Finals Flashcards

1
Q

What is Information Security?

A

Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

What are Information Assets

A

Information assets are valuable data in various forms, including physical and digital
items.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are Information Assets Examples

A

Paper documents
digital files
databases
passwords
encryption keys
software
source code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the 2 Levels of Security

A

Balance: Security implementation should balance protection with productivity.
Considerations: Evaluate security level based on asset value and acceptable performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the CIA Triad

A

Confidentiality: Protecting data from unauthorized access

Integrity: Preventing unauthorized or undesirable changes to data.

Availability: Ensuring access to data when needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is International Information Security Standard: ISO/IEC 27001

A

Definition: International standard for information security management systems (ISMS).
Objective: Manage information security by addressing people, processes, and technology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

List the 3 types of Security Controls

A

Preventive
Detective
Corrective
Definition: Measures to mitigate risk and protect against threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the 3 types of Security Threats?

A

Abusers and Misusers: Unauthorized use or misuse of privileges.
- Accidental Occurrences: Employee actions causing damage or data loss.
- Natural Physical Forces: Environmental threats like earthquakes, floods, and fire.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the Parkerian Hexad

A

Confidentiality
Possession: Physical control of data medium
Integrity
Authenticity: Proper attribution of data ownership.
Availability
Utility: How useful the data is to the owner.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Organizations must adhere to industry-specific regulations such as these 3:

A

PCI-DSS
HIPAA
FERPA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Social Engineering

A

Social engineering involves manipulating individuals to divulge confidential information, often
targeting passwords, and bank details, or attempting to install malicious software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How to prevent Social Engineering

A

Awareness Training:
Regularly educate users about social engineering tactics and how to recognize and resist
such attempts.

Acceptable Use Threshold:
Define clear boundaries for the use of personal equipment, typically restricted to the
organization’s guest network rather than the production network.

Security Measures:
Communicate the importance of maintaining security when using personal devices, including
adherence to organizational policies.

Clean Desk Policy:
Emphasize the importance of not leaving sensitive information on desks when unattended for
extended periods.

Data Handling in All Forms:
Reinforce the message that data security extends beyond electronic files and should be
considered for physical documents as well.

Recurring Training:
Regular, ongoing training sessions to reinforce security principles and keep users informed
about evolving threats.

User Accountability:
Encourage a sense of accountability among users for safeguarding information and following
security protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is
Identification
Authentication
Authorization
Verification
in Information Security

A

Identification: a means of proving a person’s identity, especially in the form of official papers.

Authentication: Authentication is the process of verifying a claim of identity as true.

Authorization: The process of giving someone the ability to access a resource

Verification: Confirming the identity claim.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

List the 5 Authentication Factors: (something…)

A
  1. Something You Know:
    Definition: Uses information that a person can remember.
    Examples:
    - Passwords
    - PINs
    - Passphrases
    - Strength: Relatively common but can be weak if exposed.
  2. Something You Are:
    Definition: Relies on unique physical attributes, often referred to as biometrics.
    Examples:
    - Fingerprints
    - Iris
    - Retina patterns
    - Facial Characteristics
    - Strength: Stronger due to the uniqueness of physical attributes.
  3. Something You Have:
    Definition: Based on physical possession of an item or device.
    - Examples:
    -Key
    - Cards
    - Phones
    - Strength: Physical possession provides a level of security.
  4. Something You Do:
    Definition: Based on the actions or behaviors of an individual.
    - Examples:
    - Individual’s manner of walking.
    - Individual’s handwriting
    -Signature
    - Delay between keystrokes when typing a phrase
    - Strength: Offers strong authentication but may lead to false negatives.
  5. Where You Are Located:
    Definition: A geographically based authentication factor.
    Method: Authentication depends on the person being physically present at specific locations.
    Example: Servers accessible only from the server room.
    Strength: Difficult to counter without subverting the authentication system or gaining physical
    access.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

