Hacking sheesh
This group of criminals breaks into computers or networks to gain access for various reasons
Cyber Criminals
Gray hat
Vulnerability Brokers
Hackers
Attackers break into networks or computer systems to discover weaknesses in order to improve the security of these systems.
Gray hat
White hat
Black hat
Script Kiddies
Attackers are somewhere between white and black hat attackers. The attackers may find a vulnerability and report it to the owners of the system if that action coincides with their agenda.
Gray hat
Black hat
White hat
Black hat
Attackers are unethical criminals who violate computer and network security for personal gain, or for malicious reasons, such as attacking networks.
Gray hat
Vulnerability Brokers
Black hat
Cyber Criminals
Teenagers or hobbyists mostly limited to pranks and vandalism, have little or no skills, often using existing tools or instructions found on the Internet to launch attacks.
Script Kiddies –
Hacktivists
State Sponsored Hackers
Vulnerability Brokers
Grey hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards.
Vulnerability Brokers
Hacktivists
Script Kiddies
Cyber Criminals
Grey hat hackers who rally and protest against different political and social ideas. Hacktivists publicly protest against organizations or governments by posting articles, videos, leaking sensitive information, and performing distributed denial of service (DDoS) attacks.
Hacktivists
Cyber Criminals
Vulnerability Brokers
State Sponsored Hackers
These are black hat hackers who are either self-employed or working for large cybercrime organizations. Each year, ___ are responsible for stealing billions of dollars from consumers and businesses.
Cyber Criminals
Black hat
Hacktivists
State Sponsored Hackers
Depending on a person’s perspective, these are either white hack or black hackers who steal government secrets, gather intelligence, and sabotage networks. Their targets are foreign governments, terrorist groups, and corporations
State Sponsored Hackers
Hacktivists
Vulnerability Brokers
Cyber Criminals
The Nation Common Vulnerabilities and Exposures (CVE) database is an example of the development of a national database. The CVE National Database was developed to provide a publicly available database of all known vulnerabilities
Vulnerability Database
Early Warning Systems
Share Cyber Intelligence
New Laws
The Honeynet project is an example of creating____.The project provides a HoneyMap which displays real-time visualization of attacks.
Early Warning Systems
Share Cyber Intelligence
ISM Standards
Vulnerability Database
InfraGard is an example of wide spread sharing of cyber intelligence. The InfraGard program is a partnership between the government and private sector. The participants are dedicated to sharing information and intelligence to prevent hostile cyberattacks
Share Cyber Intelligence
Early Warning Systems
Vulnerability Database
ISM Standards:
The ISO 27000 standards are an example of Information Security Management Standards. The standards provide a framework for implementing cybersecurity measures within an organization
ISM Standards:
New Laws
Early Warning Systems
Share Cyber Intelligence
The ISACA group track law enacted related to cyber security. These laws can address individual privacy to protection of intellectual property. Examples of these laws include: Cybersecurity Act, Federal Exchange Data Breach Notification Act ad the Data Accountability and Trust Act
New Laws
ISM Standards
Vulnerability Database
Early Warning Systems
Includes providing the support, administration, and maintenance required to ensure IT system performance and security
Operate and Maintain
Protect and Defend
Collect and Operate
Oversight and Development
Includes the identification, analysis, and mitigation of threats to internal systems and networks
Protect and Defend
Operate and Maintain
Collect and Operate
Securely Provision
Includes the investigation of cyber events and/or cyber crimes involving IT resources
Investigate
Protect and Defend
Operate and Maintain
Securely Provision
Includes specialized denial and deception operations and the collection of cybersecurity information
Collect and Operate
Operate and Maintain
Analyze
Oversight and Development
Includes highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence
Analyze
Investigate
Oversight and Development
Securely Provision
Provides for leadership, management, and direction to conduct cybersecurity work effectively
Oversight and Development
Analyze
Investigate
Securely Provision
Includes conceptualizing, designing, and building secure IT systems
Securely Provision
Analyze
Investigate
Oversight and Development
The Three Dimensions of the Cybersecurity Cube is a Tool developed by _____, one of the early cybersecurity experts in order to help manage the protection of network, domains and the internet
John McCumber
John Mayer
Dennis Ritchie
Guido van Rossum
The first dimension of the cybersecurity cube it identifies the goals to protect the cyber world
Security Principles
Information State
Countermeasures
The 3 Principles of Security principles of the cybersecurity world.
Confidentiality
Integrity
Availability
Accountability
Security
Vulnerability
Data has three possible states
Data at rest
Data in transit
Data in process
Data in web
Data in server
Data at work
Defines the types of powers used to protect the cyber world. The sorcery cube identifies the three types of powers :
Technologies
Policies and Practices
People
Data
Innovation
Process
Prevents the disclosure of information to unauthorized people, resources and processes.
