Cyber Security Practice Quiz w_Answers

.docx

School

Charles Sturt University *

*We aren’t endorsed by this school

Course

S-I581

Subject

Information Systems

Date

May 1, 2024

Type

docx

Pages

5

Uploaded by DeanPencilIbex36 on coursehero.com

Practice Quiz with Answers What is an event? It can be defined as any change of state that has significance for the management of a Configuration Item or IT Service An anomaly ; a change in standard or baseline network traffic or it service alert notification of an event taking place incident an event that has been identified by the cyber security staff as malicious vulnerability A flaw or weakness that allows a threat agent to bypass security. What is a threat? an act or object or individual that poses a danger to assets or information system exploit exploit is a code, process, or act that takes advantage of a vulnerability or security flaw risk The likelihood of a threat exploiting a vulnerability impact an effect or result of a threat exploiting a vulnerability CIA Triangle Confidentiality, Integrity, Availability Confidentiality Ensuring that data is protected from unauthorized access
Encryption, Access Control, and Strong Authentication availability Security actions that ensure that data is accessible to authorized users. How to protect? Redundancy integrity ensuring data has not been tampered with and comes from the intended source How to protect? FILE HASHING, Signatures, asymmetric encryption, Digital Certificates Encryption Process of converting readable data into unreadable characters to prevent unauthorized access. CONFIDENTIALITY File hashing Method for ensuring information validity or INTEGRITY. An algorithm that compresses files down to randomized numbers known as 'Hash Values' MD5 Weak Hashing SHA 256 Strong Hashing SHA 512 Strong Hashing Port A port is the number that represents a specific protocol
protocol A set of rules governing the exchange or transmission of data between devices. A specific way of communication Example: secure web browsing is always done using HTTPS Symmetric Encryption An encryption method whereby the same key is used to encode and to decode the message symmetric encryption algorithms DES - Insecure 3DES- Mid AES - Standard (secure) RC4 Blowfish/Twofish asymmetric encryption two keys are used; one key encodes the message, and the other key decodes the message Access Control A security measure that defines who can access a computer, device, or network, when they can access it, and what actions they can take while accessing it. Role-Based Access Control (RBAC) An access control model that bases the access control authorizations on the roles (or functions) that the user is assigned within an organization A "real-world" access control model in which access is based on a user's job function within the organization. Standard Access Control Mandatory Access Control (MAC) The most restrictive access control model, typically found in military settings in which security is of supreme importance.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help