Domain 1.1-1.2 Flashcards

1
Q

control categories

A

technical
managerial
operational
physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

technical controls

A

controls implemented by systems. Fire wall, anti-virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

managerial controls

A

adminstrative controls associated with security design and implementation

security policies and standard operating procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

operational controls

A

controls implemented by people instead of systems

example: security guards, employee training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

physical controls

A

limit physical access

ex: guard shack, fences, locks, badge readers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

first 3 control types

A
  1. Preventive control type- you shall not pass think about how it applieds to each category of control TMOP.
  2. Deterrent- Discourage an intrusion attempt, does not directly prevent access
  3. Detective- Identify and log an intrusion attempt, may not prevent access.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

second 3 control types

A
  1. Corrective- Apply a control after an event has been detected, reverse the impact of an event, continue operating with minimal downtime.
  2. Compensating (temporary fixes)- control using other means because existing controls aren’t sufficient
  3. Directive- direct a subject towards security compliance. This is the weakest security control because it leaves decision in the hands of the subject.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

non-repudiation

A

provides proof of the origin, authenticity and integrity of data

can’t deny what youve said, no taking it back.
uses digital signature to verify proof of origin. digital signature adds to non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AAA

A

Authentication- prove you are who you say you are

Authorization- determines your access rights. what info do you have the right to see

Accounting- Resources used: login time, data sent received etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

how to authenticate Systems

A

you authenticate a system by putting a digitally signed certificate on the device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CA

A

certificate authority, organizations usually maintain their own so they can digitally sign.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does no authorization model mean?

A

you have to give access to each individual every time they need access to resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Authorization models

A

defining by roles.
Add Abstraction- clear relationship between the user and resource. Give rights to the role not an individual then assign people to those roles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Gap analysis

A

Where you are vs where you want to be. Needs a lot of research usually.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

planes of operations

A

data plane- part of device performing security process

control plane- manages data plane, defines policies and rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Adaptive identity

A

apply security controls based on multiple sources. such as where request is coming from

17
Q

threat scope reduction

A

decrease the # of entry points

18
Q

policy driven access control

A

combine adaptive identity with predefined set of rules

19
Q

policy administrator

A

talks to PEP. Tells PEP to allow or deny access. Generate access tokens or credentials

20
Q

policy engine

A

evaluates each access decision based on policy and other info sources

21
Q

policy enforcement point (PEP)

A

gatekeeper, all traffic has to pass through PEP

22
Q

Policy decision point (PDP)

A

process of making and authentication decision

23
Q

implicit trust zone

A

there is trusted and untrusted zones. If someone is coming from untrusted to internal they wouldnt be allowed.
If they come from trusted to internal they would be implicitly allowed or implied.

24
Q

subject/system

A

end users/ applications, non human entities

25
Q

bollard

A
26
Q

fencing

A

a fence around the area

27
Q

lighting

A

add more light no darkness

28
Q

sensors

A

infared- detects infared radiation in light and dark (good for motion detection)
pressure- detects pressure change
microwave-detects movement across large areas
ultrasonic- send signal and receive reflected sound waves, good for motion detection

29
Q

cctv

A

closed circuit tv for video surveillance

30
Q

honeyfile

A

file with fake info. alert is sent if file is accessed

31
Q

honeytokens

A

allow administrators to identify who it was stolen from or how it was leaked

32
Q

whats purpose of security controls

A

Prevent security events, minimize the impact, and limit the damage