1.1 Flashcards
CIA means..?
Confidentiality, integrity, availability
What is CIA used for?
CIA is used to apply the correct security solutions
CIA - confidentiality - describe
Makes sure that only authorized people can see and work with the data. Can be done with encypting the data via disk or network, so the others can’t decyrp it
CIA - Integrity - describe
Makes sure that the data is sent that it arrives in the same manner which it was sent. This can be done by hashing the data
CIA - Availability - describe
Is making sure that those authorized to see the data can access it whenever they need it
What will compromise confidentiality?
Plain text protocols as html, ftp, telnet etc.
SIEM ausgeschrieben
Security Information event management
For what is SIEM used?
to give real time rpoting and long term analysis of events
What does SIEM provide?
User info (name & location), device info (model, OS version, etc) & posture info (compliance, patches etc)
Where can SIEM get Data from?
Routers, Firewalls
What is especially good about SIEM?
It gives real time alerts when attacks are detected
What is an asset?
An item that need to be protcted and include property, data, people that gives value to a company
Explain vulnerability
a weakness in a system that can be exploited by a thread
What is a threat?
a potential danger that exists and realized via an attack or exploit that takes advantage of an existing vulberability
What is a risk?
potential for an unauthorized attack that can be done using a specific attack on a praticular vunerability
