Ch1 Flashcards

1
Q

Confidentiality ensures…

A

Data is only viewable by authorized users. Best way to protect confidentiality of data is by encrypting it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What protects confidentiality by restricting access?

A

Access controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Integrity verifies…

A

…that data has not been modified. Hashing algorithms calculate hashes to verify integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What do digital signatures do?

A

Verify integrity of emails/files and provide authentication and non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Availability ensures…

A

…that systems are up and operational when needed and often addresses single points of failure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Risk

A

The likelihood that a threat will exploit a vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Risk Mitigation

A

Reducing the chances that a threat will exploit a vulnerability, or reducing the impact of the risk, by implementing security controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

3 common classes of security controls

A

Technical, administrative, and physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Technical controls

A

Use technology to reduce vulnerabilities. Examples include encryption, AV software, IDS/IPSs, and firewalls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Preventative controls

A

Attempt to prevent security incidents (hardening systems, security guards, change management, account disablement).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Detective controls

A

Attempt to detect when vulnerabilities have been exploited (log monitoring, trend analysis, security audits, CCTV systems)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Virtualization provides…

A

multiple virtual servers running on 1 physical server. Provides increased availability with lower operating costs. Provides flexibility via snapshots.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A threat is…

A

Any circumstance or event that has the potential to compromise confidentiality, integrity, or availability (CIA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A vulnerability is…

A

a weakness. (hardware, software, configuration, or users)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Uses of ping command

A

Check connectivity, verify name resolution. Check security posture by verifying routers, firewalls, IPSs block ICMP traffic (if configured).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What commands view network interfaces?

A

ipconfig (windows), ifconfig (linux, deprecated in Debian), ip (linux). ifconfig can enable NIC promiscuous mode. ip/ifconfig can change settings of the NIC, unlike ipconfig