1.2 Flashcards
The CIA triad Non-repudiation Authentication, Authorization, and Accounting Gap analysis Zero trust Physical security Deception and disruption
CIA stands for
(AKA AIC)
Confidentiality Integrity Availability
The pillar of security that prevents disclosure of information to unauthorized individuals or systems (CIA Triad)
Confidentiality
The pillar of security that prevents messages being modified without detection (CIA Triad)
Integrity
The pillar of security that keeps systems and networks up and running (CIA Triad)
Availability
Which part of the CIA triad does encryption help?
Confidentiality
Which part of the CIA triad do access controls help?
Confidentiality
Which part of the CIA triad does 2FA help?
Confideniality
Which part of the CIA triad does hashing help?
Integrity
Which part of the CIA triad do digital signatures help?
Integrity
Which part of the CIA triad do certificates help?
Integrity
Which part of the CIA triad does non-repudiation help?
Integrity
Which part of the CIA triad does redundancy help?
Availability
Which part of the CIA triad does fault tolerance help?
Availability
Which part of the CIA triad does patching help?
Availability
Ensures stability and closes security holes
A security concept that means that you cannot deny what you have said or done
Non-repudiation
A security concept that means that data is stored and transferred as intended; any modification to that data would be identified
Integrity
A security concept that means that certain information should only be known to certain people; unauthorized information disclosure should be prevented
Confidentiality
A security concept that means that information is accessible to authorized users
Availability
A string of text that represents data
AKA message digest, fingerprint
Hash
AAA stands for
Authentication, Authorization, Accounting
What information does the AAA server hold?
Username/password information to verify if credentials are approved
How do you authenticate a device, and make sure that it is approved to access your network?
(A device can’t authenticate with username/password)
Put a digitally signed certificate on the device, and check it during the login process
A device or software that is responsible for managing all of the certificates in the environment
Certificate authority (CA)
How do you authenticate a user, and make sure that they are approved to access your network?
Usually by using username/password credentials