Understanding Cybersecurity Fundamentals

Control, Integrity, Availability

Confidentiality, Integrity, Availability

Confidentiality, Integrity, Accountability

Confidentiality, Identity, Accessibility

Confidentiality is important in cybersecurity to protect sensitive information from unauthorized access.

Confidentiality is only important for financial data.

Confidentiality helps in improving system performance.

Confidentiality is irrelevant in cybersecurity.

Data integrity means the visual representation of data.

Data integrity means the accuracy and consistency of data over its lifecycle.

Data integrity is about the storage capacity of databases.

Data integrity refers to the speed of data processing.

Availability is irrelevant to incident response plans.

Availability has no impact on user access controls.

Availability is only concerned with data encryption.

Availability ensures that systems and data are accessible and usable when needed, which is crucial for effective cybersecurity.

Malware, phishing, ransomware, DoS attacks, insider threats

Data encryption techniques

Antivirus software

Firewall configurations

Policies are irrelevant to security measures.

Policies are only necessary for compliance audits.

Policies are solely for employee training purposes.

Policies provide guidelines and rules that govern security practices, ensuring consistent application and understanding of security measures.

Firewall

Hardware Security Module (HSM)

Router

Antivirus Software

A data breach is a process of data backup.

A data breach is a method of data encryption.

A data breach is an incident where unauthorized access to sensitive data occurs.

A data breach is a type of software update.

Ignore software updates regularly

Disable all security features

Use simple passwords for easy recall

Implement strong security measures such as strong passwords, multi-factor authentication, and regular software updates.

Allow unrestricted access to all network resources

Rely solely on antivirus software

Implement multi-layered security, employee training, strong passwords, regular updates, network segmentation, and incident response planning.

Ignore software updates