Domain 1 Flashcards
What are the three main components of the CIA Triad?
Confidentiality Integrity Availability
What does confidentiality aim to prevent?
Unauthorized access to data.
How can confidentiality be ensured?
Through measures like encryption access control and data classification.
What is the focus of integrity in the CIA Triad?
Maintaining the reliability and correctness of data.
What are some examples of integrity violations?
Unauthorized alterations errors in coding and malicious modifications.
What is the goal of availability?
To ensure authorized access to objects without interruption.
What threats does availability protect against?
Denial-of-service attacks device failures and environmental issues.
What is the DAD Triad and how does it relate to the CIA Triad?
The DAD Triad represents Disclosure Alteration and Destruction highlighting security failures opposite to the goals of the CIA Triad.
What is the risk associated with overprotection?
Excessive security measures can lead to constraints on availability or other security aspects.
What does authenticity ensure?
Data originates from its claimed source verifying its integrity and preventing unauthorized alterations.
What is the purpose of nonrepudiation in security?
To prevent denial of actions or events and hold subjects accountable for their actions.
What are the elements of AAA services in security?
Identification Authentication Authorization and Accounting Auditing
What does encryption achieve in security?
Hiding the meaning or intent of communication from unintended recipients.
What are security boundaries and why are they important?
Lines between areas with different security requirements crucial for controlling the flow of information and deploying appropriate security mechanisms.
What is the key principle behind defense in depth?
Using multiple security controls in a series to protect against various threats.
What is abstraction in security?
Grouping similar elements and assigning security controls collectively for efficiency.
How does data hiding contribute to security?
It prevents unauthorized access to data by positioning it in a compartment not accessible to unauthorized subjects.
What is security governance?
Practices related to supporting, evaluating, defining, and directing security efforts within an organization.
How is security governance ideally performed within an organization?
Ideally performed by a board of directors but smaller organizations may have the CEO or CISO oversee these activities.
What is the importance of external sources in security governance?
Provide knowledge and insight against which the organization’s security processes and infrastructure are compared.
What are some factors that impose governance on organizations?
Legislative and regulatory compliance needs industry guidelines or license requirements.
What is the role of documentation review in governance and third parties?
Ensures that exchanged materials meet standards and expectations before on-site inspections reducing the risk of non-compliance.
Why is third-party governance important?
Third-party governance ensures that external entities comply with security objectives requirements regulations and contractual obligations minimizing additional risks to the primary organization.
What are the consequences of inadequate documentation in third-party governance?
Inadequate documentation can result in the loss or voiding of authorization to operate (ATO) requiring a complete documentation review and on-site inspection for reestablishment.
How does risk management relate to documentation review?
Documentation review ensures that business tasks systems and methodologies support security goals through vulnerability reduction and risk mitigation.
What does managing the security function entail?
Involves evaluating and improving security over time through proper governance; risk assessment; measurable security; and metrics evaluation.
How should security planning align with business strategy?
Aligns with organizational strategy; goals; and objectives. Business cases are used to justify security initiatives; and a top-down approach is preferred for effective security management planning.
What needs to be autonomous to avoid internal politicl issues?
The information Security Team for effective security management.
Describe the different types of security plans.
Security plans include strategic plans (long-term); tactical plans (mid-term); and operational plans (short-term); each focusing on specific objectives and timelines.
What are elements of security planning?
defining security roles; how security will be managed; responsibilities; testing for effectiveness; policies; education.
What organizational processes should security governance address?
All aspects of organization including acquisitions; mergers; divestitures; etc.
What are the key security roles within an organization?
Senior manager; security professional; asset owner; custodian; user; and auditor.
Name some widely recognized security control frameworks.
COBIT; NIST; CIS; ISO/IEC; and ITIL; each providing guidelines and best practices for IT security management.
What disproves negilgence in management?
Due diligence and due care
What is a Security Policy?
It defines the scope of security needed by an organization outlines strategic objectives and goals assigns responsibilities and specifies compliance requirements and acceptable risk levels.
What are the components of security documentation below Security Policies?
Standards Baselines and Guidelines.
Define Standards in security documentation.
Compulsory requirements for hardware software technology and security controls within an organization.
What is the purpose of Baselines in security documentation?
Establish a minimum level of security that all systems must meet providing a foundational secure state.
Explain Guidelines in the context of security documentation.
Offer recommendations on implementing standards and baselines providing flexibility for customization based on unique system conditions.
What do Security Procedures entail?
Detailed step-by-step documents describing actions necessary to implement specific security mechanisms controls or solutions.
Why is it beneficial to keep security documentation separate?
This allows for tailored access to different users and makes it easier to update and redistribute affected material without overhauling entire policies.
What role does security documentation play in an organization?
Guides decisions; training; problem-solving; and future expansion; supporting real-world security in a directed efficient and specific manner.
What is threat modeling?
Involves identifying categorizing and analyzing potential threats to a system or product.
What are defensive or proactive measures in threat modeling?
Involve threat modeling during design and development.
What is reactive or adversarial threat modelling?
Threat modelling after deployment
Name three methods for identifying threats.
Focusing on assets; attackers; or software.
What is the STRIDE model used for in threat modeling?
The STRIDE model categorizes threats into Spoofing; Tampering; Repudiation; Information Disclosure; Denial of Service; and Elevation of Privilege.
Describe the Process for Attack Simulation and Threat Analysis (PASTA).
Risk-centric methodology involving seven stages for threat modeling.
What does VAST stand for and what is its purpose?
VAST stands for Visual Agile and Simple Threat and it integrates threat and risk management into Agile programming environments.
What is the purpose of creating diagrams in threat modeling?
Visualize potential attack concepts and data flow within a system.
What is reduction analysis in threat modeling?
This involves decomposing the application system or environment to understand its internal components and interactions.
How are threats prioritized in threat modeling?
Threats are prioritized based on factors such as probability and damage potential.
Name a risk assessment technique used in threat modeling.
The DREAD system which assesses Damage Potential; Reproducibility; Exploitability; Affected Users; and Discoverability.
What is Supply Chain Risk Management (SCRM)?
Ensures the reliability security and integrity of the supply chain
Why is it important to establish minimum security requirements within the supply chain?
Establishing minimum security requirements ensures that each entity within the supply chain meets or exceeds expected security levels
What are Service-Level Requirements (SLRs) and how are they used in supply chain management?
They define the expected service and performance levels from vendors often incorporated into Service Level Agreements (SLAs) to ensure security and performance standards are met.
