Domain 2 Flashcards
What is the purpose of authentication?
Verify identity
Authentication is the process of confirming a user’s identity before granting access to resources.
What does authorization entail?
Granting access to resources
Authorization determines what resources a user can access after their identity has been authenticated.
What is the focus of accounting in security?
Tracking user activities
Accounting involves monitoring and recording user actions to ensure compliance and detect anomalies.
What does the CIA Triad stand for?
Confidentiality, Integrity, Availability
The CIA Triad is a model designed to guide policies for information security.
What is meant by confidentiality in the context of the CIA Triad?
Ensuring Data Privacy
Confidentiality involves protecting information from unauthorized access and disclosure.
Define integrity as part of the CIA Triad.
Maintaining data accuracy
Integrity ensures that data is accurate and unaltered, except by authorized users.
What does availability refer to in the CIA Triad?
Ensuring data is accessible when needed
Availability ensures that authorized users have access to data and resources when required.
What methods can be used to ensure confidentiality?
- Encryption
- Access Control Lists (ACLs)
These methods help protect sensitive information from unauthorized access.
How is integrity typically ensured?
Hashing (Storing the hash to verify the file)
Hashing generates a unique value for data that can be used to verify its integrity over time.
What is non-repudiation?
Preventing denial of actions
Non-repudiation ensures that a user cannot deny having sent a message or performed an action.
What is the purpose of honeypots in security?
Distracting attackers with decoy systems
Honeypots are traps set to lure attackers away from valuable resources.
What technology do proximity readers use for access control?
RFID technology
Proximity readers utilize Radio-Frequency Identification (RFID) to allow or deny access based on proximity.
