Fundamental of security Flashcards

this is test 1

1
Q

what is Information Security

A

Act for protecting data and information from unauthorized access,unlawful modification and disruption,disclosure , and corruption and destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is information System Security

A

Act for protecting the system that holds and process the critical information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

confidentiality

A

Ensure that Information is only accessible by authorized person

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

integrity

A

Ensure that data remain accurate and unaltered unless the modification is required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Availability

A

Ensure that information and resources are accessible and functional when needed by by authorized users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Non-repudiation

A

Guaranteeing that a specific action or event has taken place and cannot be denied by parties involved

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AAA of security

A

Authentication , Authorization , Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Authorization

A

Permissions and privileges granted to users or entities after they have been authenticated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Accounting

A

Act of tracking user activities and resource usage, typically for audit or billing purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Security Controls

A

Measures or mechanisms put in place to mitigate risks and protect the confidentiality , integrity , and availability information system and data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Type of Security Controls

A

Technical , Managerial , Operations , Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Zero Trust

A

Security model that operates on the principle that no one , whether inside or outside the organization, should be trusted by default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Control Plane

A

Consists of adaptive identity, threat scope reduction,policy-driven access control,and secured zones

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Data Plane

A

Focused on the subject / system,policy engine ,
policy administrator , and establish policy enforcement points

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Data Masking

A

Method that involves obscuring
data within a database to make
it inaccessible for unauthorized
users while retaining the real
data’s authenticity and use
for authorize user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Physical Security Measures

A

Used to ensure confidentiality
for physical types of data and for
digital information contained on
servers and workstations

17
Q

Non-repudiation

A

Focused on providing
undeniable proof in
digital transactions

18
Q

Digital Signature

A

Created by first hashing a particular
message or communication to be
digitally signed and encrypting the
hash digest with the user’s private
key using asymmetric encryption

19
Q

Availability === ?

A

Redundancy

20
Q

Non-repudiation

A

Redundancy

21
Q

Authentication

A

Security measure that ensures
individuals or entities are
who they claim to be during a
communication or transaction

22
Q

Preventive Controls

A

Proactive measures implemented to thwart potential security threats or breaches

23
Q

Detective Controls

A

Monitor and alert organizations to malicious activities as they occur or shortly thereafter

24
Q

Corrective Controls

A

Mitigate any potential damage and restore the system to their to normal state

25
Compensating Controls
Alternative measure that are implemented when primary security are not feasible or effective
26
Directive Controls
Often rooted in policy or documentation and set the standards for behavior within an organization
27
Gap analusis
Process of evaluating the difference between an organization's current performance and its desired performance
28