Fundamentals of Security

Question 1

What is CIA triad

Answer 1

Confidentiality - Ensures information is accessible only to authorized personnel
Integrity - Ensures data remains accurate and unaltered
Availability - Ensures information and resources are available when needed.

Question 2

What is CIANA Pentagon

Answer 2

Same as CIA but add:
Non-repudiation - Guarantees that an action or event cannot be denied by the involved parties
Authentication - verifying the identity of a user or system ( e.g. password checks )

Question 3

Triple A’s of Security

Answer 3

Authentication - verifying the identity of a user or system ( e.g. password checks )
Authorization - Determining actions or resources an authenticated user can access ( e.g. permissions)
Accounting - Tracking user activities and resource usage for audit or billing purposes

Question 4

Where threats and vulnerabilities intersect:

Answer 4

• If you have a threat but there is no matching vulnerability to it then you have no risk
• If you have a vulnerability but there’s no threat against it, there would be no risk

Question 5

Technical
Managerial
Operational
Physical, are known as:

Answer 5

Security Control Categories

Question 6

Preventive
Deterrent
Detective
Corrective
Compensating
Directive, are known as:

Answer 6

Security Control Types

Question 7

Control Plane - Adaptive identity, threat scope reduction, policy-driven access control, and secured zones
Data Plane - Subject/System, policy engine, policy administrator, and establishing policy enforcement points

Answer 7

Zero Trust model

Question 8

• Refers to the protection of information from unauthorized access and disclosure.
• Ensure that that private or sensitive information is not available or disclosed to unauthorized individuals, entities, or processes

Answer 8

Confidentiality

Question 9

What is finding different ways to minimize the likelihood of an outcome and achieve the desired outcome?

Answer 9

Risk Management

Question 10

3 main reasons to ensure Confidentiality

Answer 10

To protect personal privacy
To maintain a business advantage
To achieve regulatory compliance

Question 11

5 methods to ensure confidentiality

Answer 11

• Encryption - Process of converting data into a code to prevent unauthorized access
• Access Controls - By setting up strong user permissions, you ensure that only
  authorized personnel can access certain types of data.
• Data Masking - Method that involves obscuring specific data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users.
• Physical Security Measures - Ensure confidentiality for both physical types of data, such as paper records stored in a filing cabinet, and for digital information contained on servers and workstations.
• Training and Awareness - conduct regular training on the security awareness best practices that employees can use to protect their organizations sensitive data.

Question 12

■ Helps ensure that information and data remain accurate and unchanged from its
original state unless intentionally modified by an authorized individual
■ Verifies the accuracy and trustworthiness of data over the entire lifecycle

Answer 12

Integrity

Question 13

Integrity is important for three main reasons?

Answer 13

■ To ensure data accuracy
■ To maintain trust
■ To ensure system operability

Question 14

5 Methods To help us maintain the integrity of our data, systems, and networks, we usually utilize are?

Answer 14

■ Hashing - Process of converting data into a fixed-size value
■ Digital Signatures - Ensure both integrity and authenticity
■ Checksums - Method to verify the integrity of data during transmission
■ Access Controls - Ensure that only authorized individuals can modify data and this reduces the risk of unintentional or malicious alterations
■ Regular Audits - Involve systematically reviewing logs and operations to ensure that onlyauthorized changes have been made, and any discrepancies are immediately addressed.

Question 15

As cybersecurity professionals, we value availability since it can help us with the
following :

Answer 15

■ Ensuring Business Continuity
■ Maintaining Customer Trust
■ Upholding an Organization’s Reputation

Question 16

To overcome the challenges associated with maintaining availability, the best strategy is to use ______________ in your systems and network designs

Answer 16

■ Redundancy - Duplication of critical components or functions of a system with the intention of enhancing its reliability.

Question 17

Various Types of Redundancy you might want to consider are:

Answer 17

■ Server Redundancy - Involves using multiple servers in a load balanced or failover configuration so that if one is overloaded or fails, the other servers can take over the
load to continue supporting your end users
■ Data Redundancy - Involves storing data in multiple places
■ Network Redundancy - Ensures that if one network path fails, the data can travel through another route
■ Power Redundancy - Involves using backup power sources, like generators and UPS system

Question 18

■ Considered to be unique to each user who is operating within the digital domain
■ Created by first hashing a particular message or communication that you want to
digitally sign, and then it encrypts that hash digest with the user’s private key
using asymmetric encryption

Answer 18

Digital Signatures

Question 19

Non-repudiation is important for three main reasons are?

