Module 3: An overview of key security concepts

by
Contents hide
1 INTRODUCTION – An overview of key security concepts
2 CIA TRIAD
3 ACCESS MANAGEMENT
4 INCIDENT RESPONSE
5 FRAMEWORKS AND THEIR PURPOSE
6 QUIZ: KEY CONCEPTS
7 CONCLUSION – An overview of key security concepts
Spread the love

INTRODUCTION – An overview of key security concepts

Deep into core security principles fundamental for any feature of cybersecurity. This will shift the attention towards the CIA Standard, incident response importance, and some critical cybersecurity frameworks. You would also know about governance practices and compliance standards for around-the-clock IT.

Learning Objectives:

  • Know-how on the compliance policies about cybersecurity which organizations usually have to comply with.
  • Get to know OWASP Top 10, the values it possesses, and what relevance it has to cybersecurity professionals.
  • Learn ethical hacking and the penetration testing process.
    Differentiate internal vs. external security audits, as well as the three phases in conducting these audits.
  • Get in-depth knowledge concerning the domain of IT governance.
  • Know the function of the frameworks, baselines, and best practices in cybersecurity.
  • Understand the three-phased process of a cybersecurity incident response.
  • Deep understanding of the key concepts which refer from cyber security incident response.
  • Define the cyber-security incident management along with its essential components.
  • Understand access management methods and various concepts.
  • Define non-repudiation and how to put in place its measures.
  • Get insight into the integrity component of the CIA triad and the methods by which organizations can maintain integrity.
  • Understand availability in the context of the CIA triad and how organizations can ensure it.

CIA TRIAD

1. Encrypting your email is an example of addressing which aspect of the CIA Triad?

  • Confidentiality (CORRECT)
  • Integrity
  • Availability

Correct! You are keeping the contents confidential.

2. You fail to backup your files and then drop your laptop breaking it into many small pieces. You have just failed to address which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability (CORRECT)

Correct! Absolutely. If a laptop develops a fault and has no backup created, it will be impossible for the user to find some very important files and data. Backups should be created regularly with the aim of keeping data safe for restoration in the event of hardware malfunctions, theft, or other types of problems. Backups should always be reliable, be it cloud storage, an external drive, or any other trusted means of storage.

3. The use of digital signatures is an example of which concept?

  • Non-repudiation (CORRECT)
  • Confidentiality
  • Integrity
  • Availability

Correct! You know who the message came from and she cannot deny it.

4. Trudy forwards a message from Alice to Bob, but changes the timestamp on Alice’s message before sending it to make it look like it came in later. This is a violation of which aspect of the CIA Triad?

  • Confidentiality
  • Integrity (CORRECT)
  • Availability

Correct! Integrity assures that your message was not altered.

ACCESS MANAGEMENT

1. Managers in the Singapore office at your company can access documents that managers in other offices cannot access, nor can non-manager employees in the Singapore office. Which two (2) access criteria types were likely involved in setting this up?

  • Timeframe
  • Physical location (CORRECT)
  • Groups (CORRECT)
  • Transaction type

Location can serve as a very effective criterion for implementing access control.

Usually, all the managers are grouped under the single heading “Managers”.

INCIDENT RESPONSE

1. In incident management, an event that has a negative impact on some aspect of the network or data is called what?

  • Incident (CORRECT)
  • Attack
  • Threat
  • Event

Correct! An event that actually does an impact generally is an incident.

2. In incident management, a data inventory, data classification and data management process are part of which key concept?

  • Automated system
  • Post-Incident Activities
  • Business Continuity Plan & Disaster Recovery
  • E-Discovery (CORRECT)

Correct! Ensuring systems and data inventories are automated is very critical if monitoring for changes or identifying anything that should not belong is to be achieved. Timely detection and response to unauthorized changes or anomalies can be achieved in this manner.

3. Which phase of the Incident Response Process do steps like Identify cyber security incident, Define objectives and investigate situation and Take appropriate action fall into?

  • Phase 1: Prepare
  • Phase 2: Respond (CORRECT)
  • Phase 3: Follow Up

Correct! These are all part of the Respond phase.

FRAMEWORKS AND THEIR PURPOSE

1. In the context of security standards and compliance, which two (2) of these items are goals of frameworks and best practices?

  • They serve as an enforcement mechanism for government, industry or clients.
  • They are rules to follow for a specific industry.
  • They seek to improve performance, controls and metrics. (CORRECT)
  • They help translate the business needs into technical or operational needs. (CORRECT)

Partially correct! The goal is improvement.

Partially correct! They can guide you on how this was successfully done in the past or by others, providing valuable insights and best practices to follow.

2. A company document that says employees may not do online shopping while at work would be which of the following?

  • Procedure
  • Policy (CORRECT)
  • Strategic Plan
  • Tactical Plan

Correct! The rule shall be as part of the company policy on Internet access, which will articulate and define the manner in which Internet will be appropriately used including its restrictions.

