Fundamentals Of Security Flashcards

1
Q

Protecting data and information from unauthorized access, modification,
disruption, disclosure, and destruction

A

Information Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Protecting the systems (e.g., computers, servers, network devices) that hold and
process critical data

A

Information Systems Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

CIA Triad

A

Confidentiality, Integrity, Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Ensures information is accessible only to authorized personnel (e.g.,
encryption)

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Ensures data remains accurate and unaltered (e.g., checksums)

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Ensures information and resources are accessible when needed (e.g.,
redundancy measures)

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Guarantees that an action or event cannot be denied by the involved parties
(e.g., digital signatures)

A

Non-Repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An extension of the CIA triad with the addition of non-repudiation and
authentication

A

CIANA Pentagon

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Triple A’s of Security

A

Authentication, Authorisation, Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Verifying the identity of a user or system (e.g., password checks)

A

Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Determining actions or resources an authenticated user can access (e.g.,
permissions)

A

Authorisation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Tracking user activities and resource usage for audit or billing purposes

A

Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Security Control Categories

A

Technical, Managerial, Operational, Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Security Control Types

A

Preventative, Deterrent, Detective, Corrective, Compensating, Directive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Security Control: Technical

A

Software & Hardware, Firewall, Antivirus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Security Control: Managerial

A

Administrative Controls: Policies & Training Programs

17
Q

Security Control: Operational

A

Password change every 90 days

18
Q

Security Control: Physical

A

Locks, Lighting, Sensors, Guard’s

19
Q

Security Control Types: Preventative

20
Q

Security Control Types: Deterrent

A

Warning Signs

21
Q

Security Control Types: Detective

22
Q

Security Control Types: Corrective

A

Antivirus (Quarantine)

23
Q

Security Control Types: Compensating

A

WPA3 is not feasible so instead WPA2 with the addition of VPN to compensate for the missing security Factor.

24
Q

Security Control Types: Directive

A

An order or directive such as Changing passwords every 90 days

25
Operates on the principle that no one should be trusted by default. Trust no one, verify everyone
Zero Trust Model
26
Adaptive identity, threat scope reduction, policy-driven access control, and secured zones
Control Plane