Cybersecurity Capstone Quiz Review Notes

Flashcards covering insider threats, brokers, nation-state tactics, risk frameworks (NIST RMF/CSF), threat vectors, common vulnerabilities, and core security principles based on the provided lecture notes.

What term describes a serious threat to an enterprise that comes from its own employees, contractors, and business partners who are in positions of trust?

Insider threat.

A work-study student uses privileged access to change a grade after gaining additional privileges. What type of threat scenario does this illustrate?

Insider threat (abuse of privileged access by someone in a trusted position).

What is a vulnerability broker?

Someone who discovers vulnerabilities and sells information about them to attackers or governments rather than reporting to the vendor.

Why do nation-state attackers continue attempting targets until successful?

They have significant resources and a targeted objective, so they persist and adapt until they breach the target.

What activity is a vulnerability broker most likely to engage in after finding a weakness?

Sell information about the discovered vulnerability to the highest bidder (attackers or governments) rather than reporting it to the vendor.

If a nation-state attack against a target is not successful, what is their typical next step?

Continue attacking and persist until successful.

A modular router is approaching end-of-life (EOL). What should the company do to maintain security?

Update the router firmware to patch known threats (and replace hardware as needed when EOL approaches).

What are the primary responsibilities of a security administrator versus a security manager?

Security administrator manages daily security technology operations and may design security solutions; security manager oversees staff and enforces security policies and governance.

When an attacker hacks a cell phone to steal credit card information and spreads the attack to the victim’s contacts, which target category are they focusing on?

An individual (person) as the victim.

What category of targets focuses on individuals as victims, often involving personal data and financial information?

Targets focused on individuals (people) rather than organizations.

What does a zero-day vulnerability mean?

A vulnerability unknown to the vendor with no patch available yet; zero days of warning.

What term describes unskilled attackers who use readily available attack tools to breach defenses?

Script kiddies.

What are the five functions of the NIST Cybersecurity Framework (CSF)?

Identify, Protect, Detect, Respond, Recover.

How does the NIST Risk Management Framework (RMF) differ from the CSF in scope?

RMF is a risk management framework focusing on risk assessment, authorization, and ongoing monitoring; CSF is a framework to improve cybersecurity practices across Identify, Protect, Detect, Respond, Recover.

Text messages (SMS) fall under which threat vector category?

Specialized threat vector: Specialized communications (SMS).

Which vulnerabilities are associated with misconfiguration (default settings, open ports/services, and unsecure protocols)?

Misconfiguration vulnerabilities.

Why is Telnet considered insecure in network devices?

Telnet traffic is unencrypted, making credentials and data easy to capture.

Disclosing stolen credit card information is an example of which data security principle?

Confidentiality breach (loss of data confidentiality).

What are the three components of the CIA triad?

Confidentiality, Integrity, Availability.

How do cybersecurity and information security differ at a high level?

Cybersecurity focuses on protecting electronic systems, networks, and data; information security is the broader umbrella covering people, processes, and technology to protect information in all forms.

What is end-of-life (EOL) in hardware management?

Hardware that has reached the end of its manufacturing lifespan should be retired and replaced with a newer model.