1. Briefly define each of the three members of the information security triad.
  2. What does the term authentication mean?
  3. What is multi-factor authentication?
  4. What is role-based access control?
  5. What is the purpose of encryption, and fundamentally how does it work?
  6. What is pretexting and how does it represent a threat in the Cybersecurity landscape?
  7. What’s the point in backups & what are the components of a good backup plan?
  8. What is a firewall?
  9. Discuss various types of Firewalls.
  10. What does the term physical security mean and how does it apply to Cybersecurity?
  1. Briefly define each of the three members of the information security triad.
    1. Confidentiality: Restricting access to those qualified to see it and not allowing others to know of its contents.
    2. Integrity: The confidence that the contents have not been changed and are still there.
    3. Availability: This means the items can be opened at any time by the people meant to access them. 
  2. What does the term authentication mean?
    1. Identifying someone based on what they know, they have or are.
  3. What is multi-factor authentication?
    1. Multi-factor authorization is using two or more items of authentication listed above.
  4. What is role-based access control?
    1. Role-based access control is used to determine what information will need to be accessed based on someone’s role/ job description. Such as a receptionist changing a doctor’s note.
  5. What is the purpose of encryption, and fundamentally how does it work?
    1. The purpose of encryption is to make it so people who do not need to see the contents do not have access whether transferring it online or putting it onto an external device through encoding the data. 
    2. To make it work both people (the one receiving and one sending) have to agree on how they would like the information sent/given.
  6. What is pretexting and how does it represent a threat in the Cybersecurity landscape?
    1. Pretexting is when someone impersonates another to steal information. They can pretend to be someone else and get the password reset and convince the new one to be given. Overall, it is creating a story or false narrative to trick someone into giving unprivileged information.
    2. This can be dangerous to cybersecurity if the person falls for this and gives the new password or even if someone clicks on a link that isn’t safe allowing them access to the system. Once someone is in it can be a lot easier to get the information.
  7. What’s the point in backups & what are the components of a good backup plan?
    1. A backup is a way to copy all of the data or “inventory” so that in case of an emergency, all the data can be gathered unharmed or lost. Such as backing up your iPhone onto the cloud will allow you to transfer the data onto a new phone if needed it can be downloaded if reset.
    2. A good backup plan includes:
      1. A full count of what is being backed up and what is the best way to back up that type of information, 
      2. Regular backups so now information gets lost or left behind. It can be determined based on how much information a company receives or what needs to be backed up.
      3. Offsite storage prevents all data from being destroyed at once. In case of an incident at the company site, the data is stored at another facility where it can be recovered.
      4. Test of backups. By testing the backup you are prepared to know if all of your data is being backed up and if the process is working.
  8. What is a firewall?
    1. A firewall protects servers and devices by stopping items from the exterior of the company that does not meet the guidelines. 
  9. Discuss various types of Firewalls.
    1. 2 types of firewalls are hardware and software.
      1. Hardware firewalls: A device connected to the network and sets parameters based on the rules provided.
      2. Software firewalls: On the operating system and detains items before they reach the computer.
  10. What does the term physical security mean and how does it apply to Cybersecurity?
    1. Physical security can be just as important as firewalls. If an intruder gains access to the systems by stealing a computer or destroying all backups it can become just as problematic. Making sure devices are stored and locked away properly so that this information cannot be stolen or corrupted is important as it can also pose many risks.