Cyber Foundations
| English | Chinese | Pinyin |
|---|---|---|
| confidentiality | 保密性 | bǎo mì xìng |
| integrity | 完整性 | wán zhěng xìng |
| availability | 可用性 | kě yòng xìng |
| risk | 风险 | fēng xiǎn |
| threat | 威胁 | wēi xié |
| vulnerability | 漏洞 | lòu dòng |
| asset | 资产 | zī chǎn |
| likelihood | 可能性 | kě néng xìng |
| severity | 严重性 | yán zhòng xìng |
| script kiddie | 脚本小子 | jiǎo běn xiǎo zi |
| hacktivist | 黑客活动分子 | hēi kè huó dòng fèn zǐ |
| insider | 内部人员 | nèi bù rén yuán |
| cyberterrorist | 网络恐怖分子 | wǎng luò kǒng bù fèn zi |
| reconnaissance | 侦察 | zhēn chá |
| lateral movement | 横向移动 | héng xiàng yí dòng |
| physical | 物理 | wù lǐ |
| technical | 技术 | jì shù |
| managerial | 管理 | guǎn lǐ |
| preventative | 预防性 | yù fáng xìng |
| detective | 检测性 | jiǎn cè xìng |
| corrective | 纠正性 | jiū zhèng xìng |
| defense in depth | 纵深防御 | zòng shēn fáng yù |
The CIA triad
- Confidentiality 保密性: only authorised people can read the data.
- Integrity 完整性: the data is accurate and unaltered.
- Availability 可用性: it is there when needed.
What risk is
- A risk 风险 appears when a threat 威胁 exploits a vulnerability 漏洞 to harm an asset 资产.
- We assess it by likelihood 可能性 and severity 严重性.
- Four responses: avoid, transfer, mitigate, or accept the residual risk.
Which CIA goal does the control protect?
Encryption protects confidentiality; a hash checks integrity; a backup restores availability.
Encrypting data mainly protects which CIA goal?
Encryption hides data = confidentiality.
A risk exists when a threat exploits a ____ to harm an asset.
A vulnerability is the weakness a threat uses.
Who attacks, and how
- A script kiddie 脚本小子 reuses others' tools; a hacktivist 黑客活动分子 acts for a cause.
- An insider 内部人员 already has access; a cyberterrorist 网络恐怖分子 hits infrastructure.
- Attacks move in phases: reconnaissance 侦察, access, persistence, lateral movement 横向移动, action.
An attacker who copies code from online tutorials and reuses others' tools is a...
Low skill + reused tools = a script kiddie.
Types and layers of control
- By type: physical 物理, technical 技术, managerial 管理.
- By function: preventative 预防性, detective 检测性, corrective 纠正性.
- Defense in depth 纵深防御 layers many controls so one breach is not enough.
Defense in depth means using a single very strong control.
It means layering many controls, not one.
The leftover risk an organisation lives with after mitigation is ____ risk.
Residual risk remains after avoid/transfer/mitigate.
Match each control to its function.
Function = what the control does.
Do not confuse the two ways of grouping controls. Type answers "where does it work?" (physical/technical/managerial). Function answers "what does it do?" (prevent/detect/correct). A camera is a physical control by type and a detective control by function.
A hospital encrypts patient records (confidentiality), uses file hashes to catch tampering (integrity), and keeps backups so care continues after an outage (availability). One system, all three CIA goals.
The CIA triad (confidentiality, integrity, availability) names security's goals. A risk = threat × vulnerability × asset, assessed by likelihood and severity. Controls are grouped by type and function, and layered as defense in depth.