block 8 information protection Flashcards
three components of the CIA TRIAD
- Confidentiality
- Integrity
- Availability
- focuses on data protection from IT Security standpoint (ITsec)
Confidentiality
- ensuring information is
accessible only to those authorized to have access
what is data in use?
-data actively changing.
- application layer of the OSI model.
what is Data-in-motion?
- AKA data-in-transit
- data traversing a network, the internet, etc.
- data in flight = wireless
what is data at rest?
data must not currently be in
use or moving point-to-point.
(ex. files, folders, drives, etc)
what is integrity?
(AKA data authenticity) data not altered in an unauthorized manner from point of origin to delivery
what is hashing?
- mathematical formula to data
- binary form
- taking a virtual snapshot of the data.
what is availability?
- assures that systems work when needed, resources are accessible at all times, and authorized users are not denied services
what does the AAA model focus on?
-maintains CIA triad via access control
- focuses on controlling access to info + data
what is identification?
system to prove individual identity
- Ex. usernames, passwords, CACs, digital tokens, key fobs, and biometrics
what is authentication?
- verifies identification factors
(Ex. CAC card pin)
cac card is identification
pin = authentication
what is authorization?
system applies permissions to a user’s account after logging in to said system
what is accounting?
deals with logging activity so that different departments can be held responsible for their usage of the different services, user and device activity can be tracked and create a chain of custody-type of management workflow, and ensure non-repudiation occurs properly.
- Accounting is done
with various logging events such as system logs, security logs, and application logs.
what is non-repudiation?
recipient proof of actions (receipts), so neither can later deny having processed the information.
what are the 2 acts that grant exceptions to entities?
- USA patriot ACT 2001
- reduce restriction laws to detect and suppress terrorism.
- Electronic Communication Privacy Act (ECPA) of 1986
reduce criminal penalties when unauthorized access to the electronic communication is not for a
tortious or illegal purpose or private commercial gain
what are the 2 acts that propose penalties on those who abuse systems and resources?
- Sarbanes Oxley Act (SOX) of 2002
“The Act contains provisions affecting corporate governance, risk management, auditing,
and financial reporting of public companies, including provisions intended to deter and punish corporate
accounting fraud and corruption.”
SOX- fined up to $5,000,000 and
receive 20 years in prison.
- Health Insurance Portability and Accountability Act (HIPAA) of 1996
- protect personal health information (PHI) from being disclosed without their consent or knowledge
Violating HIPAA can lead to 10 years in prison and a $250,000 fine
what is a policy?
“plan embracing goals and acceptable procedures especially of a governmental body
what is a procedure?
series of actions done in a certain way or order
what is principle of least privilege (PoLP)?
- should only have the necessary privileges to complete their tasks
what are security policies?
- define objectives/constraints for security program
what is awareness?
NIST SP 800-50 = Awareness is not training.
goal = focus attention on security.
Awareness presentations allow individuals to recognize IT security concerns and respond accordingly. (done by SAT)
what is security awareness training (SAT)?
- entire user population
consists of
1) TRAINING - personnel to cover the importance of securing information
2) INFORMING
- users of their roles in daily IT security responsibilities, as documented in agency
security policy and procedures
3) STEPS
-personnel need to take to help ward off attacks
what is user agreement?
must agree to certain conditions before they may have access.
- contain acceptable use policy (AUP)
classification of information, and Personally Identifiable Information (PII).
what is user accountability?
NIST SP 800-16
- individual accountability should be one of your organization’s prime security objectives and derived from a fully informed, well-trained, and aware workforce.
hopes of less disruptions or compromises by accountability
