1A - Security Fundamentals Flashcards
What is the CIA Triad?
Conceptual model to help those writing InfoSec policies. Confidentiality, Integrity, Availability.
What is meant by confidentiality? Give an example of how we ensure this.
Preventing the disclosure of data to unauthorised people. Example: encryption.
What is meant by Integrity? Give an example of how we ensure this.
Knowing that data has not been altered or tampered with. Example: hashing
What is meant by Availability? Give an example of how we ensure this.
Ensuring that data is always available. Example: RAID (Redundant Array of Independent Disks), fail-over cluster, data backup, HVAC (Heating Ventilation and Air Conditioning)
What is ‘Least privilege’?
Giving someone only the most limited access required
What is ‘Defense in Depth’?
Protecting data with a series of protective layers