16. Common Security Concepts Flashcards
- In which of the following access methods are new employees simply placed in the group and thus inherit all required permissions?
a. Discretionary
b. Role-based
c. Mandatory
d. Rule-based
b. Role-based access control prescribes creating roles or sets of permissions required for various job roles and assigning those permissions to security groups. When a new employee is assigned that role, they are simply placed in the group and thus inherit all required permissions.
- Which principle prescribes that users should be given access only to resources required to do their job?
a. Least privilege
b. Need to know
c. Separation of duties
d. Zero trust
a. This concept prescribes that users should be given access only to resources required to do their job. So if Ralph’s job only requires read permission to the Sales folder, that’s all he should get even if you know he’s completely trustworthy.
- Which of the following occurs when a threat agent takes advantage of a weakness and uses it to advance an attack?
a. Threat
b. Breach
c. Vulnerability
d. Exploit
d. An exploit occurs when a threat agent takes advantage of a vulnerability and uses it to advance an attack. When a network attack takes advantage of a vulnerability, it is somewhat an indictment of the network team as most vulnerabilities can be identified and mitigated.
- Which of the following is an attack where no known fix exists?
a. Advanced persistent
b. Zero-day
c. Pretexting
d. Prime exploit
b. This condition is known as a zero-day attack because it is the first day the virus has been released and therefore no known fix exists. This term may also be applied to an operating system bug that has not been corrected.
- Which of the following is maintained by MITRE Corporation and includes entries that describe a vulnerability in detail, using a number and letter system?
a. ISACA
b. WHOIS
c. CVE
d. NIST
c. Common Vulnerabilities and Exposures (CVE) is a database of known vulnerabilities using this classification system. It is maintained by the MITRE Corporation and each entry describes a vulnerability in detail using a number and letter system to describe what it endangers, the environment it requires to be successful, and in many cases, the proper mitigation.
- Which of the following is not an external threat?
a. Accidental file deletion by an employee
b. DoS attack
c. Fake contractor on site
d. Malware infection by email
a. An accidental file deletion by an employee is an example of an internal threat.
- Which concern do you have when you encrypt data before sending it?
a. Accounting
b. Availability
c. Integrity
d. Confidentiality
d. To ensure confidentiality, you must prevent the disclosure of data or information to unauthorised entities.
- You have decided that the default permissions for all files will be No Access. What principle are you following?
a. Defense in depth
b. Need to know
c. Separation of duties
d. Zero Trust
d. The Zero Trust concept supports least privilege. It prescribes that when a resource is created, the default permission should be No Access. It also means that when ACLs are configured on routers, all traffic should be blocked by default and only specific traffic allowed/
- What are you following if you encrypt a file, apply access permissions to it, and lock the door to the room where the server on which the file resides is located?
a. Defense in depth
b. Need to know
c. Separation of duties
d. Zero Trust
a. A defense-in-depth strategy refers to the practice of using multiple layers of security between data and the resources on which it resides and possible attackers.
- Which of the following is a method of checking the security health of network hosts before they’re allowed to access networks?
a. Network Access Control (NAC) systems examine the state of a computer’s operating system updates and anti-malware updates before allowing access, and in some cases they can even remediate the devices prior to permitting access.