Basic Security Concepts

Question 1

Types of Software

Answer 1

System Software: Operating systems
Application Software: Word Processing, Browsers
Utility Software: File Mgmt., Antivirus

Question 2

What is an Application Software?

Answer 2

A program designed to perform a specific function foe the user or an application program.
Such as Word Processors, Excel, Database Programs, and Web Browsers

Question 3

Application Software vs. Operating Systems

Answer 3

Application Software: YouTube, Amazon, Twitter, etc

Operating Systems:
Apple iOS, Apple MacOS, Windows, Linux.

Android is powered by Linux

Question 4

What is Architecture - Mainframe?

Answer 4

A terminal used for input and output, processing is done by the mainframe.

Mainframe: Other computers are connected to it.

Client-Server Architecture

Client requester- Laptop/Workstation

Server-provider: Email, DNS, File, Application, Printer, Web

Tick or Fat client: Yahoo messenger, Outlook servers

Thin Client: Modem

Question 5

What is Peer-to-Peer (P2P): Ad hoc wireless connection?

Answer 5

A computer-to-computer network used for sharing files.

Up to 10 Computers

Question 6

What is a Server?

Answer 6

Computer program that provides services to other computer programs and their users.

EXPLANATION:
In a restaurant environment a server is like a host that processes information, you put a request in.
The server goes to the chef with the order. The chef is the “database” person who goes into the storage get information and mixes it up. Presents it back to the server. The server brings it back.

Question 7

What is an ISO role?

Answer 7

Day-to-day activities of systems.
Documentation for the system.
Making sure the system is in compliance.

Question 8

What is an Audit Role?

Answer 8

Making sure the systems are in compliance.

Having their documentation in place.

Question 9

What is (RMF) Risk Management Framework?

Answer 9

You can convert the controls from RMF to other frameworks.

Question 10

What is HITRUST?

Answer 10

Health information Trust Alliance.

Each level bills with increasing rigor on the one below.

Question 11

What is a Web server?

Answer 11

A computer program that serves requested HTML pages or files.

Question 12

What is a Web client?

Answer 12

The requesting program associated with the user.

Question 13

What is a Web browser?

Answer 13

In the computer is a client that request HTML files from web servers.

Question 14

What are the 6 types of Servers?

Answer 14

Application Server: design to install operate and host.

Virtual Server: a web server that she has computer resources with other virtual servers.

Mail server a program application responsible for receiving routing and delivering email for remote senders.

Proxy server a system or router that provides a Gateway between uses and Internet.

Blades Ave very thin and small service that fit into “bays” and connect together to perform high-powered computing.

File server a computer responsible for the Central Storage and management of data files for other computers on the same network to access the files.

Question 15

What Topology do we have in our homes?

Answer 15

Star Network Topology. Because everything connected to the modem/router.

Question 16

What is Information Technology?

Answer 16

The study or use of systems especially computers and telecommunications for storing retrieving and sending information

Question 17

What is Information Security?

Answer 17

Protects information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction.

Question 18

Core Security Principles?

Answer 18

CIA:

Confidentiality: Only authorized people have access to information. Need to know basis.

Integrity: Information cannot be modified without detection.

Availability: Information accessible whenever needed.

Question 19

Information Assurance

Answer 19

To protect the Confidentiality, Integrity, and Availability of Information and the Information system that host the information.

Question 20

Information System

Answer 20

The combination of people, processes, technology, infrastructure and information.

Question 21

AAA Protocols/Framework

Answer 21

Identification- Email address, username

Authentication - “Identifies/verifies” determines who the user is.

Authorization - determines what the user can do.

Accounting - determines what the user did.

Question 22

What two forms is Confidentiality is protected?

Answer 22

1. Access Control

2. Encryption

Question 23

What is the method of ensuring Integrity?

Answer 23

Hashing

Question 24

SPOF

Answer 24

Single Points of Failure

Question 25

What methods are used to increase/maintain availability?

Answer 25

Fault tolerance
Virtualization 
HVAC systems
Backups 
Cloud computing 
Generators

Hot & Cold & Warm sites are also used to ensure availability.

Question 26

Confidentiality =
Integrity =
Authentication =

Answer 26

Confidentiality = Disclosure 
Integrity = Change 
Authentication = Obliteration