Hacking sheesh

This group of criminals breaks into computers or networks to gain access for various reasons

Attackers break into networks or computer systems to discover weaknesses in order to improve the security of these systems.

Attackers are somewhere between white and black hat attackers. The attackers may find a vulnerability and report it to the owners of the system if that action coincides with their agenda.

Attackers are unethical criminals who violate computer and network security for personal gain, or for malicious reasons, such as attacking networks.

Teenagers or hobbyists mostly limited to pranks and vandalism, have little or no skills, often using existing tools or instructions found on the Internet to launch attacks.

Grey hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards.

Grey hat hackers who rally and protest against different political and social ideas. Hacktivists publicly protest against organizations or governments by posting articles, videos, leaking sensitive information, and performing distributed denial of service (DDoS) attacks.

These are black hat hackers who are either self-employed or working for large cybercrime organizations. Each year, ___ are responsible for stealing billions of dollars from consumers and businesses.

The Nation Common Vulnerabilities and Exposures (CVE) database is an example of the development of a national database. The CVE National Database was developed to provide a publicly available database of all known vulnerabilities

The Honeynet project is an example of creating____.The project provides a HoneyMap which displays real-time visualization of attacks.

InfraGard is an example of wide spread sharing of cyber intelligence. The InfraGard program is a partnership between the government and private sector. The participants are dedicated to sharing information and intelligence to prevent hostile cyberattacks

The ISO 27000 standards are an example of Information Security Management Standards. The standards provide a framework for implementing cybersecurity measures within an organization

The ISACA group track law enacted related to cyber security. These laws can address individual privacy to protection of intellectual property. Examples of these laws include: Cybersecurity Act, Federal Exchange Data Breach Notification Act ad the Data Accountability and Trust Act

Choose 3 prime targets for cyber criminals.

Includes providing the support, administration, and maintenance required to ensure IT system performance and security

Includes the identification, analysis, and mitigation of threats to internal systems and networks

Includes the investigation of cyber events and/or cyber crimes involving IT resources

Includes specialized denial and deception operations and the collection of cybersecurity information

Includes highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence

Provides for leadership, management, and direction to conduct cybersecurity work effectively

Includes conceptualizing, designing, and building secure IT systems

The Three Dimensions of the Cybersecurity Cube is a Tool developed by _____, one of the early cybersecurity experts in order to help manage the protection of network, domains and the internet

The first dimension of the cybersecurity cube it identifies the goals to protect the cyber world

The 3 Principles of Security principles of the cybersecurity world.

Data has three possible states

Defines the types of powers used to protect the cyber world. The sorcery cube identifies the three types of powers :

Prevents the disclosure of information to unauthorized people, resources and processes.

Another term for confidentiality is ___

The concepts of AAA involve three security services

Verifies the identity of a user to prevent unauthorized access. Users prove their identity with a username or I.D. (3 answers)

Services determine which resources users can access, along with the operations that users can perform. It can also control when a user has access to a specific resource.

Keeps track of what users do, including what they access, the amount of time they access resources, and any changes made.

Is the accuracy, consistency, and trustworthiness of data during its entire life cycle.

Another term for integrity is

3 Methods used to ensure data integrity include

The principle used to describe the need to maintain availability of information systems and services at all times. Cyberattacks and system failures can prevent access to information systems and services

Methods used to ensure availability include

A type of storage device retains the data when no user or process is using it.

Uses multiple hard drives in an array, which is a method of combining multiple disks so that the operating system sees them as a single disk

A storage device connected to a network that allows storage and retrieval of data from a centralized location by authorized network users

A network-based storage system that connect to the network using high-speed interfaces allowing improved performance and the ability to connect multiple servers to a centralized disk storage repository.

Involves sending information from one device to another

Uses removable media to physically move data from one computer to another

Uses cables to transmit data

Uses the airwaves to transmit data

This refers to data during initial input, modification, computation, or output.

Refers to any changes to the original data such as users manually modifying data, programs processing and changing data, and equipment failing resulting in data modification.

Include programs and services that protect operating systems, databases, and other services operating on workstations, portable devices, and servers

is a secure virtual network that uses the public network (i.e., the Internet).

Appliances that are installed within the network faculties. They can include: Firewall appliances, Intrusion Detection Systems (IDS),Intrusion Prevention Systems (IPS) and Content filtering systems.

Requires a set of checks before allowing a device to connect to a network. Some common checks include up-to-data antivirus software or operating system updates installed.

Includes the implementation of authentication and encryption.

Provides virtualized computing resources over the Internet. The provider hosts the hardware, software, servers, and storage components.

Run inside a virtual environment with a prepackaged, hardened operating system running on virtualized hardware