Fundamentals of Security Flashcards
What is the differences between information security and information system security?
Information security refers to protecting actual data and
Information system security refers to protecting the actual devices/ systems that store data.
What are the 4 main types of security controls?
Managerial control/ Administrative controls -
Technical controls -
Operational controls -
Physical controls -
Give me few examples of techniques to keep data confidential.
- Encryption
- Implementing access controls
- Data masking
- tokenization
- User training and awareness
- Implementing physical controls to block unauthorized access
How we can maintain integrity of data?
- using hashing algorithms
- checksum
- reviewing logs
- Digital signatures
- Access controls
What is non-repudiation and it’s concept is achieved?
It refers to the concept that if someone has taken some action, they cannot deny it.
In email communication, it is ensured using Digital Signatures.
What are different ways to authenticate someone? What are its factors?
- Something you know - like a password or pincode. Or it could be KBA (Knowledge based authentication like answering security questions)
- Something you have -
Like having a access card, or
using token fob/key token - Something you are - involves biometrics
Define something you have authentication factor.
- We might have a access card. Access card uses NFC or RFID (Radio Frequency Identification) technology in them. Normally these cards have a microchip in them that has a certificate with a private key.
- We may also use key fob/token fob.
Note there is a software implementation of key fob as well. Two open source protocols are available to implement software key-fob technology.
1st is HOTP (Hash based one time password)
2nd is TOPT (Time based one time password)
What technologies/tools we can use to implement accounting in our networks?
Syslog servers
SIEM - Security Incident and Event Management tool
Network Protocol analyzers
Define technical controls.
There are the controls are implemented once like implementing ACLs in firewalls, and they will do their work automatically after.
Define Managerial or Administrative controls.
Managerial controls are administrative in nature. It involves strategic planning and governance side of security.
Like planning the incident response plans, or making security policies, procedures and guidelines.
What are operational controls?
Operational controls are related to day-to-day activities and it involves human participation.
Ex - employees following clean-desk policy or making sure that their LAN password length is at-least 12 characters long.
Other examples of operational controls are back-up procedures, Account reviews, user training programs
What are the different types of security controls?
Preventative controls
Detective controls
Deterrent controls
Corrective controls
Compensating controls
Directive controls
What is the use of compensative controls?
Compensative controls are used where primary control mechanisms fail or are not effective.
What is GAP analysis and what are different steps involved in it?
Gap analysis refers to the process of finding differences between the organizations current state and its desired state.
It involves following steps -
- Finding the scope of the GAP analysis
- Evaluating/analyzing the current state of the organization as per defined-scope
- Finding out the gaps between the current state and the desired state/goal
- Developing a plan to bridge the gap
What are 2 types of GAP analysis?
Technical GAP analysis
Business GAP analysis
What is the concept of Zero trust?
Todays networks are decentralized. So companies goal is to implement the zero trust in their organization.
It demand the verification of every device, user and transaction within the network, regardless of its origin.
What is a common goal of fault tolerance and redundancy techniques?
To remove the SPOF (Single Point Of Failure)
Define hping command.
Hping is command is used in linux (SAYAD).
With hping command, we can send message using TCP, UDP, and ICMP protocol.
Define ifconfig command
This command is used in Linux to see the TCP/IP suite information.
Command is
ifconfig eth0 promisc
What do we use netstat command for?
netstat command is used to see TCP/IP connections.
To get more information about it, use :
netstat /? -> In windows
What do we use tracert command for?
tracert command is used to find the path that a packet takes to reach it destination.
This command is used in Windows and gives use the IP address of each hop in the packet path.
Linux equivalent command is traceroute
What is pathping command?
Pathping command is combination of ping and tracert
Define journalctl command.
This command is used to get the log entries that journald protocol has collected from different sources.
What are some of the connection states of netstat command?
Close_WAIT -> Waiting for a connection termination request
Time_WAIT -> This indicates the system is waiting for enough time to pass to be sure the remote system received a TCP-based acknowledgement of the connection.
SYN_SENT -
SYN_Received -