1.2 Flashcards

The CIA triad Non-repudiation Authentication, Authorization, and Accounting Gap analysis Zero trust Physical security Deception and disruption

1
Q

CIA stands for

(AKA AIC)

A

Confidentiality Integrity Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The pillar of security that prevents disclosure of information to unauthorized individuals or systems (CIA Triad)

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The pillar of security that prevents messages being modified without detection (CIA Triad)

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The pillar of security that keeps systems and networks up and running (CIA Triad)

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which part of the CIA triad does encryption help?

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which part of the CIA triad do access controls help?

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which part of the CIA triad does 2FA help?

A

Confideniality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which part of the CIA triad does hashing help?

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which part of the CIA triad do digital signatures help?

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which part of the CIA triad do certificates help?

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which part of the CIA triad does non-repudiation help?

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which part of the CIA triad does redundancy help?

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which part of the CIA triad does fault tolerance help?

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which part of the CIA triad does patching help?

A

Availability

Ensures stability and closes security holes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A security concept that means that you cannot deny what you have said or done

A

Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A security concept that means that data is stored and transferred as intended; any modification to that data would be identified

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A security concept that means that certain information should only be known to certain people; unauthorized information disclosure should be prevented

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A security concept that means that information is accessible to authorized users

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A string of text that represents data

AKA message digest, fingerprint

A

Hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

AAA stands for

A

Authentication, Authorization, Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What information does the AAA server hold?

A

Username/password information to verify if credentials are approved

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How do you authenticate a device, and make sure that it is approved to access your network?

(A device can’t authenticate with username/password)

A

Put a digitally signed certificate on the device, and check it during the login process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A device or software that is responsible for managing all of the certificates in the environment

A

Certificate authority (CA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How do you authenticate a user, and make sure that they are approved to access your network?

A

Usually by using username/password credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A model used to authorize users/devices to access resources within a network

A

Authorization model

26
Q

How does an authorization model work?

A

It makes a framework of permissions associated with roles, organizations, and attributes

Without this model, you would have to assign permissions to every user. This does not scale well.

27
Q

Authorization model is AKA

A

An abstraction

28
Q

A study of where we are versus where we would like to be

Identifies weaknesses and most effective processes

The final report provides detailed baseline objectives, recommendations, as well as plans for budget, schedule, and change control

A

Gap analysis

29
Q

A security term meaning that everything must be verified; nothing is inherently trusted

Forces users/devices/processes to authenticate every time they access a resource

A

Zero trust

30
Q

The 3 parts of 2FA

A

Something you have
Something you know
Something you are

31
Q

The part of the device that performs the actual security process

Processes frames, packets, and network data

Does processing, forwarding, trunking, encrypting, and NAT

A

Data plane

32
Q

The part of the device that:
Defines policies and rules
Determines how packets should be forwarded
Sets up routing tables, session tables, NAT tables

It manages the actions of the data plane

A

Control plane

33
Q

A technology that applies security controls based on additional information gathered by the authentication process

ex. geolocation, type of connection, IP address

A

Adaptive identity

34
Q

The limitation of the number of entry points to a network

A

Threat scope reduction

35
Q

A form of access control that uses an authorization policy that is flexible in the types of evaluated parameters (e.g., identity, role, clearance, operational need, risk, heuristics).

It combines adaptive identity with a predefined set of rules

Decides what type of authentication process should be used to truly understand if the person trying to identify themselves is truly that person

A

Policy-driven access control

36
Q

A logical way to group physical and virtual interfaces

Identifies where the traffic comes from and where it is going

ex. trusted/untrusted, internal/external, separate departments, separate VPN connections

A

Security zone

37
Q

How are security zones used during authorization?

A

Some zones may be implicitly blocked
If an untrusted zone tries to communicate with a trusted zone, they will be blocked

Some zones may be implicitly trusted
If a trusted zone tries to communicate with an internal zone

37
Q

What are subjects and systems?

A

End users, devices, applications, and processes that need to be authenticated/authorized by a PEP

37
Q

A mechanism that enforces policies upon subjects and systems

Sends authentication information to the PDP for the PDP to make a decision

After the PDP makes the decision, this mechanism enforces that decision

A

PEP (Policy Enforcement Point)

37
Q

A mechanism that uses a process for making an authentication decision

Examines authentication and determines whether the traffic should be allowed on the network

Uses pre-defined security policies to determine the decision, and then sends that decision to the PEP

A

PDP (Policy Decision Point)

38
Q

The part of the PDP that measures gathered authentication information against pre-defined network policies in order to determine whether the traffic should be allowed on the network

A

Policy engine

39
Q

The 2 parts of the PDP

A

Policy Engine
Policy Administrator

40
Q

The part of the PDP that provides the decision to the PEP

Generates access tokens or credentials

A

Policy Administrator

41
Q

A physical security measure that prevents access, and can channel people through specific access points

Also used to mark high security areas

ex. Allows people, but prevents cars and trucks

A

Barricades and bollards

42
Q

A physical security measure that provides a space between two sets of interlocking doors. It prevents unauthorized individuals from following authorized individuals into facilities.

It controls access to a particular area to certain individuals or groups.

This control has a variety of configurations–for example, all the doors can be unlocked, but when one door is open, all of the other doors will automatically lock.

A

Access control vestibule

AKA mantrap

43
Q

A physical security measure that creates a perimeter and prevents access to an area. May be transparent or opaque.

This is normally a very obvious security measure. Thus, it needs to be very sturdy.

A

Fence

44
Q

A physical security measure that allows authorized individuals to watch footage of a secure area.

May include motion detection and object detection.

A

Video surveillance

AKA CCTV

45
Q

A physical security measure that can provide physical protection of an area and validate the identity of existing employees

A

Guard

46
Q

What is two-person integrity/control?

A

The idea that if security guards work in pairs, they each hold each other accountable to uphold the security policy.

47
Q

A physical security measure that is given to authorized individuals. It contains the individual’s name, picture, and other necessary details to verify their identity.

Often electronically logged

A

Access badge

48
Q

A physical security measure that illuminates secure spaces to provide better visibility for guards or cameras.

Angles and optimal light levels are important to consider.

A

Lighting

49
Q

A physical security measure that detects infrared radiation in both light and dark areas.

A

Infrared

50
Q

A type of infrared security measure that detects motion.

A

Motion detector

51
Q

A type of infrared security measure that detects pressure. Detects a change in force, for example, around windows or floors.

A

Pressure sensor

52
Q

A type of infrared security measure that detects movement across large areas

A

Microwave

53
Q

A type of infrared security measure that can send and receive sound waves, detect motion, and provide collision detection

A

Ultrasonic

54
Q

A virtual machine used to attract attackers to your system and keep them involved in the system while you study the attacker and their methods

A

Honeypot

55
Q

A real network (including servers, workstations, routers, switches, and firewalls) that attracts attackers and keeps their interest while you study the attacker and their methods

A

Honeynet

56
Q

Files that have fake information or appear to be very important in order to attract an attacker.

These files will NOT normally be accessed by normal employees, so it is good to have an alarm on these files when someone attempts to gain access.

ex. passwords.txt

A

Honeyfiles

57
Q

Traceable data added to a honeynet. If this data is downloaded and distributed, you know exactly where it came from.

ex. Fake API credentials or fake email addresses that send out notifications when used

ex. Database records, browser cookies, web page pixels, etc.

A

Honeytokens