3. Which three (3) of these are compliance standards that must be adhered to by companies is some industries / countries?

  • SOX (CORRECT)
  • HIPPA (CORRECT)
  • OCTAVE
  • PCI/DSS (CORRECT)

Partially correct! SOX is short for Sarbanes-Oxley Act, an accounting law in the United States.

Partially correct! HIPPA is short for Health Insurance Portability and Accountability Act, a healthcare data privacy law in the United States.

Partially correct! The acronym PCI DSS stands for Payment Card Industry Data Security Standard. It is a standard on information security that is based mainly for the organizations that regard in the credit card transactions.

4. A method of evaluating computer and network security by simulating an attack on a computer system or network from external or internal threats is know as which of the following?

  • A threat
  • A pentest (CORRECT)
  • A hack
  • A white hat

Correct! Ethical penetration testing, authorized into being carried out, is an effective method for accessing the security of systems. Moreover, it can find out some vulnerability or weakness in advance before malevolent attackers exploit them.

5. The OWASP “Top 10” provides guidance on what?

  • The top 10 malware exploits reported each year.
  • The top 10 application vulnerabilities reported each year. (CORRECT)
  • The top 10 network vulnerabilities reported each year.
  • The top 10 cybercrimes reported each year.

Correct! OWASP is the acronym for Open Web Application Security Project. It is a nonprofit organization whose objective is to improve the security of software by engaging in community-driven open-source projects, sharing knowledge, and creating best practices.

QUIZ: KEY CONCEPTS

1. Which is not part of the Sans Institutes Audit process?

  • Feedback based on the findings.
  • Define the audit scope and limitations.
  • Help to translate the business needs into technical or operational needs. (CORRECT)
  • Deliver a report.

2. Which key concept to understand incident response is defined as “data inventory, helps to understand the current tech status, data classification, data management, we could use automated systems. Understand how you control data retention and backup.”

  • Automated Systems
  • Post-Incident
  • E-Discovery (CORRECT)
  • BCP & Disaster Recovery 

3. Which is not included as part of the IT Governance process?

  • Procedures
  • Tactical Plans 
  • Policies
  • Audits (CORRECT)

4. Trudy reading Alice’s message to Bob is a violation of which aspect of the CIA Triad?

  • Confidentiality (CORRECT)
  • Integrity
  • Availability

5. A hash is a mathematical algorithm that helps assure which aspect of the CIA Triad?

  • Confidentiality
  • Integrity (CORRECT)
  • Availability

6. A successful DOS attack against your company’s servers is a violation of which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability (CORRECT)

3. Now, find a pattern in a different format. Select the next number in the sequence:

Fill in the blank: 9, 13, 17, 21, 25, 29, _____

  • 10
  • 25
  • 33 (Correct)
  • 55

Correct: That’s accurate. The answer to this question is 33. The sequence of these numbers increases by 4 for every successive step.

7. Which of these is an example of the concept of non-repudiation?

  • Alice sends a message to Bob with certainty that it will be delivered.
  • Alice sends a message to Bob and Alice is certain that it was not read by Trudy.
  • Alice sends a message to Bob with certainty that it was not altered while in route by Trudy.
  • Alice sends a message to Bob and Bob knows for a certainty that it came from Alice and no one else. (CORRECT)

8. In incident management, an observed change to the normal behavior of a system, environment or process is called what?

 
  • Incident
  • Attack
  • Event (CORRECT)
  • Threat

9. In incident management, tools like SIEM, SOA and UBA are part of which key concept?

  • Post-Incident Activities
  • E-Discovery
  • BCP & Disaster Recovery
  • Automated system (CORRECT)

10. Which phase of the Incident Response Process do steps like Carry out a post incident review and Communicate and build on lessons learned fall into?

  • Prepare
  • Follow Up (CORRECT)
  • Respond

11. A company document that details how an employee should request Internet access for her computer would be which of the following?

  • Policy
  • Tactical Plan
  • Strategic Plan
  • Procedure (CORRECT)

12. Which of these is a methodology by which to conduct audits?

  • SOX
  • HIPPA
  • PCI/DSS
  • OCTAVE (CORRECT)

13. Mile 2 CPTE Training teaches you how to do what?

  • Conduct a Ransomware attack
  • Advanced network management tasks
  • Construct a botnet
  • Conduct a pentest (CORRECT)

CONCLUSION – An overview of key security concepts

Therefore, it is concluded that this module serves as a comprehensive introduction to some of the core security concepts required for an individual to occupy any position related to cybersecurity. By covering the contents of the CIA triad, incident response, various cybersecurity frameworks, best practices in IT governance, and compliance standards, you have gained the valuable insight that will set a solid footing for the continuation of your career in cybersecurity.

The more you know and practice these principles, the better prepared you will be in guarding systems, information, and assets against the ever-evolving threats in our digital environment.

Leave a Comment