Chapter 6: Summary book Flashcards
What is the security triad? CIA
Confidentiality, Integrity and Availability
What means Confidentiality?
Confidentiality = to be able to restrict access to those who are allowed to see it.
What means Integrity?
Integrity = the assurance that the information being accessed has not been altered and truly represents what is intended. Can happen unintentionally, e.g. if a computer power surge corrupts a file.
What means Availability?
Availability = the system must be available for its users. It means that information can be accessed and modified by anyone authorized to do so in an appropriate timeframe.
What are tools for information-security policy?
Authentication, Acces Control, Encryption, Backup Plan, Firewall, Intrusion Detection Systems (IDS), Physical Security, Security Policies
What is Authentication?
Authentication is used to ensure that the person accessing the information is indeed who they present themselves to be. Single-factor authentication is easy to compromise, that’s why Multi-factor authentication is combining two or more of the below mentioned factors, e.g. RSA SecurID token, to ensure more security. Authentication can be accomplished by identifying someone trough:
- something they know (e.g. user ID and password)
- something they have (e.g. card or key)
- something they are (physical characteristics = biometrics), this is the hardest to compromise (e.g. eye-scan or fingerprint)
What is Acces Control
Access Control ensures that users can only access the information resources that are appropriate. Access Control determines which users are authorized to read, modify, add and/or delete information.
What is Acces Control List (ACL)
Access Control List (ACL) = list of users who have the ability to do specific actions. Capabilities are assigned, such as read, write, delete or add. ACL’s are simple and easy to understand. The drawback is that each information resource is managed separately.
What is Role-Based Control List (RBAC)
Role-Based Control List (RBAC) doesn’t give specific users access rights, but assigns roles to users which provide access. This allows the administrators to manage users and roles separately, simplifying administration and, by extension, improving security.
What is Encryption
Encryption is the process of encoding data upon its transmission or storage so that only authorized individuals can read it. The plain text that needs to be send is encoded, then the recipient receives the cipher text and decodes it (decryption).
What is symmetric key encryption
Symmetric key encryption = both parties share the same encryption key, which enables them to code and decode each other’s messages. Disadvantage: key is available in two places.
What is public key encryption
Public key encryption = two keys are used; a public key and a private key. To send an encrypted message, you obtain the public key, encode the message, and send it. The recipient then uses the private key to decode it.
What are the characteristics of a good backup plan?
- Full understanding of organizational information resources.
- Regular backups of all data.
- Offsite storage of backup data sets.
- Test of data restoration.
What is a firewall
A firewall protects all company servers and computers by stopping packets from outside the organisation’s network that do not meet a strict set of criteria.
What is a hardware firewall
A hardware firewall is a device that is connected to the network and filters the packets based on a set of rules
What is a software firewall
A software firewall runs on the operating system and intercepts packets as they arrive to a computer.
What is a Intrusion Detection System
Intrusion Detection Systems (IDS) do not add any additional security, instead it provides the functionality to identify if the network is being attacked.
What is physical security
Physical security is the protection of the actual hardware and networking components that store and transmit information resources (e.g. locked doors, physical intrusion detection, secured equipment, environmental monitoring and employee training).
What are security policies
Security policies are a form of administrative control. A good information-security policy lays out the guidelines for employee use of the information resources of the organization and in case of failure, they’ll comply with a policy that will result in disciplinary action.
How to care about Personal Information Security
- Keep software up to date.
- Install an antivirus software package.
- Be smart about connects. Be aware of your surroundings (e.g public wifi or USB flash drives).
- Create regular backups.
- Secure accounts with two-factor authentication. E.g password and mobile approve.
- Use strong passwords. Your passwords should be 8 or more characters and contain at least two of: upper-case letters, numbers, and special characters.
- Be aware of suspicious links and attachments. E.g phising mail or Facebook post.
