100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Cybersecurity Questions and Answers Graded A+ $14.99   Add to cart

Exam (elaborations)

Cybersecurity Questions and Answers Graded A+

 6 views  0 purchase
  • Course
  • Cyber Security
  • Institution
  • Cyber Security

Cybersecurity Questions and Answers Graded A+ What is cybersecurity preventing the unauthorized access to data and information systems what three goals does cybersecurity have confidentiality, integrity, accessibility what is the confidentiality goal of cybersecurity ensuring no o...

[Show more]

Preview 4 out of 47  pages

  • September 17, 2024
  • 47
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • Cyber Security
  • Cyber Security
avatar-seller
julianah420
Cybersecurity Questions and Answers
Graded A+

What is cybersecurity - answer preventing the unauthorized access to data and
information systems

what three goals does cybersecurity have - answer confidentiality, integrity, accessibility

what is the confidentiality goal of cybersecurity - answer ensuring no one with
authorized can access information

what is the integrity goal of cybersecurity - answer ensuring the data hasn't been
manipulated and is accurate

what is the availability goal of cybersecurity - answer ensuring the systems are available
to the end users

what are the three main methods or controls that shape cybersecurity? - answer people,
process, technology

what is the role of people in cybersecurity - answer- giving people the skills and
information to implement an effective cybersecurity program
- training, awareness, building skills

what is process in cybersecurity - answer the policies and organizational procedures
used to implement and manage the cybersecurity program

what role does technology play in cybersecurity - answer the tools or controls used to
implement the cybersecurity lifecycle

what is the cybersecurity lifecycle - answer the components of cybersecurity according
to NIST

what are the NIST components of the cybersecurity lifecycle - answer identify, monitor,
protect, detect, respond, recover

what is the old model to approach cybersecurity - answer the perimeter model (hard
shell, soft inside)

why is the perimeter model not fully effective in cybersecurity - answer- the perimeter is
not perfect and is only one layer

,- you have to violate the perimeter all the time to share information between authorized
users
- too many doors and windows

What is the Identify function in the NIST model? - answer Identify
The Identify Function assists in developing an organizational understanding to
managing cybersecurity risk to systems, people, assets, data, and capabilities.
Understanding the business context, the resources that support critical functions, and
the related cybersecurity risks enables an organization to focus and prioritize its efforts,
consistent with its risk management strategy and business needs.

Examples of outcome Categories within this Function include:

Identifying physical and software assets within the organization to establish the basis of
an Asset Management program

Identifying the Business Environment the organization supports including the
organization's role in the supply chain, and the organizations place in the critical
infrastructure sector

Identifying cybersecurity policies established within the organization to define the
Governance program as well as identifying legal and regulatory requirements regarding
the cybersecurity capabilities of the organization

Identifying asset vulnerabilities, threats to internal and external organizational
resources, and risk response activities as a basis for the organizations Risk
Assessment

Identifying a Risk Management Strategy for the organization including establishing risk
tolerances
Identifying a Supply Chain Risk Management strategy including priorities, constraints,
risk tolerances, and assumptions used to support risk decisions associated with
managing supply chain risks

what is the Protect function in the NIST model - answerThe Protect Function outlines
appropriate safeguards to ensure delivery of critical infrastructure services. The Protect
Function supports the ability to limit or contain the impact of a potential cybersecurity
event.

Examples of outcome Categories within this Function include:

Protections for Identity Management and Access Control within the organization
including physical and remote access

Empowering staff within the organization through Awareness and Training including role
based and privileged user training

,Establishing Data Security protection consistent with the organization's risk strategy to
protect the confidentiality, integrity, and availability of information

Implementing Information Protection Processes and Procedures to maintain and
manage the protections of information systems and assets
Protecting organizational resources through

Maintenance, including remote maintenance, activities

Managing Protective Technology to ensure the security and resilience of systems and
assists are consistent with organizational policies, procedures, and agreements

What is the Detect function in the NIST model? - answerDetect: Identifying the
occurrence of a cybersecurity event (an incursion or attempted incursion) in a timely
manner

Details:

The Detect Function defines the appropriate activities to identify the occurrence of a
cybersecurity event. The Detect Function enables timely discovery of cybersecurity
events.

Examples of outcome Categories within this Function include:

Ensuring Anomalies and Events are detected, and their potential impact is understood
Implementing Security Continuous Monitoring capabilities to monitor cybersecurity
events and verify the effectiveness of protective measures including network and
physical activities
Maintaining Detection Processes to provide awareness of anomalous events

What is the Respond function in the NIST model? - answerTo take action regarding .
detected cybersecurity incident to minimize impact

Details:

The Respond Function includes appropriate activities to take action regarding a
detected cybersecurity incident. The Respond Function supports the ability to contain
the impact of a potential cybersecurity incident.

Examples of outcome Categories within this Function include:

Ensuring Response Planning process are executed during and after an incident

Managing Communications during and after an event with stakeholders, law
enforcement, external stakeholders as appropriate

, Analysis is conducted to ensure effective response and support recovery activities
including forensic analysis, and determining the impact of incidents

Mitigation activities are performed to prevent expansion of an event and to resolve the
incident

The organization implements Improvements by incorporating lessons learned from
current and previous detection / response activities

What is the Recover function in the NIST model - answerTo maintain plans for
resilience and to restore services impaired during cybersecurity incidents

Details:

The Recover Function identifies appropriate activities to maintain plans for resilience
and to restore any capabilities or services that were impaired due to a cybersecurity
incident. The Recover Function supports timely recovery to normal operations to reduce
the impact from a cybersecurity incident.

Examples of outcome Categories within this Function include:

Ensuring the organization implements Recovery Planning processes and procedures to
restore systems and/or assets affected by cybersecurity incidents
Implementing Improvements based on lessons learned and reviews of existing
strategies
Internal and external Communications are coordinated during and following the
recovery from a cybersecurity incident

Why systems are vulnerable - answer- Accessibility of networks via unauthenticated
sources (e.e., open to the internet)
- Hardware problems (breakdowns, configuration errors, damage from improper use or
crime, failure to maintain patches to the hardware such as a firmware update.
- Software Problems (programming or installation errors, unauthorized changes, failure
to maintain patches to the software)
- Use of networks/computers outside of firm's control
- Loss and theft of end points with authenticated access to the systems such as portable
devices

Internet Vulnerabilities - answer- Network open to anyone
- Size of internet means abuses can have wide impact
- Use of fixed internet addresses (IPs) with cable/DSL modems creates fixed targets for
hackers
- encrypted VOIP
- E-mail, P2P, IM

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller julianah420. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $14.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79223 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$14.99
  • (0)
  Add to cart