1. Information Security

Question 1

P.I.I.

Answer 1

Personal Identifiable Information

Question 2

Information Security

Answer 2

Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Question 3

Eugene Spafford quote

Answer 3

“The only truly secure system is one that is powered off…”

Question 4

C.I.A. Triad

Answer 4

The Confidentiality, Integrity, and Availability Triad

Question 5

Negative of the C.I.A. Triad

Answer 5

The D.A.D. Disclosure, Alteration, and Denial

Question 6

C. of the C.I.A. Triad

Answer 6

Confidentiality - Ability to protect our data from those who are not authorized to view it.

Question 7

I. of the C.I.A. Triad

Answer 7

Integrity - Ability to prevent people from changing your data in an unauthorized or undesirable manner. You need means to prevent AND reverse unauthorized change. RELIABILITY

Question 8

A. of the C.I.A. Triad

Answer 8

Availability - Ability to access our data when we need it.

Question 9

DoS Attack

Answer 9

Denial of Service Attack. Attacks the A. of the C.I.A. Triad.

Question 10

The Parkerian Hexad

Answer 10

C.I.A. Triad + Possession/Control, Authenticity, and Utility (C.I.A.U.P.A)

Question 11

I. in the Parkerian Hexad

Answer 11

Integrity does NOT account for authorized, but incorrect, modification of data

Question 12

P. of the Parkerian Hexad

Answer 12

Possession - Physical disposition of the media on which the data is stored

Question 13

A. of the Parkerian Hexad (Au)

Answer 13

Authenticity - Whether you’ve attributed the data in question to the proper owner

Question 14

U. of the Parkerian Hexad

Answer 14

Utility - How useful the data is to you. NOT BINARY

Question 15

Types of attacks (4)

Answer 15

Interception, Interruption, Modification, and Fabrication

Question 16

What does an Interception attack compromise of the C.I.A. Triad?

Answer 16

Confidentiality - Unauthorized user access

Question 17

What does an Interruption attack compromise of the C.I.A. Triad?

Answer 17

Integrity and Availability - Assets unusable/unavailable

Question 18

What does a modification attack compromise of the C.I.A. Triad?

Answer 18

Integrity and Availability - Tampering with assets

Question 19

What does a Fabrication attack compromise of the C.I.A. Triad?

Answer 19

Integrity and Availability - Generating data, processes, communications, or other similar material with a system

Question 20

Risk

Answer 20

Takes into account the value of the asset to calculate the impact

Question 21

Steps of Risk Management (5)

Answer 21

Identify assets > Identify threats > Assess vulnerabilities > Assess risks > Mitigate risks (Repeat as needed)

Question 22

Types of controls (3)

Answer 22

Physical, Logical, and Administrative

Question 23

Physical controls

Answer 23

Protect the physical environment

Question 24

Logical controls AKA Technical controls

Answer 24

Protect the systems, networks, and environments that process, transmit, and store data

Question 25

Administrative controls

Answer 25

Based on rules, laws, policies, procedures, guidelines, and other items that are “paper” in nature

Question 26

Incident Response Process (6)

Answer 26

Preparation > Detection and Analysis > Containment > Eradication > Recovery > Post Incident Activity

Question 27

I.D.S.

Answer 27

Intrusion Detection System

Question 28

A.V.

Answer 28

Antivirus

Question 29

S.I.E.M.

Answer 29

Security Information and Event Monitoring tool

Question 30

M.S.S.P.

Answer 30

Managed Security Service Provider

Question 31

Defense in Depth (Multilayered Defense)

Answer 31

External Network (Internal Network (Host (Application (Data) ) ) ) )

Question 32

External Network Defense EXs

Answer 32

DMZ, VPN, Logging, Auditing, Penetration Testing, Vulnerability Analysis

Question 33

Network Perimeter Exs

Answer 33

Firewalls, Proxy, Logging, Auditing

Question 34

Internal Network Defense Exs

Answer 34

IDS, IPS, Logging, Auditing

Question 35

Host Defense Exs

Answer 35

Authentications, AV, Firewalls, IDP, IPS, Passwords

Question 36

Application Defense Exs

Answer 36

SSO, Content filtering, Data validation, Auditing

Question 37

Data Defense Exs

Answer 37

Encryption, Access controls, Backups

Question 38

Authentication (5 types)

Answer 38

Act of proving who/what we claim to be - Know (user, pass, pin), Have (Badge, Card, OTP), Are (Fingerprint, Iris, Retina), Do (Handwriting, Typing, Walking), Are (Geolocation)

Question 39

Access Control Types (4)

Answer 39

Allowing, Denying, Limiting, Revoking

Question 40

Sandbox (Limiting Control)

Answer 40

Set of resources devoted to a program, process, or similar entity, outside of which the entity cannot operate

Question 41

C.S.R.F. (Access Control)

Answer 41

Cross-site request forgery - Misuses the authority of the browser on the users computer

Question 42

D.A.C. (Access Control)

Answer 42

Discretionary access control

Question 43

M.A.C. (Access Control)

Answer 43

Mandatory access control (Principle of least privilege)

Question 44

Ru.B.A.C.

Answer 44

Rule-based access control

Question 45

A.B.A.C. (CAPTCHA)

Answer 45

Attribute-based access control - Subject vs. Resource

Question 46

Physical Access Controls

Answer 46

Controlling movement in/out of buildings

Question 47

Multi-level access control models (3)

Answer 47

Bell-La Padula Model, Biba Model, and Brewer and Nash Model

Question 48

Bell-La Padula Model

Answer 48

D.A.C. and M.A.C. “No read up. No write down”

Question 49

Biba Model

Answer 49

INTEGRITY “No read down. No write up”

Question 50

Brewer and Nash Model

Answer 50

Prevent conflicts of interest. Objects, Company Groups, Conflict Cases.

Question 51

Authorization

Answer 51

Process of determining exactly what an authenticated party can do

Question 52

A.C.L.s (Access Control Lists)

Answer 52

Lists containing info about what kind of access certain parties are allowed to have to a given system

Question 53

File system A.C.L. Examples

Answer 53

Read, Write, Execute

Question 54

Network A.C.L.s

Answer 54

Filter access based on identifiers like IP (Internet Protocol) Addresses, Media Access Control Addresses, and Ports

Question 55

Ports

Answer 55

Numerical designation for one side of a connection between 2 devises. Used to identify the application to which traffic should be routed

Question 56

Media Access Control Addresses

Answer 56

Unique identifiers hard-coded into each network interface

Question 57

Confused Deputy Problem

Answer 57

When the software with access to a resource (the deputy) has a greater level of permission to access the resource than the user who is controlling the software