Cyber Security Practice Quiz w_Answers
.docx
keyboard_arrow_up
School
Charles Sturt University *
*We aren’t endorsed by this school
Course
S-I581
Subject
Information Systems
Date
May 1, 2024
Type
docx
Pages
5
Uploaded by DeanPencilIbex36 on coursehero.com
Practice Quiz with Answers
What is an event?
It can be defined as any change of state that has significance for the management of a Configuration Item or IT Service
An anomaly ; a change in standard or baseline network traffic or it service
alert
notification of an event taking place
incident
an event that has been identified by the cyber security staff as malicious
vulnerability
A flaw or weakness that allows a threat agent to bypass security.
What is a threat?
an act or object or individual that poses a danger to assets or information system
exploit
exploit is a code, process, or act that takes advantage of a vulnerability or security flaw
risk
The likelihood of a threat exploiting a vulnerability
impact
an effect or result of a threat exploiting a vulnerability
CIA Triangle
Confidentiality, Integrity, Availability
Confidentiality
Ensuring that data is protected from unauthorized access
Encryption, Access Control, and Strong Authentication
availability
Security actions that ensure that data is accessible to authorized users.
How to protect?
Redundancy
integrity
ensuring data has not been tampered with and comes from the intended source
How to protect?
FILE HASHING, Signatures, asymmetric encryption, Digital Certificates
Encryption
Process of converting readable data into unreadable characters to prevent unauthorized access.
CONFIDENTIALITY
File hashing
Method for ensuring information validity or INTEGRITY. An algorithm that compresses files down to randomized numbers known as 'Hash Values'
MD5 Weak Hashing
SHA 256 Strong Hashing
SHA 512 Strong Hashing
Port
A port is the number that represents a specific protocol
protocol
A set of rules governing the exchange or transmission of data between devices.
A specific way of communication
Example: secure web browsing is always done using HTTPS
Symmetric Encryption
An encryption method whereby the same key is used to encode and to decode the message
symmetric encryption algorithms
DES - Insecure
3DES- Mid
AES - Standard (secure)
RC4
Blowfish/Twofish
asymmetric encryption
two keys are used; one key encodes the message, and the other key decodes the message
Access Control
A security measure that defines who can access a computer, device, or network, when they can
access it, and what actions they can take while accessing it.
Role-Based Access Control (RBAC)
An access control model that bases the access control authorizations on the roles (or functions) that the user is assigned within an organization
A "real-world" access control model in which access is based on a user's job function within the organization.
Standard Access Control
Mandatory Access Control (MAC)
The most restrictive access control model, typically found in military settings in which security is of supreme importance.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help