QUIZ

Subdecks (1)

Cards (109)

  • Threat management integrates different approaches to threats to mitigate risk and protect assets
  • Confidentiality ensures unauthorized individuals cannot access sensitive information
  • Integrity ensures no unauthorized modifications to information or systems
  • Availability ensures information and systems are ready to meet the needs of legitimate users
  • CIA Triad refers to Confidentiality, Integrity, and Availability as key cybersecurity goals
  • Risk is the potential for loss, damage, or destruction of an asset due to a threat exploiting a vulnerability
  • Vulnerabilities are weaknesses in a device, system, application, or process that may allow an attack
  • Threats are outside forces in cybersecurity that may exploit vulnerabilities
  • Risks are the combination of threats and corresponding vulnerabilities
  • Risk = Threat × Vulnerability represents the relationship between risks, threats, and vulnerabilities
  • Risk assessments measure current risk levels based on threats, vulnerabilities, and mitigations
  • NIST SP 800-30 risk assessment process involves identifying threats and vulnerabilities to determine risk levels
  • Threats can be adversarial, accidental, structural, or environmental
  • Identifying vulnerabilities involves focusing on external factors likely to impact security efforts
  • Likelihood is the chance a risk will be realized, while impact is the severity of damage if it occurs
  • Quantitative techniques numerically assess likelihood and impact of risks in risk assessments
  • Cybersecurity professionals use controls to minimize risk through risk management
  • Ways to handle risk include acceptance, avoidance, mitigation, and transference
  • Network perimeter security often involves firewalls at network boundaries
  • Major types of network perimeter security threats include Packet Filtering, Stateful Inspection, Next-Generation Firewalls, and Web Application Firewalls
  • Network Access Control solutions limit network access to authorized individuals and ensure system security
  • NAC Approval Criteria include time of day, role of the user, location of the user, and system health status
  • Defense deception methods like Honeypots and DNS Sinkholes help in identifying and deterring attacks
  • Secure endpoint management involves securing devices like laptops, smartphones, and tablets
  • Endpoint security considerations include hardening system configuration, patch management, and group policies
  • Penetration testing simulates cyber-attacks to identify vulnerabilities and report findings
  • Planning a penetration test involves timing, scope, authorization, conducting discovery, executing the test, and communicating results
  • Reconnaissance and intelligence gathering are essential for understanding an organization's security environment
  • Foot printing the network involves creating a map of an organization's networks and systems
  • Active reconnaissance uses host scanning tools to gather information about systems, services, and vulnerabilities
  • Network mapping tools like Zenmap and Nmap help in approximating the network during active reconnaissance
  • Zenmap and nmap are useful for conducting network mapping
  • Zenmap is a graphical version of Nmap and uses Nmap as its scanning engine
  • Nmap is the most popular network scanning program globally
  • Port scanning tools are designed to send traffic to remote systems and gather responses to provide information about the systems and services they offer
  • Port scanning features include host discovery, port scanning and service identification, service version identification, and operating system identification
  • Other port scanners include Angry IP Scanner, Metasplot Built-in scanner, Qualys Vulnerability Management, Tenable's Nessus Vulnerability Scanner, and Python coding for custom port scanners
  • Nmap, short for Network Mapper, is a network discovery and security auditing tool with powerful scanning options
  • Nmap is widely used to scan for open ports and services, discover service versions, guess the operating system, and monitor hosts
  • Passive reconnaissance relies on logs, data, and packet captures to gather information for network mapping