Explaining Common Security Concepts

Question 1

Three principles of security control and management. Also know. As the information security triad. Also referred to in reverse order as the AIC triad

Answer 1

CIA triad

Question 2

Weakness that could be triggered accidentally or exploited intentionally to cause a security breach

Answer 2

Vulnerability

Question 3

Potential for an entity to except use a vulnerability that is to breach security.

Answer 3

Threat

Question 4

Likelihood and impact (or consequence) of a threat actor exercising a vulnerability

Answer 4

Risk

Question 5

Process for verifying compliance with a health policy by using host health checks.

Answer 5

Posture assessment

Question 6

Business or organizational activity that is too critical to be deferred for anything more than a few hours if at all

Answer 6

Mission essential function (MEF)

Question 7

Systematic activity that identifies organizational risks and determines their effect on ongoing, mission critical operations. Also called process assessment.

Answer 7

Business Impact Analysis (BIA)

Question 8

Specific method by which malware code infects a target host, often via some vulnerability in a software process.

Answer 8

Exploit

Question 9

Vulnerability in software that is unpatched by the developer or an attack that exploits such a vulnerability

Answer 9

Zero-day

Question 10

Evaluation of a systems security and ability to meet compliance requirements based on the configuration state of the system, as represented by information collected from the system. Also called vulnerability testing.

Answer 10

Vulnerability assessment

Question 11

Scheme for identifying vulnerabilities developed by MITRE and adopted by NIST

Answer 11

Common vulnerabilities and exposures (CVE)

Question 12

Solution that provides real-time or near-real-time analysis or security alerts generated by network hardware and applications

Answer 12

Security Information and Event Management (SIEM)

Question 13

Test that uses active memory oils and security utilities to evaluate security by simulating an attack on a system. A pen test will verify that a threat exists then will actively test and bypass security controls and will finally exploit vulnerabilities on the system.

Answer 13

Penetration testing

Question 14

Basic principle of security stating that something should be allocated the minimum necessary rights, privileges or information to perform its role.

Answer 14

Least privilege

Question 15

Access control model where resources are protected by ACLs that are managed by administrators and that provide user permissions based on job functions

Answer 15

Role based access

Question 16

Security design paradigm where any request (host to host or container to container) must be authenticated before being allowed.

Answer 16

Zero trust

Question 17

Policies and procedures to identify vulnerabilities and ensure security of the supply chain.

Answer 17

Vendor management

Question 18

Collection of access control entries (ACEs) for hat determines which subjects (user accounts, host IPs, and so on) are allowed or denied access to the object and the privileges given (read only, read/write, and so on)

Answer 18

Access control list (ACL)

Question 19

Security process that provides identification, authentication and authorization mechanisms for users, computers, and other entities to work with organizational assets like networks, operating systems and applications.

Answer 19

Identity and access management (IAM)

Question 20

Authentication scheme that requires the user to present at least two different factors as credentials from: something you know, something you have, something you are, something you do and somewhere you are. Specifying two factors is known as 2FA.

Answer 20

Multifactor

Question 21

OS subsystem that authenticates users when they attempt to start a shell on the host.

Answer 21

Local authentication

Question 22

Function that converts an arbitrary length string input to a fixed length string output. A cryptographic hash function does this in a way that reduces the chance of collisions where two different inputs produce the same output. Also called message digest or cryptographic hash.

Answer 22

Hashing

Question 23

Authentication technology that enables a user to authenticate once and receive authorizations for multiple services.

Answer 23

Single sign on (SSO)

Question 24

Single sign on authentication and authorization service that is based on a time sensitive ticket granting system.

Answer 24

Kerberos

Question 25

Identification and authentication information presented in the X.509 format and issued by a CertificateAuthority (CA) as a guarantee that a key pair (as identified by the public key embedded in the certificate) is valid for a particular subject (user or host).

Answer 25

Digital certificate

Question 26

Framework of certificate authorities, digital certificates, software, services and other cryptographic components deployed for the purpose of validating subject identities.

Answer 26

Public key infrastructure (PKI)

Question 27

Framework for negotiating authentication methods that enables systems to use hardware-based identifiers such as fingerprint scanners or smart card teasers for authentication and establish secure tunnels through which to submit credentials.

Answer 27

Extensible authentication protocol (EAP)

Question 28

Standard for encapsulating EAP communications over a LAN (EAPoL) to implement port-based authentication.

Answer 28

IEEE 802.1X Port-based Network Access Control (NAC)

Question 29

AAA protocol used to manage remote and wireless authentication infrastructures

Answer 29

Remote Authentication Dial in User Services (RADIUS)

Question 30

AAA protocol developed by Cisco that is often used to authenticate to administrator accounts for network appliance management.

Answer 30

Terminal Access Controller Access Control System (TACACS+)

Question 31

Network protocol used to access network directory databases which store information about authorized users and their privileges as well as other organizational information.

Answer 31

Lightweight Directory Access Protocol (LDAP)