Answer 19

■ To confirm the authenticity of digital transactions
■ To ensure the integrity of critical communications
■ To provide accountability in digital processes

Question 20

■ Security measure that ensures individuals or entities are who they claim to be
during a communication or transaction?

Answer 20

Authentication

Question 21

5 commonly used authentication methods are?

Answer 21

■ Something you know (Knowledge Factor) - Relies on information that a user can Recall
■ Something you have (Possession Factor) - Relies on the user presenting a physical item to authenticate themselves
■ Something you are (Inherence Factor) - Relies on the user providing a unique physical or behavioral characteristic of the person to validate that they are who they claim to be
■ Something you do (Action Factor) - Relies on the user conducting a unique action to prove who they are
■ Somewhere you are (Location Factor) - Relies on the user being in a certain geographic location before access is granted

Question 22

Authentication is critical to understand because of the following:

Answer 22

■ To prevent unauthorized access
■ To protect user data and privacy
■ To ensure that resources are accessed by valid users only

Question 23

Your organization should use a robust accounting system so that you can create the
following :

Answer 23

■ Create an audit trail
■ Maintain regulatory compliance
■ Conduct forensic analysis
■ Perform resource optimization
■ Achieve user accountability

Question 24

To perform accounting, we usually use different technologies like the following:

Answer 24

■ Syslog Servers - Used to aggregate logs from various network devices and systems so that system administrators can analyze them to detect patterns or anomalies
in the organization’s systems
■ Network Analysis Tools - Used to capture and analyze network traffic so that network administrators can gain detailed insights into all the data moving within a
network
■ Security Information and Event Management (SIEM) Systems - Provides us with a real-time analysis of security alerts generated by various hardware and software infrastructure in an organization

Question 25

What are 4 Broad Categories of Security Controls?

Answer 25

■ Technical Controls - Technologies, hardware, and software mechanisms that are implemented to manage and reduce risks
■ Managerial Controls - Sometimes also referred to as administrative controls
and Involve the strategic planning and governance side of security
■ Operational Controls - Procedures and measures that are designed to protect data on a day-to-day basis and are mainly governed by internal processes and human actions
■ Physical Controls - Tangible, real-world measures taken to protect asset

Question 26

6 basic Types of Security Controls are:

Answer 26

Preventive - Firewalls
Deterrent - Signs or banners
Detective - Cameras or IDS ( Intrusion Detection System )
Corrective - Malware
Compensating - Alternative measures like on legacy systems: use WPA2 and a VPN together
Directive
● Guide, inform, or mandate actions
● Often rooted in policy or documentation and set the standards for behavior within an organization

Question 27

Process of evaluating the differences between an organization’s current
performance and its desired performance?

Answer 27

Gap Analysis

Question 28

Basic Types of Gap Analysis are:

Answer 28

■ Technical Gap Analysis
■ Business Gap Analysis
■ Plan of Action and Milestones (POA&M) -
● Outlines the specific measures to address each vulnerability
● Allocate resources
● Set up timelines for each remediation task that is needed

Question 29

● Refers to the overarching framework and set of components responsible
for defining, managing, and enforcing the policies related to user and
system access within an organization
● typically encompasses several key elements
○ Adaptive Identity
■ Relies on real-time validation that takes into account the
user’s behavior, device, location, and more
○ Threat Scope Reduction
■ Limits the users’ access to only what they need for their
work tasks because this reduces the network’s potential
attack surface
■ Focused on minimizing the “blast radius” that could occur
in the event of a breach
○ Policy-Driven Access Control
■ Entails developing, managing, and enforcing user access
policies based on their roles and responsibilities
○ Secured Zones
■ Isolated environments within a network that are designed
to house sensitive data

Answer 29

Control Plane ( Zero Trust )

Question 30

● Ensures the policies are properly executed
● Consists of the following
○ Subject/System
■ Refers to the individual or entity attempting to gain access
○ Policy Engine
■ Cross-references the access request with its predefined
policies
○ Policy Administrator
■ Used to establish and manage the access policies
○ Policy Enforcement Point
■ Where the decision to grant or deny access is actually
execute

Answer 30

Data Plane ( Zero Trust )`