1: Security principles - Security concepts of info assurance Flashcards

1
Q

what is the CIA triad

A

confidentiality, integrity, availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Personally Identifiable Information (PII)

A

any data about an individual that could be used to identify them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

protected health information (PHI)

A

information regarding one’s health status, and classified or sensitive information, which includes trade secrets, research, business plans and intellectual property.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

sensitivity

A

measure of the importance assigned to information by its owner, or the purpose of denoting its need for protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Integrity

A

measures the degree to which something is whole and complete, internally consistent and correct

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Data integrity

A

assurance that data has not been altered in an unauthorized manner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

System integrity

A

maintenance of a known good configuration and expected operational function as the system processes the information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Availability

A

defined as (1) timely and reliable access to information and the ability to use it, and (2) for authorized users, timely and reliable access to data and information services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

authentication

A

process of verifying or proving the user’s identification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

three common methods of authentication:

A
  • Something you KNOW: Passwords or passphrases
  • Something you HAVE: Tokens, memory cards, smart cards
  • Something you ARE: Biometrics , measurable characteristics
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

single-factor authentication (SFA)

A

Using only one of the methods of authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

multi-factor authentication (MFA)

A

Granting users access only after successfully demonstrating or displaying two or more of these methods

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Common best practice (authentication)

A

implement at least two of the three common techniques for authentication:

  • Knowledge-based 
  • Token-based 
  • Characteristic-based 
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Knowledge-based authentication

A

uses a passphrase or secret code to differentiate between an authorized and unauthorized user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Non-repudiation

A

 is a legal term and is defined as the protection against an individual falsely denying having performed a particular action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Privacy

A

the right of an individual to control the distribution of information about themselves

17
Q

European Union’s General Data Protection Regulation (GDPR)

A

applies to all organizations, foreign or domestic, doing business in the EU or any persons in the EU