Chapter 1 Concepts

Question 1

Confidentiality

Answer 1

Confidentiality ensures that data is only viewable by authorized users. The best way to protect the confidentiality of data is to encrypt it

Question 2

Steganography

Answer 2

Steganography is the process of hiding data within data. Such as hiding a text document within an image file

Question 3

Integrity

Answer 3

Integrity provides assurances that data has not changed. This includes ensuring that data has not been modified, tampered with, or corrupted. Loss of integrity indicates the data is different.

Question 4

Availability

Answer 4

Availability indicates that data and services are available when needed. Organizations commonly implement redundancy and fault-tolerance to ensure high levels of availability.

Question 5

Redundancy

Answer 5

Redundancy adds duplication to critical systems and provides fault tolerance. If a critical component has a fault, the duplication provided by the redundancy allows the service to continue without interruption.

Question 6

Fault Tolerance

Answer 6

A goal of fault tolerance is to remove each single point of failure. A system with fault tolerance can suffer a fault but it can tolerate it and continue to operate.

Question 7

Risk

Answer 7

Risk is the possibility or likelihood of a threat exploiting a vulnerability resulting in a loss.

Question 8

Threat

Answer 8

A threat is any circumstance or event that has the potential to compromise confidentiality, integrity, or availability.

Question 9

Vulnerability

Answer 9

A vulnerability is a weakness in hardware, software, configuration, or even users.

Question 10

Security Incident

Answer 10

A security incident is an adverse event or series of events that can negatively affect the confidentiality, integrity, or availability of an organization’s IT systems and data. This includes intentional attacks, malicious software (malware) infections, accidental data loss, and much more.

Question 11

Risk Mitigation

Answer 11

Risk mitigation reduces the chances that a threat will exploit a vulnerability, or reduces the impact of the risk, by implementing security controls.

Question 12

Security Controls

Answer 12

Security controls are used to mitigate risk and include technical, administrative, physical, preventive, detective, corrective, deterrent, and compensating.

Question 13

Technical Controls

Answer 13

Technical controls use technology to reduce vulnerabilities. Some examples include encryption, anti-virus software, and firewalls.

Question 14

Administrative Controls

Answer 14

Administrative controls use methods mandated by organizational policies or other guidelines. These include awareness and training, configuration and change management, and contingency planning.

Question 15

Physical Controls

Answer 15

Physical controls are controls that you can physically touch. Some examples include lighting, signs, fences, and security guards.

Question 16

Preventive Controls

Answer 16

Preventive controls seek to proactively prevent or stop security incidents from happening. Some examples include hardening systems, security awareness and training, security guards, and account disablement policy.

Question 17

Detective Controls

Answer 17

Detective controls attempt to detect when vulnerabilities have been exploited, resulting in a security incident. Detective controls discover the event AFTER it’s occurred. Some examples include log monitoring, trend analysis, security audits, video surveillance, and motion detection.

Question 18

Corrective Controls

Answer 18

Corrective controls attempt to reverse the impact of an incident or problem after it has occurred. Some examples include intrusion prevention systems (IPS), backups and system recovery.

Question 19

Deterrent Controls

Answer 19

Deterrent controls attempt to discourage a threat. Some deterrent controls attempt to discourage potential attackers from attacking, and others attempt to discourage employees from violating a security policy. Some physical security deterrents include cable locks, and hardware locks.

Question 20

Compensating Controls

Answer 20

Compensating controls are alternative controls used instead of a primary control. If an employee can’t get an ID card, the organization might issue them a time-based one-time password

Question 21

netstat

Answer 21

The netstat command (network statistics) allows you to view statistics for TCP/IP protocols on a system. It also gives you the flexibility to view active TCP/IP network connections.

Question 22

tracert

Answer 22

The tracert command lists the routers between two systems. Tracert identifies the IP address and sometimes the host name of each hop in addition to the round-trip times (RTTs) for each hop. Can be used to identify faulty routers on the network.