|
What is Cyber Security Management
|
Manages the risks associated to protection principles
|
|
MITRE's ATT&CK
|
Adverbial tactics, techniques and common knowledge
- helps to understand security risk
|
|
Explain the CIA triangle
|
Confidentiality - ensuring only eligible persons are able to access information
Integrity - ensuring stored data is correct
Availability - ensuring systems and data are constantly accessible
|
|
What is the Cyber Kill Chain?
|
States the stages that should be completed for an attack to be deemed successful
|
|
What is a threat?
|
an event that will potentially impact an organisations operations of assets through a system by unauthorised access, destruction, disclosure or modification
|
|
State 3 cyber threats.
|
cyber criminals, script kiddies, terrorists, state and state sponsored
|
|
What are vulnerabilities?
|
weaknesses in the system that can be accidentally or intentionally triggered
|
|
State 3 vulnerabilities.
|
Poor cyber skills, Expansion of devices, insufficient training and skills, availability of hacking resources, un-patched systems, old systems, IOT devices
|
|
How will a strategy help for risk management?
|
A strategy will help to defend against any threats or vulnerabilities that occur
|
|
What is a risk assessment?
|
Estimate of risk to specific threat and identify sensible measures to reduce its impact
|
|
What does the term likelihood mean?
|
the probability of a threat intentionally exploiting a given vulnerability
|
|
What does it mean by the impact of a threat?
|
the magnitude of a harm a threat can cause
|
|
What is a Qualitative assessment?
|
a set of methods for assessing risk based on non-numeric categories
(brainstorming, interview, risk rating scales. SWOT)
|
|
What is a Quantitative assessment?
|
an assessment employing set of method to access risk with the user of number (numeric)
|
|
What is a semi-quantitative assessment?
|
combination of both qualitative and quantitative that employs methods using scales of number representation
|
|
What does the term SWOT analysis mean?
|
study undertaken to identify internal strengths and weaknesses as well as external opportunities and threats
|
|
Explain what a risk is.
|
quantified measure of the extent to which an entity is threatened by a threat
|
|
Stages of the cyber kill chain.
|
Reconnaissance, Weaponisation, Delivery, Exploitation, Installation, C2, Actions
|
|
What are the types of mitigation techniques used for countering possible attacks?
|
techniques to detect, deny, disrupt, degrade, decieve and contain
|
|
What can be done for for explosives and ballistics protection?
|
provide secure and protected areas that can defend in the case of a bomb situation
|
|
CBR defence, explain.
|
Plan to act fast to lock down systems.
|
|
How does lighting affect security?
|
deter intruders from gaining access
|
|
How could you deal with hostile vehicle mitigation
|
access the control of site with use of a traffic management system, barriers
|
|
How could doors be used to protect against intruders?
|
act as delay from intruders from forced or undetected entry
|
|
how can gates help improve physical security?
|
deters and delays an intruders access, acts a barrier, protect guards
|
|
Stages of the incident response lifecycle.
|
Preparation, Detection, Containment, Investigation, Remediation, Recovery
|
|
How will establishing a point of contact help with forensic readiness?
|
ensures that is an individual in place that will take control of the plan and ensures procedures will be taken to comply and accurately document the process
|
|
What is a forensic plan?
|
plan created beforehand to state the proceeders to take on the chance that a security incident occurs
|
|
Explain the term: Chain of Custody.
|
a legal records for the evidence of an item taken to prove that no tampering has occurred
|
|
Tasks of the first responder.
|
to accurately document and record all steps taken throughout the incident, seize any evidence
|
|
State 2 issues with the DPA
|
- Developed before social media
- Designed to guide an organisation, not acting directly towards an individual
- small fines/penalties for non-compliance
- no protection from targeted marketing
- no protection from bulk data collection
|
|
Who does the General Data Protection Regulation apply to?
|
applies to collectors, stores, processors of data and any EU citizen
|
|
True or False. Under the GDPR, the data controller does not need consent from the data subject.
|
False
|
|
True or False. An individual has the right to have all of their data removed.
|
True
|
|
How long does an organisation have to report a non-compliance incident?
|
72 hours and all affected users should be notified as soon as possible.
|
|
What are the cyber essentials relating to security?
|
control areas can include: firewalls, internet gateways, secure passwords, user access, malware protection, patch management
|
|
What does the ICO do? State 3 things.
|
- Promotes the openness of officer information and protection
- Investigates breaches
- Controls registrations
- Promotes the best tactics and methods of protection privacy
|
|
What are IOT devices?
|
a network of physical devices embedded with technology that can connect wirelessly and transmit data
|
|
What is an audit trail?
|
a record of all changes made to a file or database
|
|
What does it mean by payload?
|
the actual data of packet without the header information
|
0