List the 10 Network Security Devices and Tools

A
  1. Access Control:
    Definition: Regulates who or what can view or use resources in a computer system.
    Tools: Firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS),
    Identity and Access Management (IAM) systems.
  2. Antivirus and Anti-Malware Software:
    Definition: Detects and removes malicious software, preventing it from compromising
    systems.
    Tools: ESET, BitDefender, Windows Defender.
  3. Application Security:
    Definition: Focuses on securing software applications from threats during development and
    runtime.
    Tools: Static Application Security Testing (SAST), Dynamic Application Security Testing
    (DAST), Web Application Firewalls (WAF).
  4. Data Loss Prevention (DLP):
    Definition: Monitors, detects, and prevents unauthorized data exfiltration. (Data Theft)
    Tools: Symantec Data Loss Prevention, McAfee Total Protection for Data Loss Prevention,
    Digital Guardian.
  5. Distributed Denial of Service (DDoS) Prevention:
    Definition: Mitigates DDoS attacks by protecting against overwhelming traffic.
    Tools: Cloudflare, Akamai, Arbor Networks.
  6. Email Security:
    Definition: Protects against email-borne threats, including phishing and malware.
    Tools: Cisco Email Security, Proofpoint, Microsoft 365 Defender.
  7. Firewalls:
    Definition: Controls and monitors incoming and outgoing network traffic based on
    predetermined security rules.
    Tools: Cisco ASA, Palo Alto Networks, Check Point, pfSense (open-source firewall).
  8. Mobile Device Security:
    Definition: Secures mobile devices and the data they contain from various threats.
    Tools: Mobile Device Management (MDM) solutions, Mobile Threat Defense (MTD)
    solutions.
  9. Web Security:
    Definition: Protects against web-based threats, including malicious websites and attacks
    targeting web applications.
    Tools: Secure Web Gateways (SWG), Web Application Firewalls (WAF), Cisco Umbrella.
  10. Virtual Private Networks (VPNs):
    Definition: Provides secure and encrypted communication over a public network.
    Tools: OpenVPN, Cisco AnyConnect, NordVPN, ExpressVPN.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the Biometrics Enrollment Process

A

Record chosen biometric characteristics (e.g., fingerprint).
Process the characteristic, noting specific parts for matching.

16
Q

What are the 7 Characteristics of Biometrics

A
  1. Universality: The chosen characteristic should be present in the majority of enrolled
    individuals.
  2. Uniqueness: Measures how unique a characteristic is among individuals.
  3. Permanence: Examines how well a characteristic resists change over time.
  4. Collectability: Determines how easy it is to acquire a characteristic for authentication.
  5. Performance: Metrics assessing system speed, accuracy, and error rate.
  6. Acceptability: Measures how acceptable a characteristic is to system users.
  7. Circumvention: Examines the ease with which a system can be tricked by a falsified
    biometric identifier.
17
Q

What are the 2 Measuring Performance methods:
(passwords)

A

False Acceptance Rate (FAR): Accepting a user whom the system should have rejected (false
positive).
False Rejection Rate (FRR): Rejecting a legitimate user whom the system should have
accepted (false negative).

18
Q

What is Operational Security?

A

Operational Security is a comprehensive process aimed at preserving the confidentiality,
integrity, and availability of sensitive information.

Protecting info assets.

19
Q

What are the 5 Operational Security steps:

A
  1. Identification of Critical Information:

Recognizing pivotal information that is central to the functioning of an entity, such as trade
secrets, source code, or strategic plans. (Info Assets)

  1. Analysis of Threats:

Evaluating potential harm or financial consequences arising from the exposure of critical
information, considering threats from competitors or malicious actors.

  1. Analysis of Vulnerabilities:

Identifying weaknesses in the protective measures for information assets, such as
inadequate controls on access or handling procedures.

  1. Assessment of Risks:

Determining the actual concerns during the OpSec process by assessing the alignment of
identified threats with vulnerabilities. Risk is recognized when a matching threat and
vulnerability are present.

  1. Application of Counter-Measures:

Implementing measures to mitigate identified risks. For instance, strengthening controls on
access and introducing policies for the proper handling of critical information, as seen in the
example of securing source code from unauthorized exposure.

20
Q

What is Defense in Depth

A

Definition:
Multilayered defense strategy to ensure protection even if one layer fails.
Layers: Varied based on the situation, and may include physical, logical, and administrative
controls.

21
Q

What are the 3 Defense in Depth Controls

A

Physical Controls
Administrative Controls:
Technical (Logical) Controls:
Definition: Protect systems, networks, and environments logically.
- Examples: Passwords, encryption, access controls, firewalls, intrusion detection systems.

22
Q

What is Physical Controls

A

Definition: Protect the physical environment and control access.

23
Q

What is Physical Controls examples

A

Examples: Fences, locks, guards, heating/air conditioning systems.

24
Q

What is Administrative Controls

A

Definition: Rules, laws, policies, procedures, guidelines.

25
Q

What is Administrative Controls examples

A

Example: Security policies, user behavior guidelines.

26
Q

What is Technical (Logical) Controls

A

Definition: Protect systems, networks, and environments logically.

27
Q

What is Technical (Logical) Controls examples

A

Examples: Passwords, encryption, access controls, firewalls, intrusion detection systems.