Exam #1 Flashcards
Confidentiality
Only authorized individuals can access confidential information
Integrity
Information remains accurate and complete, has not been tampered with or modified in any way
Availability
Authorized users have timely and reliable access to information and systems when needed
Examples of Confidentiality
Access control lists (ACL), encryption, data masking
Examples of Integrity
Checksums, hashing, digital signatures, versioning systems
Examples of Availability
Disaster recovery plans, redundancy, performance monitoring
Digital forensics
The application of scientific principles to provide assurance in what has and has not happened on a computer system
Authenticating people
Verifying identity to ensure they are who they say they are
Authenticating systems
Verifying the identity of a device, computer, or applications to ensure it is authorized to access resources or communicate with other systems
Authorization models
Define the rules and policies of who can access specific resources and perform specific actions within a system
Examples of authorization models
ACL, RBAC, ABAC, RuBAC, MAC
Rainbow Table
A precalculated series of hashes using known algorithms commonly used for cracking passwords
Hash
- One-way algorithm
- Application-specific
- Fixed size
- Chain
Accounting
Tracking user activities for audit and security purposes
