Scribd
Upload
4K views3 pages

What Is One of The First Things That You Need To Do Before Implementing Safeguards To Information

The document provides definitions and explanations of key cybersecurity concepts. It begins by asking multiple choice questions about definitions of cybersecurity, information security, authentication, and related terms. It then defines the CIA triad of confidentiality, integrity and availability. It also defines the DAD triad of disclosure, alteration and denial. It defines the AAA of authentication, authorization and accounting. It describes types of cyber threats like hackers and their motivations. It also defines security hats like white, black and grey hats.

Uploaded by

Pedro Pontes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
4K views3 pages

What Is One of The First Things That You Need To Do Before Implementing Safeguards To Information

The document provides definitions and explanations of key cybersecurity concepts. It begins by asking multiple choice questions about definitions of cybersecurity, information security, authentication, and related terms. It then defines the CIA triad of confidentiality, integrity and availability. It also defines the DAD triad of disclosure, alteration and denial. It defines the AAA of authentication, authorization and accounting. It describes types of cyber threats like hackers and their motivations. It also defines security hats like white, black and grey hats.

Uploaded by

Pedro Pontes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

1.

What is one of the first things that you need to do before implementing safeguards to
information? Select one:

Conduct criminal record checks on all employees.


Carry out a data integrity check on all sensitive data.
Determine what information needs to be protected. gg
Verify with government regulations if information requires protection.

2. Which definition accurately describes cybersecurity? Select one:

The management of critical infrastructure, such as pipelines and electrical power grids
The practice of protecting computer networks, devices, and digital information gg
The protection of information systems against unauthorized access, modification, and so on
The protection of all information that has been deemed sensitive.

3. Which definition accurately describes information systems security? Select one:

The control of physical access to a building or room where sensitive data is stored X.
The practice of protecting computer networks, devices, and digital information X
The management of information systems, including disaster recovery (DR) and high availability (HA) X
The protection of information systems against unauthorized access, modification, and so on gg

4. Which is the most accurate definition of authentication in cybersecurity? Select one:

The practice of verifying activities on computer devices X


The act of certifying that someone can perform an action X.
The act of identifying and verifying a person or thing
The process of controlling access to resource X

5. Which definition accurately describes information security (InfoSec)? Select one:

The processes for preventing, detecting, and remediating attacks on sensitive information, both digital and
physical.
The practice of protecting computer networks, devices, and digital information, whether on-premises or in
the cloud. X
The management of critical infrastructure, such as pipelines, electrical power grids, and data centers in
the cloud.
The control of physical access to a building or room where sensitive data is stored, either digitally or
physically. X

6. Which two elements of cybersecurity must be addressed when defending computer networks?
(Choose two.) Select one or more:

Human behavior GG
Computer technology vulnerabilities GG
Information left on desks or in public places.
Physical access points

7. What is one of the first things that you need to do before implementing safeguards to
information? Select one:
Conduct criminal record checks on all employees.
Verify with government regulations if information requires protection.
Carry out a data integrity check on all sensitive data.
Determine what information needs to be protected. GG

8. In addition to the five categories of cybersecurity, what else do you need to consider when
defending the cyber space? Select one:

Executive strategic planning


ISO standards
Computer code
People and processes GG

9. What are two categories of cybersecurity? (Choose two.) Select one or more:

Critical infrastructure
Network security GG
Security accreditation for employees X
Building access security X

10. Which cybersecurity term does one of the letters in AAA stand for? Select one:

Accounting
Acceptability
Anonymity
Alerts

11. Which three principals make up the DAD triad? (Choose three.) Select one or more:

Domain spoofing
Denial
Anonymized data
Disclosure
Alteration

12. Which is the most accurate definition of authorization in cybersecurity? Select one:

The practice of verifying activities on computer devices


The process of controlling access to resources
The act of certifying that someone can perform an action.
The act of identifying and verifying a person or thing X

Cybersecurity is the practice of protecting computer networks,devides,and information form


damage,loss or unauthorized acess.

Protects digital information from cybertheats.

Confidentiality - Data is kept confidential and private


Integrity - Data is authentic, accurate reliable, and free from tampering
Availability - Data is available to those who need it
CIA

Disclosure -Cinfidential data is exposed to unauthorized parties


Alteration-The tampering of data cannot be prevented or the authentiity of the data cannot be
determined
Denial- Unauthorized agents are prevented from acessing data
DAD

AAA
Authentication- Process of identifying and verifyng a person or thing
Authorization - Process of controlling acess to resources
Accouting - Record keeping and tracing of agent activities on computer devices and networks

Persons who try to steal, sabotage, or stop you from using computer systems or accessing information
that you are authorized to use and that is stored on or it transit between computing devices.

Character
Motivation
Attack Method

Explorer - Pishing/ Spear pishing/Smishing/Vishing


Hacktivist – botnet (Command and control C&C server) – DdoS (distribuited denial-of-service)
Cyberterrorist -
Cybercriminal – Ransomware/ Colonial Pipeline Ransomware attack
Cyberwarrior –

White Hat – Ethical


Black Hat – Malicious
Grey Hat – Not Malicious, but not always ethical
Blue Hat – Ethical, hired third party.

https://priyadogra.com/fortinet-the-threat-landscape-quiz-answers/

You might also like