Fundamentals Flashcards

1
Q

Information Security

A

Protects the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Information Systems Security

A

Protects the devices that holds and process the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Threat

A

Anything that could cause harm, loss, damage, or compromise to IT systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Threat incidents

A
  • Natural disasters
  • Cyber-attacks
  • Data integrity breaches
  • Disclosure of confidential information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Vulnerabilities examples

A
  • Software bugs
  • Misconfigured software
  • Improperly protected network devices
  • Missing security patches
  • Lack of physical security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Vulnerability

A

Any weakness in the system design or implementation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Threat x Vulnerabilities

  • ______ are originated from external sources and cannot be controlled.
A
  • THREATS are originated from external sources and cannot be controlled.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Threat + No Vulnerability = Is there any risk?

A

No Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Vulnerability + No Threat = Is there any risk?

A

No Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Vulnerability + Threat = Is there any risk?

A

Yes! There are some risk envolved.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Think about daily analogies for Threats and Vulnerabilites.

A

While going from home to job…
You car can break in the middle of way = lack of maintenance [VULNERABILITY]
Another driver can cause an accident = Another driver dangerous driving [THREAT]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

CIA Triad

A

C - Confidentiality
I - Integrity
A - Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

2 new elements to CIA triad making it a pentagon

A

N - Non-repudiation
A - Authentication
CIANA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Ensures that information is only accessible to those with the appropriate authorization. (Ex: encryption)

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Ensures the data remains accurate and unaltered unless modification is required. (Ex: checksums, hashing)

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Ensures that information resources are accessible and functional when needed by authorized users. (ex: website up and running all the time regardless the traffic it’s receiving.)

A

Availability

17
Q

Guaranteeing that specific action or event has taken place and cannot be denied by the parties involved. (Ex: A digitally signed email. That’s going to ensure that I cannot deny sending you that particular message because my digital signature is attached to it)

A

Non-repudiation

18
Q

Process of verifying the identity of a user or system.

A

Authentication

19
Q

Threats x Vulnerabilities

  • ___________ can be controlled by mitigating, transferring, avoiding or accepting the risk.
A

VULNERABILITIES

20
Q

Threats x Vulnerabilities

  • Intersection of threats and vulnerabilities is where the ______ to enterprise systems and networks lies
A

Intersection of threats and vulnerabilities is where the RISK to enterprise systems and networks lies