through strategies such as load balancing, regular backups, and off-site storage for recovery.

Vulnerabilities

• Defined as flaws or weaknesses in software or hardware that can be exploited.
• Exploitations may occur through both software and hardware components.

Causes of Vulnerabilities

• Human Factor: A major source of vulnerabilities; humans can inadvertently cause breaches through poor security practices.
• Misconfiguration: Commonly arises from incorrect application settings.
• Complexity: Larger organizations with complex systems are more prone to vulnerabilities.
• Connectivity: Increased vulnerabilities stem from physical connections and open port protocols.
• Unsuitable Security Policies: Weak security policies can lead to unauthorized access and poor password choices.
• Lack of Input Validation: Failure to validate user input can create critical vulnerabilities.

Vulnerability Assessment

• The process of defining, identifying, classifying, and prioritizing vulnerabilities in a network.

Hacking

• The act of exploiting or identifying weaknesses in a network or system.
• Any internet-connected device can be targeted for hacking.

Types of Hackers

• Hacker: Individuals who manipulate systems for ulterior purposes.
• Hacker Skills: Key competencies include knowledge of Linux, Windows, networking, programming, and security mechanisms.
• Unethical Hackers: Operate for personal or financial gain, often using their expertise to exploit systems.
• Ethical Hackers: Also known as "white hat" hackers, they use skills for legitimate purposes, focusing on testing and improving security.
• Grey Hat Hackers: Operate in the space between ethical and unethical, assessing vulnerabilities without explicit permission but alerting organizations when issues are found.

Incident Response

• Details the procedures for managing a cybersecurity incident promptly.
• Aims to contain threats and minimize damage, with information gathered used for forensic analysis.

Incident Response Team (IR Team)

• Engages during cyber attacks to protect critical company assets.

IR Guidelines

• Six crucial steps for incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned.

NIST Risk Management Framework (RMF)

• A structured process consisting of steps: Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor to manage and mitigate risks.