Fundamentals of Security Flashcards
Understanding Chapter 1 of security+ study material
What is information Security
Act of protecting data from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction.
What is CIANA?
Confidentiality
integrity
Availability
Non-Repudiation
Authentication
What is Information System Security
Act of protecting the systems that hold and process critical data.
What is confidentiality
Ensuring that data is only available to those with the proper authorization.
What is Integrity
Ensuring the accuracy and trustworthiness of data over it’s entire lifecycle
What is Availability
Ensuring that data and resources are accessible and functional when needed by authorized users
What is Non-Repudiation
The guarantee that a specific action or event has taken place and cannot be denied by the parties involved.
What is Authentication
The process of verifying the identity of a user or system.
What is AAA?
Authentication
Authorization
Accounting
What is Authorization?
Defining what actions or resources a user can use/perform.
What is Accounting?
Act of tracking user activities and resource usage, typically for audit or billing purposes.
What are Security Controls?
Measures or mechanisms put in place to mitigate risks and protect the Confidentiality, Integrity, and Availability of information systems and data.
What is Zero Trust?
Security model that operates on the idea of trust no one and verify everything
What are the components of Zero Trust?
Control Plane and Data Plane
What is a Control Plane?
Responsible for making decisions about how data should be forwarded within a network
What is a Data Plane?
Responsible for the actual forwarding of data packets based on the decisions made by the control plane
What is a Threat?
Anything that could cause harm, loss damage, or compromise to information technology systems.
What is a Vulnerability
Any weakness in the system design or implementation.