Cybersecurity Flashcards

1
Q

What is security?

A

The state of being free from danger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a threat?

A

It represents the possibility of being attached / possible danger to system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is confidentiality?

A

Protecting info from unauthorized access to protect privacy

Security Goals: Keep secrecy of message
Potential Threat: Data exposure
Defense Technique: Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Integrity?

A

Protecting information from improper modification or destruction

Security Goals: Ensure authenticity of message
Potential Threat: Data modification
Defense Technique: Hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is system availability?

A

The system should be available all the time from anywhere

Security Goals: Ensure timely and reliable access and use of dataa
Potential Threat: Denial of service
Defense Technique: Firewalls, IDS, IPs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is user authentication?

A

The process of proving you are who you claim.

  1. What they know- passwords, access codes
  2. Who they are - fingerprints, face recognition
  3. what they have: access cards

2FA must use two of the above categories

Security Goals: Provide you are who you claim
Potential Threat: Masquerading or impersonation
Defense Technique: 2Fa, authentication protocols like Kebrous, regis, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is user authorization / privileges separation?

A

The users who have access to the same system may have different permissions

Least Privilege Principle: the minimum # of permissions that allow a person to do their job

Security Goals:
Potential Threat: Privilege escalation (give people more privilege than needed)
Defense Technique: access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is accounting?

A

Monitoring and capturing the events done by the user while accessing the system.

Security Goals: Make everyone accountable for what they are doing in the system
Potential Threat: Repudiation (deny what you did)
Defense Technique: Log files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly