COURSE 1 – INTRODUCTION TO CYBERSECURITY TOOLS & CYBER ATTACKS

Module 3: An overview of key security concepts

IBM CYBERSECURITY ANALYST PROFESSIONAL CERTIFICATE

Complete Coursera Study Guide

Enroll in Coursera IBM Cybersecurity Analyst Professional Certificate Here

TABLE OF CONTENT

INTRODUCTION – An overview of key security concepts

This module will delve into essential security principles crucial for any cybersecurity role. It will elaborate on the CIA Triad and explore the significance of incident response and cybersecurity frameworks. Additionally, you will gain insights into IT governance best practices and compliance standards.

Learning Objectives

  • Discuss cybersecurity compliance policies that most organizations must follow
  • Discuss what the Open Web Application Security Project (OWASP) Top 10 is and why it’s an invaluable resource for cybersecurity professionals
  • Explain ethical hacking and the penetration testing process
  • Contrast internal and external security audits and three phases for completing them
  • Describe the components of IT governance
  • Explain the purpose of frameworks, baselines, and best practices in cybersecurity
  • Summarize what happens in each of the three phases of cybersecurity incident response
  • Describe key concepts of cybersecurity incident response
  • Define cybersecurity incident management and discuss its essential components
  • Describe access management methods and concepts
  • Define non-repudiation and its measures for implementation
  • Describe the integrity component of the CIA triad and discuss how organizations can achieve it
  • Explain availability in the context of the CIA triad and how organizations can implement it

CIA TRIAD

1. Encrypting your email is an example of addressing which aspect of the CIA Triad?

  • Confidentiality (CORRECT)
  • Integrity
  • Availability

Correct! You are keeping the contents confidential.

2. You fail to backup your files and then drop your laptop breaking it into many small pieces. You have just failed to address which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability (CORRECT)

Correct! A broken laptop with no backup means your data will not be available to you.

3. The use of digital signatures is an example of which concept?

  • Non-repudiation (CORRECT)
  • Confidentiality
  • Integrity
  • Availability

Correct! You know who the message came from and she cannot deny it.

4. Trudy forwards a message from Alice to Bob, but changes the timestamp on Alice’s message before sending it to make it look like it came in later. This is a violation of which aspect of the CIA Triad?

  • Confidentiality
  • Integrity (CORRECT)
  • Availability

Correct! Integrity assures that your message was not altered.

ACCESS MANAGEMENT

1. Managers in the Singapore office at your company can access documents that managers in other offices cannot access, nor can non-manager employees in the Singapore office. Which two (2) access criteria types were likely involved in setting this up?

  • Timeframe
  • Physical location (CORRECT)
  • Groups (CORRECT)
  • Transaction type

Partially correct! Location is used as an access control factor.

Partially correct! Managers would be in a managers group.

INCIDENT RESPONSE

1. In incident management, an event that has a negative impact on some aspect of the network or data is called what?

  • Incident (CORRECT)
  • Attack
  • Threat
  • Event

Correct! An event with an impact is called an Incident.

2. In incident management, a data inventory, data classification and data management process are part of which key concept?

  • Automated system
  • Post-Incident Activities
  • Business Continuity Plan & Disaster Recovery
  • E-Discovery (CORRECT)

Correct! It is crucial to have an automated inventory of systems and data so you can know if anything changes or does not belong.

3. Which phase of the Incident Response Process do steps like Identify cyber security incident, Define objectives and investigate situation and Take appropriate action fall into?

  • Phase 1: Prepare
  • Phase 2: Respond (CORRECT)
  • Phase 3: Follow Up

Correct! These are all part of the Respond phase.

FRAMEWORKS AND THEIR PURPOSE

1. In the context of security standards and compliance, which two (2) of these items are goals of frameworks and best practices?

  • They serve as an enforcement mechanism for government, industry or clients.
  • They are rules to follow for a specific industry.
  • They seek to improve performance, controls and metrics. (CORRECT)
  • They help translate the business needs into technical or operational needs. (CORRECT)

Partially correct! The goal is improvement.

Partially correct! They can guide you in how this was done successfully before or by others.

2. A company document that says employees may not do online shopping while at work would be which of the following?

  • Procedure
  • Policy (CORRECT)
  • Strategic Plan
  • Tactical Plan

Correct! This rule would be contained in a company’s policy on Internet access.

3. Which three (3) of these are compliance standards that must be adhered to by companies is some industries / countries?

  • SOX (CORRECT)
  • HIPPA (CORRECT)
  • OCTAVE
  • PCI/DSS (CORRECT)

Partially correct! SOX is short for Sarbanes-Oxley Act, an accounting law in the United States.

Partially correct! HIPPA is short for Health Insurance Portability and Accountability Act, a healthcare data privacy law in the United States.

Partially correct! PCI/DSS is short for Payment Card Industry Data Security Standard, an information security standard for those processing credit card transactions.

4. A method of evaluating computer and network security by simulating an attack on a computer system or network from external or internal threats is know as which of the following?

  • A threat
  • A pentest (CORRECT)
  • A hack
  • A white hat

Correct! Ethical (with permission) penetration testing is a very effective way to assess system security.

5. The OWASP “Top 10” provides guidance on what?

  • The top 10 malware exploits reported each year.
  • The top 10 application vulnerabilities reported each year. (CORRECT)
  • The top 10 network vulnerabilities reported each year.
  • The top 10 cybercrimes reported each year.

Correct! OWASP stands for Open Web Application Security Project

QUIZ: KEY CONCEPTS

1. Which is not part of the Sans Institutes Audit process?

  • Feedback based on the findings.
  • Define the audit scope and limitations.
  • Help to translate the business needs into technical or operational needs. (CORRECT)
  • Deliver a report.

2. Which key concept to understand incident response is defined as “data inventory, helps to understand the current tech status, data classification, data management, we could use automated systems. Understand how you control data retention and backup.”

  • Automated Systems
  • Post-Incident
  • E-Discovery (CORRECT)
  • BCP & Disaster Recovery 

3. Which is not included as part of the IT Governance process?

  • Procedures
  • Tactical Plans 
  • Policies
  • Audits (CORRECT)

4. Trudy reading Alice’s message to Bob is a violation of which aspect of the CIA Triad?

  • Confidentiality (CORRECT)
  • Integrity
  • Availability

5. A hash is a mathematical algorithm that helps assure which aspect of the CIA Triad?

  • Confidentiality
  • Integrity (CORRECT)
  • Availability

6. A successful DOS attack against your company’s servers is a violation of which aspect of the CIA Triad?

  • Confidentiality
  • Integrity
  • Availability (CORRECT)

7. Which of these is an example of the concept of non-repudiation?

  • Alice sends a message to Bob with certainty that it will be delivered.
  • Alice sends a message to Bob and Alice is certain that it was not read by Trudy.
  • Alice sends a message to Bob with certainty that it was not altered while in route by Trudy.
  • Alice sends a message to Bob and Bob knows for a certainty that it came from Alice and no one else. (CORRECT)

8. In incident management, an observed change to the normal behavior of a system, environment or process is called what?

  • Incident
  • Attack
  • Event (CORRECT)
  • Threat

9. In incident management, tools like SIEM, SOA and UBA are part of which key concept?

  • Post-Incident Activities
  • E-Discovery
  • BCP & Disaster Recovery
  • Automated system (CORRECT)

10. Which phase of the Incident Response Process do steps like Carry out a post incident review and Communicate and build on lessons learned fall into?

  • Prepare
  • Follow Up (CORRECT)
  • Respond

11. A company document that details how an employee should request Internet access for her computer would be which of the following?

  • Policy
  • Tactical Plan
  • Strategic Plan
  • Procedure (CORRECT)

12. Which of these is a methodology by which to conduct audits?

  • SOX
  • HIPPA
  • PCI/DSS
  • OCTAVE (CORRECT)

13. Mile 2 CPTE Training teaches you how to do what?

  • Conduct a Ransomware attack
  • Advanced network management tasks
  • Construct a botnet
  • Conduct a pentest (CORRECT)

CONCLUSION – An overview of key security concepts

In conclusion, this module has provided a comprehensive overview of fundamental security concepts essential for success in any cybersecurity position. By delving into the CIA Triad, incident response, cybersecurity frameworks, IT governance best practices, and compliance standards, you’ve gained valuable insights that will serve as a solid foundation for your journey in the field of cybersecurity.

As you continue to explore and apply these principles, you’ll be better equipped to protect systems, data, and assets from evolving threats in today’s digital landscape.

Previous Week
Next Week

Subscribe to our site

Get new content delivered directly to your inbox.

Quiztudy Top Courses

Popular in Coursera

Liking our content? Then, don’t forget to ad us to your BOOKMARKS so you can find us easily!

Subscribe