Fundamentals Flashcards

1
Q

Information Security

A

Protects the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Information Systems Security

A

Protects the devices that holds and process the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Threat

A

Anything that could cause harm, loss, damage, or compromise to IT systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Threats incidents

A
  • Natural disasters
  • Cyber-attacks
  • Data integrity breaches
  • Disclosure of confidential information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Vulnerabilities examples

A
  • Software bugs
  • Misconfigured software
  • Improperly protected network devices
  • Missing security patches
  • Lack of physical security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Vulnerability

A

Any weakness in the system design or implementation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Threat x Vulnerability

A
  • Threats are originated from external sources and cannot be controlled.
  • Vulnerabilities can be controlled by mitigating, transferring, avoiding or accepting the risk.

Intersection of threats and vulnerabilities is where the risk to enterprise systems and networks lies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Threat + No Vulnerability = Is there any risk?

A

No Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Vulnerability + No Threat = Is there any risk?

A

No Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Vulnerability + Threat = Is there any risk?

A

Yes! There are some risk envolved.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Think about daily analogies for Threats and Vulnerabilites.

A

While going from home to job…
You car can break in the middle of way = lack of maintenance [VULNERABILITY]
Another driver can cause an accident = Another driver dangerous driving [THREAT]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

CIA Triad

A

C - Confidentiality
I - Integrity
A - Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

2 new elements to CIA triad making it a pentagon

A

N - Non-repudiation
A - Authentication
CIANA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Ensures that information is only accessible to those with the appropriate authorization. (Ex: encryption)

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Ensures the data remains accurate and unaltered unless modification is required. (Ex: checksums, hashing)

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Ensures that information resources are accessible and functional when needed by authorized users. (ex: website up and running all the time regardless the traffic it’s receiving.)

A

Availability

17
Q

Guaranteeing that specific action or event has taken place and cannot be denied by the parties involved. (Ex: A digitally signed email. That’s going to ensure that I cannot deny sending you that particular message because my digital signature is attached to it)

A

Non-repudiation

18
Q

Process of verifying the identity of a user or system.

A

Authentication