Exam (elaborations)

Cyber Security Test - Week 1 to 5 Questions and Correct Answers.

0 purchase

Course
Cyber Security

Institution
Cyber Security

[Show more]

Preview 4 out of 59 pages

View example

Uploaded on December 21, 2024
Number of pages 59
Written in 2024/2025
Type Exam (elaborations)
Contains Questions & answers

cyber security test
week 1 to 5 questions and co

Institution Cyber Security
Course Cyber Security

Lectjosh Member since 2 year 75 documents sold

$20.49

Add to cart

Save

100% satisfaction guarantee
Immediately available after payment
Both online and in PDF
No strings attached

Cyber Security Test - Week 1 to 5 Questions and Correct
Answers.

What does cyber security refer to? - Correct Answer Cybersecurity relates to the security
of any device which is connected to some form of network such as the internet.

What does information security refer to? - Correct Answer Information security is wider
than computer security because it relates to the security of any information, whether that
be physical or held within a digital device.

What does computer security refer to? - Correct Answer Computer security relates to the
security of any computing device.

What are the three stages within cyber security? - Correct Answer Prevent: try to prevent
any attacks

Detect: try to detect any attack which are happening or have happened

Respond: try to respond to those attacks by incorporating more mechanisms or including
things such as security training or policies which can also impact the security of a system

What are the three properties that make up the CIA triad? - Correct Answer
Confidentiality: where information should be kept confidential from unauthorised parties.
For example, if you visit your GP and have some medical issues, documented, the
doctor's surgery is required to ensure that that is kept confidential from unauthorised
parties.

Integrity: where you want your data to be correct. You don't want someone to go and
amend that in an incorrect fashion. If we go back to the example of the GP surgery, again,
you wouldn't want somebody going and changing your medication to something that it
shouldn't be. So again, we're coming back to the idea of unauthorised parties changing
information or accessing information that they shouldn't have access to.

Availability: The data should be available to legitimate users at a time which is expected to
have access to. One example of this could be a bank unexpectedly being hit by a denial of
service attack, in which case the end user would not be able to access their funds, which
could cause some distress as well as, obviously impact the bank's reputation, which is
undesirable.

,What is a Bad/threat actor or malicious actor/hacker/attacker refer to? - Correct Answer
Bad/threat actor or malicious actor/hacker/attacker: an insider or outsider so that is
someone who is legitimately part of the system or someone who's external to that who's
trying to impose some form of harm on the system-- so to gain unauthorised access to a
system that it shouldn't have access to.

What does Malicious mean? - Correct Answer Malicious: where someone sets out with
the intent of causing harm.

What does non malicious mean? - Correct Answer Non-malicious: where someone
unintentionally compromises the security of the system-- for example, writing down a
password and storing it somewhere that can be easily found by someone who shouldn't
have access to that.

What is a vulnerability? - Correct Answer Vulnerability: a limitation of a system which
opens it up to exploitation.

What is a threat? - Correct Answer Threat: something or someone which is constantly
posing potential harm to an asset, such as a data set.

What is an attack? - Correct Answer Attack: an attempted exploitation of a particular
vulnerability of a system.

What is an attack surface? - Correct Answer Attack surface: a collection of all the different
points of entry an unauthorised attacker could try to exploit.

What is an attack vector? - Correct Answer Attack vector: typically referred to after an
attack has taken place and is the particular path that the attacker has taken in order to
gain unauthorised access.

Give three examples of cybersecurity laws and regulations - Correct Answer Computer
Misuse Act, the Serious Crime Act Amendment which revised Computer Misuse Act to
reflect more modern landscapes, and the Data Protection Act 2018, which is the UK
implementation of GDPR.

Give four examples of cyber security events in history that changed the industry - Correct
Answer The morris worm, phreaking 60s, first computer password, the 414s real life war
games, target 2013

,What are cyber security frameworks? - Correct Answer Cyber security frameworks are
pre-defined guides to developing security policies and procedures.

What is the purpose of cyber security frameworks? - Correct Answer The aim is to reduce
the risk of common cyber security threats which organisations face on a daily basis.

Give three examples of cyber security frameworks - Correct Answer Such frameworks are
generally defined by leading cyber security organisations like

NIST (National Institute of Standards and Technology)
ISO (International Standards Organisation)
NCSC (National Cyber Security Centre)

What are the stages within the NIST cyber security framework? - Correct Answer Identify,
Protect, Detect, Respond and Recover model

What is the common body of knowledge cyber security framework? - Correct Answer The
Common Body of Knowledge (CBK) provides a knowledge base of information security
subjects, referred to as domains, a security professional should understand.

What are the ten security domains within the common body of knowledge? - Correct
Answer Access Control Systems and Methodology
Telecommunications and Network Security
Business Continuity Planning and Disaster Recovery Planning
Security Management Practices
Security Architecture and Models
Law, Investigation, and Ethics
Application and Systems Development Security
Cryptography
Computer Operations Security
Physical Security

What are the stages within the ISO27001 cyber security framework? - Correct Answer
Plan, Do, Check, Act model

, What does the NIST framework focus on? - Correct Answer assets, managing the risks
related to that, and detecting anomalies, incidents, response, and recovery.

What does the common criteria framework focus on? - Correct Answer This applies more
specifically to the security of hardware and software products. The common criteria
applies only to system security. It's implementation independent, which means that it
doesn't prescribe particular controls.

Give three similarities that exist between all cyber security frameworks - Correct Answer
There are similar families of objectives or areas of interest or function. They often rely on
risk management processes in terms of understanding the context, assets, threats, and
related processes.

They are often less specific in terms of implementation details. So they don't prescribe
particular controls that must be applied.

They all tend to have a review and reflection aspect to them. where we look at the efficacy
of our controls and countermeasures to continually improve our cybersecurity processes
and resilience.

What is a cipher? - Correct Answer A cipher is effectively an algorithm which allows us to
send a message across an insecure network in a secure fashion. It means that if anyone
were to intercept that message, they would be unable to read the contents of that.

What are the three key components of a cipher? - Correct Answer Plain text: unencrypted
message that if anyone were to intercept that, they would be able to read it irrespective of
whether they have access to the key or not.

Key: the thing that allows us to apply the encryption. It's the secret information that allows
us to encrypt and potentially decrypt that information as well.

Cipher text: the result of applying encryption to the plain text using the key. The intention
here is that if someone was to send a message over an insecure network, anyone
intercepting that would not be able to read that message without the key.

Describe the cryptography analogy with the names Alice, Bob and Eve - Correct Answer
Three of the key names that you might hear in relation to cryptography include Alice, Bob,
and Eve. These are just traditional labels used to represent intended recipients, and the

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Lectjosh. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $20.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

70713 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 15 years now

Start selling

Exam (elaborations)

Cyber Security Test - Week 1 to 5 Questions and Correct Answers.

Document information

Subjects

Written for

Seller

Reviews received

Content preview