Domain 1 : Security & Risk Management Flashcards

1
Q

Name the three types of security evaluations & briefly discuss what each type achieves?

A

Risk assessment, vulnerability assessment & PEN testing. Risk assessment is the process of identifying assets, threats, & vulnerabilities & using that information to calculate risk; vulnerability assessments use automated tools to locate security weaknesses and the results are used to add more defenses or adjust existing protections; PEN testing uses trusted 3rd party firms or individuals to stress-test the security infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the CIA Triad ?

A

CIA = confidentiality, integrity, & availability which are the three primary goals of security infrastructure.
Security controls usually evaluated on how well they address the three core tenets (CIA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the five (5) categories of AAA Services core security mechanism & briefly describe the meaning of each area?

A

Identification, authentication, authorization, auditing, & accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name and discuss the concept of the four (4) protection mechanisms in cybersecurity (pp.11-13 CISSP text)

A

Defense in depth (layering) (meaning: use of multiple controls in a series:
use layering in series vs in parallel

Abstraction : used to create efficiencies by placing similar elements in to groups, classes, or roles to be assigned security controls,

Data hiding: exactly what it sounds like in cybersecurity

Encryption: in cyber security is the conversion of data from a readable format into an encoded format. Encrypted data can only be read or processed after it’s been decrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the FAIR methodology?

A

FAIR stands for Factor Analysis of Information Risk and is a methodology of assessing security risk using quantitative analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly