Chapter 1 Flashcards
Define Confidentiality:
prevents the unauthorized disclosure of data.
The different methods to ensure confidentiality is:
Encryption
Access Controls
Steganography
Obfuscation
Define Encryption:
scrambles data to make it unreadable by unauthorized personnel
What is included to provide access controls?
Identification
Authentication
Authorization
Define Identification:
a unique username
Define Authentication:
a password
Define Authorization:
grant or restrict access to resources
Define Steganography:
the practice of hiding data within data
Define obfuscation:
security through obscurity
The CIA security triads includes:
Confidentiality
Integrity
Availability
Define Integrity:
provides assurances that data has not changed
What can you use to enforce integrity?
Hashing or Message Authentication Code (MAC)
Digital signatures
Describe hash:
a number created by executing a hashing algorithm against data, such as a file or message
What are two key concepts related to integrity?
Integrity provides assurances that data has not been modified, tampered with, or corrupted
Hashing verifies integrity
Digital signatures provide:
non-repudiation
Digital signatures requires:
the use of certificates
and
Public Key Infrastructure (PKI)
Certificates include:
keys used for encryption
Public Key Infrastructure provides:
the means to create, manage, and distribute certificates
Define non-repudiation:
the ability to prevent a party from denying an action.
Access logs provide:
non-repudiation
Define availability:
indicates that data and services are available when needed
What is a common goal of fault tolerance and redundancy?
To remove each single point of failure (SPOF)
Some fault tolerance and redundancy techniques:
Disk redundancies
Server redundancies
Load balancing
Site redundancies
Backups
Alternate power
Cooling systems
Define disk redundancies:
fault-tolerant disks allow a system to continue to operate even if a disk fails
RAID-1:
mirroring
RAID-5:
striping with parity
RAID-10:
striping with a mirror
Define server redundancies:
Failover clusters include redundant servers and ensure a service will continue to operate, even if a server fails
Virtualization can also increase availability of servers by reducing unplanned downtime
Load balancing uses:
multiples servers to support a single service
Site redundancies provide:
an alternate site when a site can no longer function due to a disaster
Alternate power:
Uninterruptible power supplies (USPs) and power generators can provide power to key systems even if commercial power fails.
Cooling systems:
heating, ventilation, and air conditioning (HVAC) systems improve the availability of systems by reducing outages from overheating
One of the basic goals of implementing IT security is to:
reduce risk.
Define Risk:
the possibility or likelihood of a threat exploiting a vulnerability resulting in a loss.
Define Threat:
any circumstance or event that has the potential to compromise confidentiality, integrity, or availability.
Define Vulnerability:
a weakness in either the hardware, software, configuration, or even the users operating the system.
When can a security incident occur?
When a threat exploits a vulnerability.
Define security incident:
an adverse event or series of events that can negatively affect the confidentiality, integrity, or availability of an organization’s information technology (IT) systems and data.
Risk mitigation:
reduces the chances that a threat will exploit a vulnerability.
Technical controls:
use technology to reduce vulnerabilities
Administrative controls:
use methods mandated by organizational policies or other guidelines
Physical controls:
are any controls that you can physically touch
Preventive controls:
attempt to prevent security incidents
Detective controls:
attempt to detect when vulnerabilities have been exploited, resulting in a security incident
Corrective controls:
attempt to reverse the impact of an incident or problem after it has occurred
Compensating controls:
are alternative controls used when a primary control is not feasible
Example of technical controls:
Encryption
Antivirus software
Intrusion detection systems (IDSs) and Intrusion prevention systems (IPSs)
Firewalls
Least privilege
Define encryption:
a strong technical control used to protect confidentiality
Define antivirus software:
once installed, the antivirus software provides protection against malware infection
Define Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs):
can monitor a network or host for intrusions and provide ongoing protection against various threats
Define firewalls:
restrict network traffic going in and out of a network