2.1 Security Measures Flashcards

Summarise various security measures and their purposes

1
Q

Logical controls

A

Prevent or allow access to resources once a user’s identity has been established. Can be hardware or software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Auditing of logical controls

A

Once-off; examining the controls and procedures in place

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Monitoring of logical controls

A

Ongoing checks of the controls and procedures in place

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Managerial controls

A

Focuses on the design of the security or the policy implementation associated with the security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

List three controls that fall under ‘managerial’

A
  • Data classification and labelling
  • Personnel supervision
  • Security awareness training
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Operational controls

A

Controls managed by people

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Give two examples of operational controls

A

Guards at the front doors; security awareness training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Technical controls

A

Using own systems to prevent security events from occurring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Give two examples of technical controls

A

Firewall on the network; antivirus on workstations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Provide one advantage and one disadvantage of see-through fences

A

Employees and guards can see incoming threats; outsides can see inside the property

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Provide one advantage and one disadvantage of non see-through fences

A

Outsiders are prevented from seeing in, but employees and guards can’t see incoming threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are some considerations when installing bollards?

A

Will they protect the most vital assets?
Do they still integrate with the environment so as not to be off-putting to customers/staff?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

List two best practices for lighting

A

Always on and having motion sensors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Preventive control

A

Prevents access to a particular area

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Give three examples of preventive controls

A
  • Locks on a door
  • Security guard
  • Firewall
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Detective control

A

Identifies and records that a security event has occurred but may not be able to prevent access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Give two examples of a detective control

A
  • Motion sensor
  • IDS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Corrective control

A

Designed to mitigate any damage that has occurred because of a security event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Give two examples of a corrective control

A
  • IPS
  • Offsite backup
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Deterrent

A

A security measure that may deter someone from performing and intrusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Compensating control

A

Attempts to recover from an intrusion by compensating for the issues caused

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Give two examples of a compensating control

A
  • Buying a new device and restoring from backup to replace an old one
  • Having a generator in case of loss of power
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Physical control

A

Something tangible that would prevent the security event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Proximity alarm

A

Alarm that turns on when there is movement in a certain area

25
Duress alarm
Can be manually triggered by someone when there is a threat
26
What may a mechanically operated lock also be referred to as?
Cipher lock
27
What is bad about fingerprint readers?
They are considered a hygiene issue
28
Name two security measures that could be used to protect a data cabinet
- Chassis lock - Faceplate
29
List three types of badge readers that can be used as a way to log into a computer
- Magnetic strip - Smart card - RFID
30
Are badge readers contact or non contact based?
Contact-based
31
DAC
Object access is determined via and access policy set by the object's owner
32
What are the two fundamental rules of DAC?
- Every object in a system must have an owner - Each owner must determine the access rights and permissions for each object
33
MAC
An access control policy that is uniformly enforced across all subjects and objects within the boundary of an information system
34
What is the primary use case of MAC and why?
In organisations that deal with highly sensitive data (e.g. military, government, healthcare) because it has a high, centralised level of control
35
How are MAC criteria defined and enforced?
Defined by the system admin and enforced by the OS or security kernel. They cannot be altered by end users
36
What are the two factors that MAC considers when restricting access to a resource?
Sensitivity of information and authorisation level of the user
37
RBAC
Users are assigned permissions based on their role (and placed in groups) rather than being assigned permissions individually
38
Power user
A user with more rights than a normal user but not as many as an administrator
39
Zero-trust
A security framework that requires ALL users inside or outside the organisation to be authenticated, authorised and validated
40
What are the four steps to implementing a zero-trust framework?
1. Reexamine all default access controls 2. Employ a variety of prevention techniques and defense in depth 3. Enable real-time monitoring and controls to identify and stop malicious activity 4 . Ensure the network's zero-trust architecture aligns with a broader security strategy
41
MFA
Using two or more factors to prove a user's identity
42
What are the five factors of MFA?
- Knowledge - Ownership - Characteristic - Location - Action
43
TOTP
A computer algorithm that generates a one-time password using the current time as a source of uniqueness
44
HOTP
Password is computed from a shared secret and synchronised across the client and the server
45
In-band authentication
Identity signals that rely on the same system that is requesting user authentication (verifies within the primary channel)
46
Out-of-band authentication
Uses a separate channel for verification
47
Is in-band or out-of-band authentication more secure?
Out-of-band
48
EMM
The set of people, processes and technology that enable centralised management and control of corporate mobile devices
49
Give three elements of EMM
- Tracking - Controlling - Securing
50
Contrast EMM and MDM
EMM uses policies and tools to manage the entire mobile ecosystem, whereas MDM focuses on simple management of devices and uses more technical controls
51
When would you set a phone to remote wipe?
- Incorrect password entered too many times - Device attempts to connect to a network and doesn't meet baseline requirements
52
List 6 technical controls used in MDM
- Application control - Password/passcode functionality - MFA requirements - Token-based access - Patch management - Remote wipe
53
List 7 settings that can be used to manage security in the AD
- Domain-based security - Security group - Organisational unit - Group policies - Login scripts - Home folders - Folder redirection
54
How can you assign permissions to a security group in AD?
- Group policies - Login scripts - Access control list
55
What is an organisational unit
A way of dividing the domain into different administrative realms
56
Group policies
Allow for configuration of computer and user profile settings
57
Home folder
Private drive mapped to a network share
58
Folder redirection
Redirecting the path of a known folder to a new location. Can be done manually or by group policy, and can be a local folder or a directory on a file share
59