4.1 – Common Security Concepts

Question 1

What is the CIA triad?

Answer 1

Confidentiality, integrity, and availability. Which are the elements of the information system that each organization is trying to protect

Question 2

what is confidentiality

Answer 2

certain info should be known to certain people

Question 3

what is integrity

Answer 3

data is being stored and transferred as intended

Question 4

what is availability

Answer 4

data is available to authorized users

Question 5

What is Vulnerability?

Answer 5

A weakness that could be accidentally triggered or intentionally exploited to cause a security breach.

Question 6

What is a Threat?

Answer 6

The potential for someone or something to exploit a vulnerability and breach security.

Question 7

RBAC

Answer 7

role based access control

Question 8

Define 802.1X

Answer 8

The IEEE standard that defines port-based security for wireless network access control.

Question 9

a trap to attract bad guys
usually virtual
used to research what hackers are attacking

Answer 9

Honey pot

Question 10

common AAA protocol
many devices
remote vpn
available on most OS

Answer 10

remote authentication dial in user service

Question 11

remote authentication protocol
created to control access to dialup lines

Answer 11

TACACS terminal access controller access control system

Question 12

organized set or records
protocol for reading and writing directories over an ip

Answer 12

LDAP light weight directory access protocol

Question 13

authenticate once and trusted
no need to re authenticate
mutual authentication

Answer 13

kerberos

Question 14

port based network access control (NAC)
prevents access to network until authentication succeeds

Answer 14

IEEE 802.1x

Question 15

EAP

Answer 15

Extensible Authentication Protocol

Question 16

siem

Answer 16

security information and event management