Chapter 1: Controls Flashcards
Prevents the disclosure of data to unauthorized people so that authorized people have access to data (CIA Triad)
Confidentiality
you know the data has not been altered or tampered with. (CIA Triad)
Integrity
Data is always available; example is RAID (CIA Triad)
Availability
where you give someone only the most limited access required
Least Privilege
Concept of protecting a company’s data with a series of protective layers so that if one layer fails another layer will already be in place to thwart attack
Defense in Depth
Written by managers to create organizational policies and procedure to reduce risk within companies; annual risk assessments/penetration testing vulnerability scanning (Control Type)
Managerial Control
Executed by company personnel during their day to day operations; annual security awareness training/change management/business continuity plan; (Control Type)
Operational Control
Those implemented by IT team to reduce the risk to the business; firewall rules/antivirus/screensavers/IDS/IPS (Control Type)
Technical Controls
CCTV and Motion Sensors (Control Type)
Deterrent Controls
Used to investigate and incident that has happened and needs to be investigated (Control Type)
Detective Controls
The actions you take to recover from an incident; file suppression systems-fire destroyed data (Control Type)
Corrective Controls
Can be used instead of a primary control that has failed or is not available; use a credit card when all cash is gone (Control Type)
Compensating Controls
Are in place to deter any attack; could be having a security guard with a large dog whaling around the perimeter of building (Control Type)
Preventative Controls
The user is only given the access needed to perform their job; also known as user based. (Type of Access Control)
Discretionary Access Control
Based on the classification level of the data-looks at how much damage could be inflicted to the interests of the nation; Top Secret/Secret/Confidential (Type of Access Control)
Mandatory Access Control
subset of the department carrying out a subset of duties within a department; example would be two people within the finance department who only handle petty cash (type of Access Control)
Role Based Access Control (RBAC)
a rule is applied to all the people within a department; contractors only have access between 8am and 5 pm (type of access control)
Rule-Based Access Control
access is restricted based on an attribute in the account; John could be an executive and some data could be restricted to those with only the executive attribute (type of access control)
Attribute Based Access Control
people may be put into groups to simplify access (type of access control)
Group-Based Access Control
Signage/Fences/Visitor Logs/Badges/Lighting/Cameras/Robot Sentries (type of physical control)
Perimeter
Security guards/key management/mantraps/proximity cards/tokens/biometric locks/electronic locks/burglar alarms/fire alarms/conduits/environmental controls; (type of physical control)
Building Security
Cable Locks/Air gap/laptop safe/usb data blocker/vault/faraday cage; (type of physical control)
Device Protection
Steps in the Digital Forensic Cycle
Collection–>Examination–>Analysis–>Reporting
the data is examined; then extracted from the media that is on it, and then converted into a format that can be examined by forensic tools
Collection
