Cybersecurity Study Guide

Cybersecurity Flashcards for Weeks 2 & 3

What are the three types of cybersecurity controls?

Preventive, Detective, and Corrective

What is risk in cybersecurity?

The potential for loss or damage when a threat exploits a vulnerability.

What is the difference between inherent risk and residual risk?

Inherent risk exists before controls; residual risk remains after controls are applied.

What are the four types of compliance documents?

Policies, Standards, Procedures, Guidelines

What is an attack vector?

A path or method used by an attacker to access a target system or data.

What is the purpose of a risk assessment?

To evaluate threats, vulnerabilities, and the potential impact to prioritize mitigation strategies.

What does the concept of 'least privilege' refer to?

Giving users the minimum level of access necessary to perform their jobs.

What is a vulnerability in cybersecurity?

A weakness in design, implementation, or controls that could be exploited by a threat.

What makes insiders particularly dangerous as threat agents?

They often have elevated access and trusted roles, which can be exploited intentionally or accidentally.

Why are automated controls generally preferred?

They are consistent, fast, and not subject to human error or neglect.

What is an exploit in the context of a cyberattack?

A software tool or method used to take advantage of a system vulnerability.

What is an example of a detective control?

Monitoring and reviewing system logs to identify unusual activity.

Why is it important to separate policy from procedure?

Policies guide strategy and intent, while procedures provide actionable steps; mixing them complicates updates and approval.

How do standards support policies?

They specify measurable rules and thresholds to help enforce policy requirements.

What does a cybersecurity policy exception define?

Conditions or processes for deviating from standard policy, often used in education or testing environments.

What is Defense in Depth?

A layered security strategy to protect against failure of any single control.

What does a firewall do?

It enforces boundaries between networks and controls data traffic.

Why is network segmentation important?

It limits the spread of attacks by isolating systems.

What is the OSI model used for?

Understanding how data moves through networks, layer by layer.

What is a VPN and why is it used?

A Virtual Private Network encrypts internet traffic to secure communication over public networks.

What is the difference between a switch and a hub?

A switch sends data only to the intended recipient; a hub broadcasts data to all connected devices.

How do routers contribute to defense in depth?

They direct traffic between network segments and can isolate compromised areas.

How does overlapping redundancy improve security?

It provides multiple different controls that protect the same resource, reducing reliance on any single control.

What is a 'man-in-the-middle' attack?

An attack where the attacker intercepts and potentially alters communications between two parties without their knowledge.

What are router tables used for?

To determine the next network hop for routing data to its destination.

What is the difference between a LAN and a WAN?

LAN connects devices in a small geographic area; WAN connects remote networks over long distances.

What does a firewall's 'deny all' default setting do?

Blocks all traffic unless explicitly allowed by defined rules.

Why is logging important in cybersecurity?

It helps detect, investigate, and respond to incidents by tracking system activity.

How does the OSI model help in cybersecurity?

It helps isolate which layer of the network an issue occurs in, aiding in defense strategy and troubleshooting.

What is NAT (Network Address Translation)?

A method that maps private IP addresses to a public one, enabling multiple devices to share a single IP address and improving security.

What is the CIA Triad in cybersecurity?

Confidentiality, Integrity, Availability.

What are the three states of data?

Data at rest, data in motion, and data in use.

Why is cyber hygiene important?

It helps prevent common vulnerabilities through good security habits.

How does NIST define cybersecurity?

As the prevention of damage to and restoration of computers and electronic systems to ensure availability, integrity, and confidentiality.

What is the primary focus of cybersecurity?

To protect information and systems from unauthorized access, modification, or disruption.

What makes cybersecurity a broad organizational issue?

It involves people, processes, and technology across all departments.

Why is availability a critical component of cybersecurity?

It ensures authorized users have reliable access to information and systems when needed.

What is the difference between information security and cybersecurity?

Information security includes protection of all information assets, digital and non-digital; cybersecurity focuses on digital systems and networks.