Flashcards
Checking access...
Q1: What are the three elements of the CIA triad?
Tip
A: Confidentiality (data accessible only to authorised parties), Integrity (data is accurate and unmodified), Availability (systems and data are accessible when needed).
Q2: What is the risk formula?
Tip
A: Risk = Threat × Vulnerability × Impact. A high risk requires all three elements: a threat that can exploit a vulnerability, resulting in significant business impact.
Q3: What is the difference between symmetric and asymmetric encryption?
Tip
A: Symmetric encryption uses one key for both encryption and decryption (AES) — fast, good for bulk data. Asymmetric encryption uses a public/private key pair (RSA, ECC) — slower, good for key exchange and digital signatures.
Q4: What are the five functions of the NIST Cybersecurity Framework?
Tip
A: Identify (understand risk), Protect (safeguard assets), Detect (find attacks), Respond (contain and mitigate), Recover (restore operations).
Q5: What is the difference between a policy, standard, and procedure?
Tip
A: A policy is a high-level requirement (“what” — must have MFA). A standard is a specific requirement (“how much” — MFA must use FIDO2). A procedure is a step-by-step instruction (“how” — follow this guide to configure FIDO2 in Azure AD).
Q6: What was the total cost of the Equifax 2017 data breach?
Tip
A: Over $1.4 billion in direct costs (fines, lawsuits, remediation). Root cause: known vulnerability (CVE-2017-5638, Apache Struts RCE) that was not patched despite a patch being available for 2+ months.
Q7: What is the most effective phishing simulation strategy?
Tip
A: Regular (monthly), varied simulations targeting high-risk behaviours. Combine with instant feedback training (1-2 minute lesson immediately after clicking). Track: click rate (target < 5%), report rate (target > 50% of simulated phishing emails reported).
Q8: What is the Parkerian Hexad?
Tip
A: An extension of the CIA triad adding: Possession/Control (data ownership), Authenticity (data is genuine), Utility (data is useful). Provides a more complete model for information security analysis.
Q9: What is quantitative vs qualitative risk assessment?
Tip
A: Quantitative uses numerical values (ALE = SLE × ARO, e.g., “this risk costs $500K/year”). Qualitative uses descriptive scales (High/Medium/Low). Quantitative is more precise but harder; qualitative is faster but more subjective. Use both.
Q10: What is the single most important control for reducing breach risk?
Tip
A: Multi-Factor Authentication (MFA). MFA blocks 99.9% of automated credential attacks, and compromised credentials are involved in over 50% of breaches. It is the highest-ROI security control.