Cyber Security

Vulnerabilities & Threats

Physical Security

Availability

The Enemy

Hacks

100

transferring the plain text into cipher text to hide the information from unauthorized person

What is Encryption

100

Overlapping layers of protection put in place so that if one layer fails other layers succeed in protecting is known as....

What is Defense in Depth

100

To apply or maintain permissions to prevent an account from getting information they are not authorized to see while making the information available to those who are authorized.

What is Access Control

100

They are people who traditionally tried to gain access to computers remotely to learn more and for intellectual curiosity. Currently, they only make up 17% of computer intrusions.

Who are hackers

100

A program that is designed only to read Hyper Text Markup Language (HTML) web pages downloaded from Internet websites. They can have helpers or add-on functions incorporated by using interpreters to read the additional instructions and provide different web content types. Internet Explorer, Firefox and Safari are examples of these.

What is a browser? (or web browser)

200

provides protection for operating systems from malicious software

What is Anti-malware

200

The list of computers, laptops, software, equipment owned by an organization.

What is Inventory

200

An identifier that uniquely tracks actions to individuals.

What is an Account (or Login ID)

200

The malware locks systems by encrypting files and demanding ransom to obtain the decryption key.

What is Ransomware

200

Easily readable programs that automate or provide extra function on a computer system or in an application or browser. ActiveX and JavaScript are examples of this type of language.

What is Scripting? (or Scripting Code or Scripting Language)

300

provides real time warnings for computer information system by monitoring and analysis the any attempts to access the system; it will fire an alarm

What is Intrusion detection

300

The use of personality, inowledge of human nature and social skills to steal passwords, keys tokens or other credentials to gain access to systems.

What is Social Engineering

300

Functional managers classify data and grant approval to those whose jobs require access to the information.

Who are Data Managers

300

These are well run groups of crooks who methodically look for computer vulnerabilities to steal large numbers of financial or credit card accounts for financial profit.

Who are organized crime groups

300

A type of a program that takes scripting language and reads it so it can be acted on by a browser or an application. These are found in almost all operating systems, web browsers and many commercial off the shelf application programs.

What is an Interpreter?

400

securing the computer information system; it protects the information system against outside and inside attacks, so the working by filtering incoming packet and outgoing packet

What is a Firewall

400

30-50% of all data loss due to the people already within the organization.

What is Insider Threat

400

As a result of the VA breach in 2006 where PII of over a million veterans was lost, it is now a requirement to delete all sensitive data extracts on individual computers after this number of days.

What is 90 days

400

They are structured groups funded by other governments and dedicated to mapping out the internet addresses for the purpose of espionage and possible computer attacks.

What is state sponsored hacking

400

The contents of electronic documents that can carry out or trigger actions automatically, on a computer platform, without the intervention of a user. Active content includes built in macro processing, scripting languages, or virtual machines. A significant share of today’s malware involves this type of programs.

What is Active Content?

500

identifies hosts and host attributes (operating systems, applications open ports) but it also attempts to identify vulnerabilities rather than relying on human interpretation of scanning results.

What is Vulnerability scanning

500

A necessary process to limit the kinds of hardware and software which minimizes the number of different vulnerabilities and reduces exposure to security weaknesses.

What is Standardization

500

It is a word or phrase that verifies that you and only you had access to the account.

What is a Password

500

The weakest link in every computer system. The one person who can through thoughtlessness, unawareness or accident, cause loss of work products through deletion, corruption or improperly safeguarding data.

Who are you (Who am I)

500

A program, script, macro or other portable instruction, that can be shipped unchanged to a variety of platforms and executed with the same result. Some of the most common forms of mobile code are JavaScript, Asynchronous JavaScript and eXtended Markup Language (XML) or AJAX, Java applets, ActiveX, and Flash. It is being adapted to run on cell phones, PDAs, and other devices.

What is Mobile Code?