1.2

Question 1

Confidentiality

Answer 1

Ensures info is accessible only to authorized personnel
- protects personal privacy
- to maintain a business advantage
- to achieve regulatory compliance

Question 2

Integrity

Answer 2

Ensures data remains accurate and unaltered (checksums)
- maintain trust
- to ensure system operability

Question 3

Availability

Answer 3

Ensures info and resources are accessible when needed

Question 4

non-repudiation

Answer 4

guarantees that an action or event cannot be denied by the involved parties

Question 5

What are ways to achieve confidentiality

Answer 5

• Access Controls
• Encryption
• Data Masking
• Physical Security Measures
  
  • making sure paper is stored in proper location
• Training and Awareness

Question 6

What are ways to achieve integrity

Answer 6

Hashing
digital signatures
access controls (ensure only authorized users can modify data)
regular audits (ensure only authorized changes have been made)

Question 7

What are ways to ensure availability?

Answer 7

redundancy
- Server, Data, Network, Power

Question 8

5 commonly used authentication methods?

Answer 8

Something you know (knowledge factor)
Something you are
Something you have
Somewhere you are
Something you do

Question 9

authentication is important why?

Answer 9

To prevent unauthorized access
To protect user privacy

Question 10

Authorization

Answer 10

• pertains to the permissions and privileges granted to users or entities after they have been authenticated

Question 11

Accounting

Answer 11

A security measure to track all user activities

Question 12

Why is accounting important?

Answer 12

To create an audit trail
maintain regulatory compliance
perform resource optimization
achieve user accountability

Question 13

What tools are used for accounting?

Answer 13

syslog servers
network analysis tools
SIEM systems

Question 14

Gap Analysis

Answer 14

Process of evaluating the differences between an orgs current state and desired performance

Question 15

Types of Gap analysis?

Answer 15

Technical - evaluating orgs current technical infrastructure and identifying where it falls short
Business- Involves evaluating an orgs business processes

Question 16

POA&M

Answer 16

Plan of action and milestones
outlines the specific measures to address each vulnerability allocate resources and set up timelines for each remediation task

Question 17

Zero Trust

Answer 17

demands verification for every device, user and transaction within the network

Question 18

Zero Trust Control Plane

Answer 18

The overarching framework and set of components responsible for defining managing and enforcing the policies related to user and system access
adaptive identity
threat scope reduction
policy driven access control
secured zones

Question 19

Adaptive Identity

Answer 19

relies on real time validation of user

Question 20

Threat Scope Reduction

Answer 20

limits the user’s access to only what they need for their work tasks because this reduces their attack surfacep

Question 21

policy driven access control

Answer 21

entails developing managing and enforcing user access policies based on their roles and responsibilities

Question 22

secured zones

Answer 22

isolated environments within a network to house sensitive data

Question 23

Zero Trust Data Plane

Answer 23

Ensures policies are properly executed

Question 24

Policy Engine

Answer 24

cross reference the access request with pre defined policies

Question 25

policy admin

Answer 25

used to establish and manage the access policies

Question 26

policy enforcement point

Answer 26

where the decision to grant or deny access is actually executed

Question 27

TTPs

Answer 27

Tactics Techniques and Procedures that are specific to a threat actor

Question 28

Honeypot

Answer 28

used to gain information about how a threat actor attacks a system. It is a decoy system or network setup to attract hackers. can log data on their successful and unsuccessful attacks

Question 29

Honeynet

Answer 29

network of honeypots

Question 30

Honeyfile

Answer 30

decoy file with fake data. Alert can be triggered when the file is opened

Question 31

honeytoken

Answer 31

a piece of data with no legit value but is monitored for access and use. Any interaction would be suspicious. You can name something root account and see if someone attempts to access

Question 32

What is the purpose of bogus DNS entires?

Answer 32

This is a fake domain that will waste an attacker;s time and resources

Question 33

What is the purpose of dynamic page generation for disruption?

Answer 33

Used in websites to present ever changing content to web crawlers and confuse or slow a threat actor

Question 34

Port Triggering

Answer 34

security mechanism where specific services or ports on a network remain closed until a sepcific outbound traffic pattern is detected

Question 35

What is the purpose of spoofing fake telemetry data?

Answer 35

when a system detects a network scan is being attempted by an attacker it can be configured to respond by sending out fake telemetry data

Question 36

Bollard

Answer 36

short sturdy vertical posts to prevent vehicle access

Question 37

Brute force attack

Answer 37

forcible entry, tampering with devices, confronting security personnel or ramming a vehicle into a barrier

Question 38

Access control vestibule

Answer 38

double door system electronically controlled to allow only one door at a time to be opened and closed

Question 39

tailgating

Answer 39

an unauthorized person follows an unknowing authorized person

Question 40

Video Surveillance can include the following?

Answer 40

Motion detection
night vision
facial recognition

Question 41

PTZ System

Answer 41

can move a camera or its angle to better detect issues during an intrusion

Question 42

Types of sensors?

Answer 42

infrared, microwave, pressure, ultrasonic

Question 43

What types of badges can be used with access control vestibules?

Answer 43

RFID, NFC (Near field communication) and magnetic strips

Question 44

Door lock types

Answer 44

Electronic (require identification number, wireless signals like bluetooth, biometric)
Cipher lock - most secure mechanical lock

Question 45

FAR

Answer 45

False acceptance rate, someone unauthorized is let in

Question 46

FRR

Answer 46

False rejection rate, someone authorized is blocked

Question 47

CER

Answer 47

crossover error rate

Question 48

a balance between far and frr