Fundamentals Of Security

Question 1

Information Security

Answer 1

The act of protecting the data from unauthorized access, modification, corruption and desctruction

Question 2

Information Systems Security

Answer 2

The act of protecting the systems that hold the data we want to protect

Question 3

CIA triad

Answer 3

The three pillars of security

• Confidentiality
• Integrity
• Availability

Question 4

CIANA Pentagon

Answer 4

Modern, expanded version of the CIA Triad

-Confidentiality
- Integrity
- Availability
- Non Repudiation
- Authentication

Question 5

Threat

Answer 5

Anything that negatively impact our information technology systems

Question 6

Vulnerability

Answer 6

Any weakness in the system design or implementation

Question 7

Risk Management

Answer 7

Finding ways to minimize the likelihood of a negative outcome and achieve a positive outcome

Question 8

Confidentiality

Answer 8

Protecting information from unauthorized access and disclosure

Question 9

Why is Confidentiality Important?

Answer 9

• To protect personal privacy
• To maintain business advantage
• To achieve regulatory compliance

Question 10

What are the basic methods of maintaining Confidentiality?

Answer 10

• Encryption
• Access Controls
• Data Masking
• Physical Security Measures
• Training & Awareness

Question 11

Integrity

Answer 11

Ensures that that information and data remain accurate and unaltered unless intentionally modified

Question 12

Why is Integrity important?

Answer 12

• To ensure data accuracy
• To maintain trust
• To ensure system operability

Question 13

What are the methods of maintaining Integrity?

Answer 13

• Hashing
• Digital Signatures
• Checksums
• Access Controls
• Regular Audits

Question 14

Availability

Answer 14

Ensuring that information, systems and resources are accessible and operational when needed

Question 15

Why is Availability important?

Answer 15

• Ensuring business continuity
• Maintaining customer trust
• Upholding an Organization’s reputation

Question 16

What are the basic methods of maintaining Availability?

Answer 16

• Redundancy

Question 17

Non-repudiation

Answer 17

Ensuring that individuals and entities involved in a transaction cannot deny their participation or authenticity of their actions

Question 18

What are the basic methods of achieving Non-repudiation?

Answer 18

Digital Signatures

Question 19

Authentication

Answer 19

Security measure that ensure individuals or entities are who they say they claim to be

Question 20

What are the common authentication methods?

Answer 20

• Something you know (knowledge factor)
• Something you have (possession factor)
• Something you are (inherence factor)
• Something you do (action factor)
• Somewhere you are (location factor)

Question 21

MFA

Answer 21

Multi-Factor Authentication

Requiring multiple, different, authentication factors

Question 22

Authorization

Answer 22

The permissions and privileges granted to users and entities after they have been authenticated

Question 23

Why are authorization mechanisms important?

Answer 23

• To protect sensitive data
• To maintain system integrity
• To create a more streamlined user experience

Question 24

Accounting

Answer 24

Security measure that ensures that all activities during a transaction are properly tracked and recorded

Question 25

Why do you need Accounting?

Answer 25

- Create and audit trail - Maintain regulatory compliance - Conduct forensic analysis - Perform resource optimization - Achieve user accountability

Question 26

What technologies do you use to perform Accounting?

Answer 26

- Syslog servers - Network analysis tools - SIEMs

Question 27

Security Control Categories

Answer 27

Four broad categories - Technical controls - Managerial controls (or administrative) - Operational controls - Physical controls

Question 28

Technical Controls

Answer 28

Category of Security Controls focusing on technological systems implemented to manage and reduce risk

Question 29

Managerial Controls

Answer 29

(Or administrative controls) Category con Security Controls based on strategic planning and governance

Question 30

Operational Controls

Answer 30

Category of Security Control procedures and processes, usually focused on how work is performed

Question 31

Physical Controls

Answer 31

Category of Security Controls which cover real world measures taken to protect assets and information

Question 32

Security Control Types

Answer 32

Controls can be of multiple types - Preventative Controls - Deterrent Controls - Detective Controls - Corrective Controls - Compensating Controls - Directive Controls

Question 33

Preventative Controls

Answer 33

A proactive type of Security Control implemented to thwart threats and breaches. Examples would include firewalls

Question 34

Deterrent Controls

Answer 34

A type of Security Control designed to discourage potential attackers. Examples include warning signs

Question 35

Detective Controls

Answer 35

A type of Security Control which monitors and alerts when malicious activity happens. Security cameras and syslog servers would be examples

Question 36

Corrective Controls

Answer 36

A type of Security Control designed to mitigate damage and restore normal operations

Question 37

Compensating Controls

Answer 37

A type of Security Control implemented as an alternative when primary controls are not feasible or effective

Question 38

Directive Controls

Answer 38

A type of Security Control intended to Guide and inform. Often policy or documentation related to

Question 39

Gap Analysis

Answer 39

The process of evaluating the differences between an organizations current performance/state and what is desired

Question 40

What are the basic steps of performing a Gap Analysis?

Answer 40

1. Define the scope of the analysis 2. Gather data on the current state of the organization 3. Analyze the data to identify where there is a difference between the desired goal and current state 4. Develop a plan to bridge the gap

Question 41

What are the basic types of Gap Analysis?

Answer 41

- Technical Gap Analysis - Business Gap Analysis

Question 42

Zero Trust

Answer 42

A security theory focused on avoiding relying on perimeter defense and relying more on verifying every device, user and transaction, regardless of origin

Question 43

What are the two planes associated with Zero Trust?

Answer 43

- Control Plane - Data Plane

Question 44

Control Plane

Answer 44

One of the two planes of Zero Trust, referring to the overarching framework and set of components responsible for defining, managing and enforcing policies related to system and user access. Key elements are… - Adaptive Identity - real time verification of an entity’s identity - Threat Scope reduction - limits access to only what the entity requires to accomplish their needs - Policy Driven Access Control - developing and maintains Role based Access Controls - Secured Zones - isolated sections of an environment designed to house sensitive data

Question 45

Data Plane

Answer 45

One of the two planes of Zero Trust. Focused on ensuring that policies are properly executed. Key components include… - Subject/System - the entity attempting to gain access - Policy Engine - Cross references access requests with predefined policies - Policy Administrator - Used to establish and manage the policies - Policy Enforcement Point - Where the decision to grant or deny access happens