Chapter 1 Flashcards
The three core goals of cybersecurity
CIA
Confidentiality, Integrity, and Availablility
Acronyms
PII
Personally Identifiable Information
Examples: Medical Information, Credit Card Data
What are the key elements of access controls?
Identification, Authentication, Authorization
Access controls help protect confidentiality by restricting access
What is the best way to protect the confidentiality of data?
Encryption
Which of the 3 core goals of cybersecurity do hashing techniques enforce?
Integrity
Ensures that information being sent and received has not been modified
Ways to increase Availability
Adding fault tolerance and reduncancies
Redundancy
Adds duplication which allows the service to continue without interruption
Provides fault tolerance
Acronyms
SPOF
Single Point of Failure
If a SPOF fails, the entire system can fail
Acronyms
UPS
Uninterrupted Power Supply
Horizontal scaling
Adding additional servers
Vertical Scaling
Adding more resources such as memory or processing power to individual servers
Acronyms
TCO
Total Cost of Ownership
By increasing resiliency of systems, you can avoid higher TCO of a system
Resiliency
The ability of systems to heal themselves or recover from faults with minimal downtime
Risk
The possibilty of a threat exploiting a vulnerability
Threat
Any circumstance or event that has the potential to compromise CIA
Security Incident
An adverse event or series of events that can negatively affect the CIA of an organizations IT systems and data
Risk Mitigation
Reducing a risk’s impact
The 4 Security Control Categories
Technical, Physical, Manegerial, Operational
Security Control Types
Preventive, Detective, Corrective, Deterrent, Compensating, Directive
Acronyms
IDS and IPS
Types of technical controls
Intrusion detection systems and Intrusion Protection Systems
Types of technical controls
Examples of Manegerial Controls
Manegerial Controls - documented in written policies
Risk assessments, vulnerability assessments
Examples of Operational Controls
Awareness and training, Configuration management, Media Protection
Examples of Preventive Controls
Hardening, Training, Security guards, Account disablements process, IPSs
Hardening
The practice of making a system or application more secure than its default configuration
Includes disabling unnecessary ports and services, keeping system patched, using strong passwords and a robust password policy and disabling default and unnecessary accounts
Acronyms
SIEM
Security Information and Event Management
Example of detective control
What are the Primary Windows Logs?
System log, Security log, Application log
Can be viewed with the Windows Event Viewer
Acronyms
TOTP
Time-based One Time Password
Example of compensating control
Acronyms
NTP
Network Time Protocol
Acronyms
NOC
Network Operations Center
Where is log information stored in Linux Systems?
Text files contained in the /var/log directory
Where can you find general system messages on Linux Systems?
/var/log/syslog and/or
/var/log/messages
What are common sources of network logs?
Firewalls, IDSs, IPSs and packet captures
Gives information about network activity
What do SIEMs do?
Collect, analyze, and correlate logs from multiple sources
Specifies a log entry format and the details on how to transport log entries
You can deploy a centralized syslog server to collect syslog entries from a variety of devices in the network
Acronyms
MD5
Message Digest 5
A hashing algorithm that creates a fixed-length irriversible output
Acronyms
RAID
Redundant Arrays of Inexpensive Disks
What do RAIDs do?
Allow a single disk to fail without losing data
Acronyms
NIC
Network Interface Card
What is NIC teaming?
The use of multiple network interface cards so a server remains connected to the network even if one of the cards fails
Provides redundance/ fault tolerance
