Cybersecurity Policy Questions and Answers 100% Solved
6 views 0 purchase
Course
Cyber security
Institution
Cyber Security
Cybersecurity Policy Questions and Answers 100% Solved
DOD definition of cybersecurity
prevention of damage to protection of, and restoration of computers, electronic communication systems, electronic communications services, wire communication, and electronic communication, including information...
Cybersecurity Policy Questions and
Answers 100% Solved
DOD definition of cybersecurity - answer prevention of damage to protection of, and
restoration of computers, electronic communication systems, electronic communications
services, wire communication, and electronic communication, including information
contained therein, to ensure its availability, integrity, authentication, confidentiality and
nonrepudiation
Private firms - answer protection of data and systems that are connected to the Internet
DHS role in cybersecurity - answer to coordinate cyber security between the federal
government and private sector. the security of cyberspace has man direct and indirect
implication for society, national security and economic well-being. responsible for
protecting critical infrastructure
cyberspace - answerA global domain within the information environment consisting of
the interdependent network of information technology infrastructures, including the
Internet, telecommunications networks, computer systems, and embedded processors
and controllers.
Layers of Cyberspace - answer1)Infrastructure (structures needed for a country to
function properly)
2)Physical: boxes and wires
3) Syntactic: instructions and protocols
4) semantic-information that a machine or network contains
Structured Query Language (SQL) - answerA special-purpose programming language
designed for managing data in relational database management systems (RDBMS) or
for stream processing in a relational data stream management system
SQL injection - answera code injection technique used to attack data-driven applications
in which malicious SQL statements are inserted into an entry field for execution
Solutions to SQL injection - answerinput validation and the principle of least privilege
Input validation - answerthe proper testing of any input supplied by a user application
principle of least privilege - answerthe practice of limiting access rights for users to the
bare minimum permission they need to perform their work
, cyberattacks - answerdeliberate disruption or corruption by one of a system of interest o
another group. can be hard to know where the attack is coming from `
Controls - answerput in place to eliminate, mitigate, or minimize damages; passwords,
ant-virus software, firewalls
CNE - answerComputer Network Exploitation
Disruption - answerlost capacity, commit errors
Corruption - answerdata and algorithms changed
Exploit - answeran attempt to take advantage of a vulnerability to gain access to a
system or get it to accept rogue instructions. Thousands of exploits exist
watering hold - answerthe target is a particular group. determines the websites most
often used by a group of users and infects one or more of them with malware
Denial of service - answera single source. exploiting software or operation system
weaknesses. flooding communication channel to prevent the legitimate communication
Distributed Denial of Service - answercoordinated attack from a distributed system of
computers rather than from a singe source. often makes use of worms to spread
multiple computers that can then attack the target
Distributed Reflective Denial of Service - answerattackers sends the spoofed packet to
the application network in which multiple systems exist. Attacker spoofs the source and
the destination address in ICMP packets. These multiple systems sends/attacks
message to the target/victim. The victim has to reply the messages that he did not send.
Internet Control Message Protocol - answercreates and sends messages to the source
IP address indicating that a gateway to the Internet that a route service or host cannot
be reached for packet delivery.
Exploit tools - answerpublicly available and sophisticated tools that intruders of various
skill levels can use to determine vulnerabilities and gain entry into targeted systems.
Exploit kits - answera type of malicious toolkit used to exploit security holes found in
software applications for the purpose of spreading malware, kits contain code which
targets users running insecure or outdated software application on their computers.
RIG Exploit kit - answerexploit kit that drops various ransomware payloads, such as
CryptoShield, Cerber, and Locky. injecting malicious script into compromised websites.
commonly used to exploit Adobe Flash vulnerability
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller julianah420. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.49. You're not tied to anything after your purchase.