Confidentiality
Policies
Integrity
Availability
Another term for confidentiality is ___
Privacy
Integrity
Disclosure
Policies
The concepts of AAA involve three security services
Authentication
Authorization
Accounting
Availability
Amiability
Affability
Verifies the identity of a user to prevent unauthorized access. Users prove their identity with a username or I.D. (3 answers)
Authentication
Authorization
Accounting
Availability
Services determine which resources users can access, along with the operations that users can perform. It can also control when a user has access to a specific resource.
Authorization
Authentication
Accounting
Availability
Keeps track of what users do, including what they access, the amount of time they access resources, and any changes made.
Accounting
Authorization
Authentication
Availability
Is the accuracy, consistency, and trustworthiness of data during its entire life cycle.
Integrity
Confidentiality
Policies
Availability
Another term for integrity is
Quality
Integrity
Privacy
Authorization
3 Methods used to ensure data integrity include
Hashing,
Data consistency checks
Access controls
Encrypting
Username & password
Authorization
The principle used to describe the need to maintain availability of information systems and services at all times. Cyberattacks and system failures can prevent access to information systems and services
Availability
Confidentiality
Integrity
Privacy
Methods used to ensure availability include
System redundancy
System backups
up-to-date operating systems and software
Equipment maintenance
Hashing
Data consistency checks
Access controls
A type of storage device retains the data when no user or process is using it.
Data at Rest
Data in Transit
Data in Process
Data at Work
Uses multiple hard drives in an array, which is a method of combining multiple disks so that the operating system sees them as a single disk
Redundant array of independent disks (RAID)
A network attached storage (NAS)
A storage area network (SAN)
A storage device connected to a network that allows storage and retrieval of data from a centralized location by authorized network users
A network attached storage (NAS)
Redundant array of independent disks (RAID)
A storage area network (SAN)
A network-based storage system that connect to the network using high-speed interfaces allowing improved performance and the ability to connect multiple servers to a centralized disk storage repository.
A storage area network (SAN)
A network attached storage (NAS)
Redundant array of independent disks (RAID)
Involves sending information from one device to another
Data in Transit
Data at Rest
Data in Process
Data at Work
Uses removable media to physically move data from one computer to another
Sneaker net –
Wired networks
Wireless networks
Uses cables to transmit data
Wired networks
Sneaker net
Wireless networks
Uses the airwaves to transmit data
Wireless networks
Wired networks
Sneaker net
This refers to data during initial input, modification, computation, or output.
Data in Process
Data in Transit
Data at Rest
Data at Work
Refers to any changes to the original data such as users manually modifying data, programs processing and changing data, and equipment failing resulting in data modification.
Data modification
Data integrity
Data Availabity
Data in Transit
Include programs and services that protect operating systems, databases, and other services operating on workstations, portable devices, and servers
Software safeguards
Hardware safeguards
Data safeguard
Privacy safeguards
is a secure virtual network that uses the public network (i.e., the Internet).
VPN
DNS
IP
TCP
Appliances that are installed within the network faculties. They can include: Firewall appliances, Intrusion Detection Systems (IDS),Intrusion Prevention Systems (IPS) and Content filtering systems.
Hardware based technologies
Software based technologies
Technology based technologies
Data based technologies
Requires a set of checks before allowing a device to connect to a network. Some common checks include up-to-data antivirus software or operating system updates installed.
NAC
VPN
DNS
IP
Includes the implementation of authentication and encryption.
Wireless access point security
Network access control
Virtual Private Network
Infrastructure as a Service
allows users to gain access to application software and databases. Cloud providers manage the infrastructure. Users store data on the cloud provider’s servers
Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
Virtual security appliances
Wireless access point security
Provides virtualized computing resources over the Internet. The provider hosts the hardware, software, servers, and storage components.
Infrastructure as a Service (IaaS)
Software as a Service (SaaS)
Virtual security appliances
Wireless access point security
Run inside a virtual environment with a prepackaged, hardened operating system running on virtualized hardware
Virtual security appliances
Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
Wireless access point security
{"name":"Hacking sheesh", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"This group of criminals breaks into computers or networks to gain access for various reasons, attackers break into networks or computer systems to discover weaknesses in order to improve the security of these systems., attackers are somewhere between white and black hat attackers. The attackers may find a vulnerability and report it to the owners of the system if that action coincides with their agenda.","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}
More Quizzes
What Team Elite Member Are You?
116221
1q2w3e4r5t6y7u8i9o0p
740
Gewinne Gewinne Gewinne keine Nieten...nur Gewinne
1059
29140
Science
301524
Which type of capybara are you?
6328
Hannah's Fab Quiz
8413
Part B
934649
Discover Your Perfect Vibe!
740
What Campaign Job Is Perfect for You?
210
Do you have any recommendations in new papers today?
100
French Revolution
100