701 - Section 1 Flashcards
What is OCSP?
Online certificate, status protocol
What does CIA stand for?
Confidentiality, integrity, availability
What are the control categories?
Technical, managerial, operational, physical
Controls implemented using systems, operating system controls, firewalls, and antivirus are example of what type of control?
Technical
Administrative controls associated with security design and implementation security, Pop policies and standard operating procedures are what type of control?
Managerial
Controls implemented by people instead of Systems, security guards and awareness programs are what type of control?
Operational
What control limits physical access for example a guard, shack, fences, and locks and or bad readers?
Physical
What are the different control types?
Preventative, deterrent, detective directive, corrective, and compensating
What control type blocks access to a resource by using such things as firewall rules following security policy a guard shack which checks all identification and or door locks?
Preventative
What type of control type discourages and intrusion attempt, but does not directly prevent access. These make an attacker think twice by using such things as application, splash screens, thread of demotion, front reception, desk, and posted warning signs?
Deterrent
Name the control type that identifies and logs and intrusion attempt, but may not prevent access it assist with finding the issue, for example collecting and reviewing system logs review login reports regularly patrol, the property and enabling motion detectors
Detective
What is the control type that applies to control after an event has been tested, it reverses the impact of an event and allows to continue operating with minimal downtime. Examples include back up restoration creating new policies for reporting security issues contacting law enforcement, and a fire extinguisher.
Corrective
What control type uses other means when existing controls aren’t sufficient and may be temporary. Examples include a firewall blocking a specific application instead of patching the application implementing a separation of duties require simultaneous guard duties and using a generator after a power outage.
Compensating
What control type directs a subject towards security compliance and is a relatively weak security control. Examples include storing all sensitive files and a protective folder, creating compliance policies and procedures training users on proper security policy or posting a sign for authorized personnel only.
Directive
What does CIA stand for?
Confidentiality, integrity, availability
In the CIA triad, which one allows only for certain information to be known by certain people and or preventing unauthorized information disclosure?
Confidentiality
In the CIA Triad, which one insures data is stored and transferred as intended, and that any modification to the data would be identified?
Integrity
And the CIA Triad, which one ensures information is accessible to authorize users and is always at the users fingertips?
Availability
Name three ways that confidentiality is achieved?
Encryption, access controls, two factor authentication
Name four ways that integrity is achieved?
Hashing, digital signatures, certificates, non-repudiation
How is availability achieved?
Redundancy, fault tolerance, patching
What does non-repudiation add to cryptography?
Proof of integrity, proof of origin with high assurance of authenticity
What does proof of integrity offer?
It verifies the data does not change and it remains accurate and consistent
En cryptography what do we use to ensure proof of integrity?
A hash
True or false a hash associates data with an individual?
False… A hash only tells you if the data has changed
Public/private keys are what type of key?
Asymmetric
A non-repudiation, how do we achieve proof of origin?
By proving the message was not changed, integrity… By proving the source of the message, authentication… And by making sure the signature isn’t fake, non-repudiation
What are the A’s in the AAA framework?
Authentication, authorization, accounting
In the AAA framework which one proves you are who you say you are?
Which one controls the access that you have?
Which one logs resources used?
Authentication
Authorization
Accounting
What do Systems use to authenticate?
A digitally signed certificate on the device
What do organizations use to assist with certificate authentication?
A trusted certificate authority
What does using an authorization model do for you?
It adds a layer of it of abstraction which reduces complexity, and it provides for easier to understand administration that scales very well
What compares with where you want to be with where you are currently at?
Gap analysis
True or false, a gap analysis is a easy process?
False a gap analysis is an extensive process that requires much planning and communication with stakeholders
In gap analysis, what does a standard framework provide?
It provides a known baseline and an end goal
What are the three high-level steps to a gap analysis?
Evaluation of people and processes, comparing and contrasting to identify weaknesses, and the final analysis and report
What is a holistic approach to network security where everything must be verified and nothing is inherently trusted?
Zero trust
What are the two planes of operation in zero trust?
Data and control
Which of the planes defines policy rules and determines how packets should be forwarded?
Control
Which plane processes, the frames packets, and network data?
Data plane
What acts as the gatekeeper, by allowing monitoring and terminating connections?
The policy enforcement point
Where is the process for making an Authentication decision?
Policy decision point
What evaluates each access decision based on policy and other information sources and provides grant deny or revoke access?
Policy engine
What communicates with the policy enforcement point and generates access, tokens or credentials and allows or disallows access?
Policy administrator
The policy engine and policy administrator make up what?
The policy decision point
What sits between the Untrust d external world and the trusted enterprise world and communicates with the policy decision point?
The policy enforcement point
How is threat scope reduction achieved?
By decreasing the number of possible entry points
What is a security zone? What are examples?
A broad category that provides a security related foundation. Examples include trusted and Untrust, internal and external network, and grouping by organization, for example marketing, accounting, HR