Fundamentals of Security Flashcards

1
Q

What is information systems security

A

Act of protecting the systems that hold and process the critical data, or the deices that hold the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is information security

A

Act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the CIA triad?

A

Confidentiality, Integrity, Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is confidentiality

A

Ensures that info is only accessible to those with appropriate authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is integrity

A

ensures that data remains accurate and unaltered unless modification is required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is availibility?

A

Ensures that information and resources are accessible and functional when needed by authorized users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Non repudiation

A

Guarantees that a specific action or event has taken place and cannot be denied by the parties involved . IE, digitally signing email

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Define authentication

A

Process of verifying the identity of a user or system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define authorization

A

Defines what actions or resources a user can access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is accounting

A

act of tracking user activities and resource usage, usually for audit or billing purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Security controls

A

Measures or mechanisms put in place to mitigate risks and protect the confidentiality, integrity, and availability of information systems and data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What categories of security controls are there?

A

physical, managerial, operational, Technical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Zero Trust?

A

Security model that operates on the principle that no one, inside or outside the org should be trusted by default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How to achieve zero trust

A

Control plane and data plane

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Define control plane

A

Consists of the adaptive identity, threat scope reduction, policy driven access control, and secure zones

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Define data plane

A

Focuses on the subject or system, policy engine, policy admin, and establishing policy enforcement points