Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

IT Fundamentals > 9. Security > Flashcards

9. Security Flashcards

1
Q

Confidentiality =

A

Permitting authorized access while protecting information and resources from improper disclosure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Confidentiality - 5 main threats

A

Snooping; Dumpster Diving; Eavesdropping; Wiretapping (electronic eavesdropping - use encryption); Social Engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Integrity =

A

protecting against unauthorized changes to information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Integrity - 4 main types of attacks

A

Unauthorized modification; Impersonation; Man in the Middle; Replay

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Availability

A

Insuring systems and information are accessible by authorized users when they need access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Availability - 5 main types of disruptions

A

DDoS; Power Outages; Hardware Failures; Destruction of Equipment; Service Outages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Device Security - 5 ways to protect

A

Anti-virus software; Host Firewalls; Passwords/MFA; Security Updates; secure browsing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

3 Main privacy concerns

A

protecting our own data; educating our users; protecting data collected by our organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

2 Common types of private information

A

PHI and PII

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

PII =

A

all information that can be tied back to a specific individual

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PHI =

A

health care records regulated under HIPPA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Security Policy Framework - 4 types of documents

A

policies (mandatory); standards (mandatory); Guidelines (optional); procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

3 elements of access control

A

Identification; authentication; authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Identification (access control)

A

Individual makes a claim of their identity (username)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Authentication (access control)

A

proving a claim of identity (password/mfa)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Authorization (access control)

A

verifying that the user is allowed access (regulating specific access and permissions)

17
Q

Security Policy Framework (4 different types of documents)

A

Policies, Standards, Guidelines, Proceedures

18
Q

3 Steps for Access Control

A

Identification; Authentication; Authorization

19
Q

3 Types of access control systems

A

Mandatory Access Control (MAC) - OS; Discretionary Access Control (DAC) - xrw; Role-based Access Control - job-based roles/permissions

20
Q

Account Types (5)

A

User; System Administrator; Guest; Shared/Generic; Service

21
Q

2 different environments for encryption

A

Data at rest; Data in transit

22
Q

Business continuity scope (3)

A

Activities covered; systems covered; controls implemented

23
Q

Tools to remediate availability (2):

A

Redundancy (duplication of data); Fault tolerance (automatic failover)

IT Fundamentals (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions