Domain 1 - Security and Risk Flashcards
An emphasis on confidentiality can affect which other part of the CIA triad?
Availability. The data is harder to access.
What is cryptanalysis?
Attacks on encryption.
What is data in use?
Live data on your screen.
What is the opposite of the CIA triad?
DAD
Disclosure
Alteration
Destruction
A focus on integrity can cause what part of the CIA triad to suffer?
Availability
A focus on availability can cause what part of the CIA triad to suffer?
Confidentiality and Integrity
What does IAAA stand for?
Identification,
Authentication
Authorization,
Accountability
What is Type 1 Authentication?
Something you know.
Passwords, Pass phrases, PIN, etc..
What is Type 2 Authentication?
Something you have.
Your ID, smartcard, token, cookie, etc.
What is Type 3 Authentication?
Something you are.
fingerprint reader, iris scan, palm print, etc.
What is “Authorization”
Assignment of access to objects.
RBAC, MAC, DAC, etc.
What is the need to know security governance principal?
Even when you have access, if you do not need to know then you should not access the data.
What do “subjects” do?
They are usually users or programs and they manipulate objects.
Who manages security governance?
C-level executives, board of directors, owners, etc.
What is management’s job in security governance?
Implementing standards, policies, and procedures to meet the governance requirements.
What are some examples of governance standards and control frameworks?
PCI-DSS, ISO 27001, HITRUST, COBIT, etc…
What is criminal law?
Society is the victim, Proof must be beyond a reasonable doubt.
What is Civil Law (Tort Law)
Individuals, groups, or organizations are the victims. Proof must be the majority of proof.
What is Administrative Law?
Laws enacted by government bodies. FDA Laws, HIPAA, FAA, etc.
What are Private Regulations?
PCI DSS by the credit card industry
What is real evidence?
Tangible objects (drives, USB drives, etc.)
What is direct evidence?
Testimony from first hand witnesses
What is hearsay?
Not first-hand knowledge. Normally inadmissible
What evidence should you provide to a court first?
Your best evidence. It should be complete, accurate, relevant, and authentic.