- Briefly define each of the three members of the information security triad.
ANS:
Confidentiality: is an information access limitation or restrictions on unauthorized person.
Integrity: the assurance that information has not been changed or altered from its original intended state.
Availability: is the state of information right to use by authorized person for the purpose of access and modification.
2. What does the term authentication mean?
ANS: Authentication: is the act of recognizing or confirming the identity of system user.
3. What is multi-factor authentication?
ANS: Multi-factor Authentication: the process of confirming user identity for the purpose of granting access using two or more pieces of evidence.
4. What is role-based access control?
ANS: Role-based access control: is a form of restricting access to a system or a network based on a person’s given role in an organization.
5. What is the purpose of encryption, and fundamentally how does it work?
ANS: The purpose of encryption is to encode a message so that unauthorized personal will be restricted from reading and understanding the content of a message. In general the sender and receiver of the message agree in a common key such that the sender will encode the message using the key and the receiver will use that key to decode the message (symmetric encryption). Asymmetric or public encryption works when a sender uses the receiver’s public key to encode a message and send it and then the receiver uses his/her private key to decode the message.
6. What is pretexting and how does it represent a threat in the Cybersecurity landscape?
ANS: pretexting is when a hacker calls IT support, helpdesk or system administrator and succeeds in convincing to change the password of an authorized user just by pretending like one. Like in here it is clear to see the Cybersecurity challenges- password breached has still found a way to occur.
7.What’s the point in backups & what are the components of a good backup plan?
ANS: In incidents of sudden downtime, data can be lost and recovery methods should initially be there to help. The point of backup will be used as a resource to restore what has been lost from a device or server. Good backup plans are, store the backed up data in a different device than the device in use, regular backups are needed to minimize data lost, and identify which data are for backups to minimize space.
8. What is a firewall?
ANS: On the basis of predetermined security setups a firewall is a network security system which monitors incoming and outgoing packets through the network traffic.
9. Discuss various types of Firewalls.
ANS: In general firewalls exist in two types, software and hardware.
-Hardware firewall: is in the form of device, connected to a network and filters packets based in how it’s programmed.
-Software firewall: is software runs on an operating system which intercepts packets which are destined to enter to a computer.
10. What does the term physical security mean and how does it apply to Cybersecurity?
ANS: Physical security refers to security of the actual building holding all the hardware and software components of a system. As unauthorized altering of data and information theft are some of the problems Cybersecurity as a field is trying to address, securing the building so that no tempering of resources and data is as much important as the former.