Basic Concepts and Principles Flashcards

1
Q

What is inforamtion securtity?

A

the purpose of information security is to protect and preserve the Confidentiality, integrity, and availability of information. it also involves protecting and preserving authenticity, and reliability and holding entities accountable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is information assurance?

A

measures to protect and defend the information and information systems’ confidentiality, integrity, availability, authentication, and non-repudiation, it also includes capabilities like protection, detection, reaction, and restoration of information systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is cybersecurity?

A

set of measures, activities, and standards. policies and rules to ensure the security(confidentiality, integrity, availability) of systems in the cyber environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is computer Security?

A

measures and controls to ensure the the confidentiality, integrity, and availability of information system assets including hardware, software, and firmware. and information being processed, stored, and communicated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is cyberspace?

A

all systems and services that are directly or indirectly connected to the internet, electronic communications, and computer networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Main Characteristics of Cyberspace?

A

▪ Man-made domain
▪ Consists of information systems and data
▪ Its nature changes through technological changes
▪ Access happens in the speed of light
▪ Enables operations in all other domains
▪ Not limited to geographically or politically drawn borders

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Elements of Cyberspace?

A

Hardware
* Servers
* PCs
* Mobile phones
* Industrial Control Systems
* …

▪ Software and Data

  • Operating systems
  • Database management systems
  • Application software
  • Firmware

  • ▪ Communication Infrastructure
  • Wired/Wireless networks
  • RF
  • Satellite systems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Fundamental Goals of Computer
Security?

A

Confidentiality, Integrity, Availability, Authentication, Authorization, Accountability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Confidentiality?

A

Confidentiality ensures that non-public information is accessible only to authorized parties, whether the data is stored or in transit. The goal is to prevent or minimize unauthorized access. Key security controls for maintaining confidentiality include encryption, access controls, procedural means (such as restricting physical access to offline storage media), and steganography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Integrity?

A

Integrity involves protecting the reliability and correctness of data, and ensuring that data, software, or hardware remains unaltered except by authorized parties. It can be examined from three perspectives: preventing unauthorized modifications, preventing authorized subjects from making unauthorized modifications, and maintaining internal and external consistency. Security controls for integrity include authentication, access control, encryption, interface restrictions, and cryptographic checksums.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Availability?

A

Ensuring timely and reliable access to and use of information. (FIPS199)
▪ Threats to availability:
* Device failure
* Software errors

Somesecurity controls for availability:
* Proper system design
* Access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Authentication?

A

Verifying the identity of a user, process, or device, often as a
prerequisite to allowing access to resources in an information
system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Entity authentication?

A

confirms that the identity of a person or system involved in a transaction is genuine, which helps in the authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Data [origin] authentication?

A

ensures that the source of the data or software is genuine
it also implies data integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Authorization?

A

Only authorized entities can access computing resources, as approved by the resource owner or domain administrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Accountability?

A

The ability to identify principals responsible for past actions.

17
Q

What is Cyber Warfare?

A

Actions by a nation-state to penetrate
another nation’s computers or networks for
the purposes of causing damage or
disruption.