Buy Existing Paper - What security properties are meant by the “CIA Triad

What security properties are meant by the “CIA Triad



What security properties are meant by the “CIA Triad”?

Confidentiality, integrity and availability are security properties meant by “CIA Triad”.

  1. What is used to describe a property of a secure network where a sender cannot deny having sent a message?

Nonrepudiation is ways to guarantee that the sender of a message cannot latter deny having sent a message and the recipient cannot deny having received the message.

  1. What is a CISO?

CISO (chief security information officer) is the senior level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.What security properties are meant by the “CIA Triad

  1. Which of vulnerability, threat, and risk would be assessed by likelihood and impact?

Threat is assessed by likelihood and impact.

  1. True or false? Nation state actors primarily only pose a risk to others states

False, nation state actors do not only pose a risk to other states but they also attack them.

  1. In which of them “Kill chain” does a threat actor first gain access to a resource on the target network?

In phase 6-command and control: this is where malware enables the intruder to have “hands on the key board” persistence access to target network.

  1. What is the difference between an observable and an IOC?

Observables are data points while IOC (Indicator of Compromise) is referred to as indicator of risk.

  1. How do social engineering attacks succeed?

A social engineering attack succeeds once the attacker manages to manipulate users psychologically and tricks them to give away sensitive information that grants access to the system.

  1. Is the goal of social engineering to gain access to premises or a computer system?

The goal of social engineering attack is to gain access to a computer system.

  1. What is shoulder surfing?

The practice of spying on the user of a cash dispensing machine or other electronic device in order to obtain their personal information such as personal identification number, password and others.

  1. What is a lunchtime attack?What security properties are meant by the “CIA Triad

Lunchtime attack is an attack in which an attacker may make adaptive chosen-cipher text queries but only up until a certain point, after which the attacker must demonstrate some improved ability to attack the system.

  1. What is difference between phishing, spear phishing, and whaling?

Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information such as passwords and credit card numbers.

Spear phishing is where fraudsters customize their attack emails with the target names, position, company, work phone number and other information in an attempt to trick the recipient into believing that they have a connection with the sender.

Whaling is a specific type of phishing attack that targets high-profile employees.

  1. Why backdoors and Trojans are considered different types of malware?

Although backdoor can be created by installing Trojan but it can be created with other ways, Trojan and backdoor are referred to as different types of malware because each one of them performs a specific role that is Trojan is any type of program that pretends to be something else while backdoor is a remote access that is installed without the users’ knowledge.

  1. What are the two main types of ransom ware?

Locker ransom ware and crypto ransom ware are the two main types of ransom ware.

  1. What is OSINT?

OSINT is publicly available information and tools for aggregating and searching.