Chapter 1 Flashcards

1
Q

When does a security incident occur?

A

Security incidents occur when an organization experiences a breach of confidentiality, integrity, and/or availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain CIA triad

A

The three key objectives of cybersecurity programs are confidentiality, integrity, and availability.

  • Confidentiality ensures that unauthorized individuals are not able to gain access to sensitive information.
  • Integrity ensures that there are no unauthorized modifications to information or systems
  • Availability ensures that information and systems are ready to meet the needs of legitimate users
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain DAD triad

A

Explains the three key threats to cybersecurity.

  • Disclosure is the exposure of sensitive information to unauthorized individuals
  • Alteration is the unauthorized modification of information
  • Denial is the unintended disruption of an authorized user’s legitimate access to information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain breach impact

A
  • Financial risk is, as the name implies, the risk of monetary damage. Examples: the costs of rebuilding a datacenter after it is physically destroyed or the costs of contracting experts for incident response and forensic analysis services
  • Reputational risk occurs when the negative publicity surrounding a security breach causes the loss of goodwill among customers. Examples: identity theft
  • Strategic risk is the risk that an organization will become less effective in meeting its major goals. Examples: if the organization does not have another copy of lost plans, they may be unable to bring the new product to market
  • Operational risk is risk to the organization’s ability to carry out its day-to-day functions. Examples: Operational risks may slow down business processes, delay delivery of customer orders, or require the implementation of time-consuming manual work-arounds
  • Compliance risk occurs when a security breach causes an organization to run afoul of legal or regulatory requirements. Example: If an organization loses patient medical records, they violate HIPAA requirements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Security control categories

A

Security controls are categorized based on their mechanism of action: the way that they achieve their objectives

  • Technical controls enforce confidentiality, integrity, and availability. Examples: firewall rules, access control lists, intrusion prevention systems, and encryption
  • Operational controls include the processes that we put in place to manage technology in a secure manner. Examples: user access reviews, log monitoring, and vulnerability management
  • Managerial controls are procedural mechanisms that focus on the mechanics of the risk management process. Examples: periodic risk assessments, security planning exercises, and the incorporation of security into the organization’s change management, service acquisition, and project management practices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Security control types

A

CompTIA also divides security into types, based on their desired effect

  • Preventive controls intend to stop a security issue before it occurs. Examples: Firewalls and encryption
  • Detective controls identify security events that have already occurred. Examples: Intrusion detection systems
  • Corrective controls remediate security issues that have already occurred. Examples: Restoring backups after a ransomware attack
  • Deterrent controls seek to prevent an attacker from attempting to violate security policies. Examples: Vicious guard dogs and barbed wire fences
  • Physical controls are security controls that impact the physical world. Examples: fences, perimeter lighting, locks, fire suppression systems, and burglar alarms
  • Compensating controls are controls designed to mitigate the risk associated with exceptions made to a security policy. Examples: an organization might find that it needs to run an outdated version of an operating system on a specific machine
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Where can data exist?

A

The three states where data might exist:

  • Data at rest is stored data that resides on hard drives, tapes, in the cloud, or on other storage media
  • Data in motion is data that is in transit over a network
  • Data in processing is data that is actively in use by a computer system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Data loss prevention

A

Data loss prevention (DLP) systems help organizations enforce information handling policies and procedures to prevent data loss and theft

  • Host-based DLP
  • Network-based DLP systems

Mechanisms of action:

  • Pattern matching, where they watch for the telltale signs of sensitive information
  • Watermarking, where systems or administrators apply electronic tags to sensitive documents and then the DLP system can monitor systems and networks for unencrypted content containing those tags
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Data minimization

A
  • Hashing uses a hash function to transform a value in our dataset to a corresponding hash value
  • Tokenization replaces sensitive values with a unique identifier using a lookup table
  • Masking partially redacts sensitive information by replacing some or all sensitive fields with blank characters
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Data protection types

A
  • Data Encryption
  • Data Loss Prevention
  • Data Minimization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly