General Security Concepts (12%) Flashcards

1
Q

What are the four Security Controls

A

Technical Controls
Managerial controls
Operational control
Physical control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Technical Controls

A
  • Controls implemented using systems
  • Operating systems controls
  • Firewalls, anti-virus
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Managerial Controls

A
  • Administrative controls associated with security design and implementation
  • Security Policies, standard operating procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Operational Controls

A
  • Controls implemented by people instead of systems,
  • Security guards, awareness programs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Physical Controls examples

A
  • Limit physical access
    -Guard Shack
  • Fences, locks
  • Badge readers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Preventative control type examples for each control category

A

Firewall - (Technical)
On boarding Policy (Managerial)
Guard Shack (Operational
Physical (door lock)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Deterrent control type examples for each category

A

Splash Screen (Technical)
Demotion (Managerial)
Reception Desk (Operational)
Warning Signs (Physical)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Detective control type examples for each category.

A

System Logs (Technical)
Review login reports (Managerial)
Property Patrols (Operational)
Motion detectors (Physical)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Corrective control types for each category

A

Back up recovery (Technical)
Policies for reporting issues (Managerial)
Contact authorities (Operational)
Fire extinguisher (Physical)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Compensating control types for each category.

A

Blocking instead of patching (Technical)
Separation of duties (Managerial)
Require multiple security staff (Operational)
Power Generator (Physical)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Directive control types for each category

A

File storage Policies (Technical)
Compliance Policies (Managerial)
Security Policy training (Operational)
Sign: Authorised Personal Only (Physical)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a compensating control type

A

Control using other means, Existing controls aren’t sufficient, may be temporary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Directive control types

A
  • Direct a subject towards security compliance
  • A relatively weak security control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Preventive control types

A

Block access to a resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Deterrent control types

A

Discourage an intrusion attempt.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Detective

A

Identify and log an intrusion attempt.
May not prevent access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Corrective control types

A

Apply a control after an event has been detected.
Reverse the impact of an event
Continue operating with minimal downtime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

The CIA triad

A

Combination of Principles:
- Confidentiality (Prevent disclosure of information to unauthorised individuals or systems)
-Integrity (Messages cant be modified without detection)
-Availability (Systems and networks must be up and running.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Confidentiality

A

Certain information should only be known to certain people.

Encryption (Encode messages only certain people can read it)
Access Controls (Selectively Restrict access to a resource).
Two factor authentication (Additional confirmation before information is disclosed)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Integrity

A

Data is stored and transferred as intended
Hashing ( Map data of an arbitrary length to data of a fixed length)
Hashing (Map data of an arbitrary length to data of a fixed length).
Digital signatures (Mathematical scheme to verify the integrity of data)
Certificates (Combine with a a digital signature to verify an individual).
Non-Repudiation (Provides proof of integrity can be asseted to be genuine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Availability

A

Information is accessible to authorised user
Redundancy (Build services that will always be available)
System will continue to run, even when a failure occurs
Patching, Stability Close Security holes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Non Repudiation

A

Confirmation of integrity and proof or origin, with high assurance of authenticity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Proof of integrity

A

Verify data does not change - The data remains accurate and consistent.

In Cryptography, we use a hash to prove integrity. If the data changes the hash changes. Doesn’t necessary associate data with an individual only tells you if the data has changed.

24
Q

Proof that the message was not changed

25
Prove the source of the message
Authentication
26
Make sure the signature isn't fake
Non-Repudiation.
27
Sign with a private key
This is only known to person sending the data, verified by the private key associated with this public key.
28
Explain the digital signature/hashng process to send a message.
- Alice attaches digital signature to her plain text which creates a Hash of the plaintext. - Alice then uses her private key to encrypt the hash of the plain text. - Encrypted hash is attached to the plain text. - Bob is going to use Alices public key to decrypt the the encrypted hash and see the original hash sent by Alice. - Once the decryption takes place Bob will have the original hash of the plain text. - Bob then uses the same hashing algorithm to see if the plain text is the same as the one sent by Alice.
29
AAA Framework
Authentication (Prove you are who you say you are) Authorisation (Based on your identification and authentication, what access do you have). Accounting (Resources used: Login time, data sent and received, log out time).
30
Certificate authority
An organisation that creates a certificate for a device and digitally signs the certificate with the organisation CA. The certificate can now be included on a device as an authentication factor.
31
Certificate based authentication
If the device certificate made by the CA was signed by the by CA. We can compare the device certificate with the CA certificate and see that the device certificate was signed by the CA.
32
Authorisation (Abstractions) benefits
- Reduce complexity - Create a clear relationship between the user and the resource. Administration is streamlined.
33
How the authorisation model works
User devices added to a specific group. Group members would have access to all of the necessary information required for them to work.
34
Gap analysis
Where you are compared to where you want to be. This may require extensive research - there is a lot to consider.
35
Zero trust.
Nothing is trusted, everything is subject to security checks. Multi-factor authentication, encryption, system permissions, additional firewalls, monitoring and analytics. Many networks are relatively open on the inside, once you're through the firewall, there are few security controls - this is not an example of zero trust.
36
Planes of operation. (Zero trust) (Applies to physical, virtual and cloud components)
Split the network into functional planes Data plane - Process the frame, packets and network data. Processing, forwarding. trunking and encrypting NAT. Control plane - Manages the actions of the data plane, Define policies and rules, Determines how packets should be forwarded, routing tables, session tables, Nat tables.
37
Controlling trust using Adapting identity
Consider the source and the requested resources. Multiple risk indicators - relationships to the organisation Make the authentication stronger, if needed.
38
Controlling trust using threat scope reduction
Decrease the number of possible entry points
39
Controlling trust using policy driven access control
Combine the adaptive identity with a predefined set of rules.
40
Security zones
Used to see where a person is connecting from. Security zones look at where we're connecting from and where we are trying to connect to. Zones can be used to deny access - for example from and untrusted to a trusted zone of traffic. Zones can be used to implicitly trust. For example, trusted to internal zone traffic.
41
Policy enforcement point
Any subject and systems communicating through this network will be subject to scrutiny by the PEP (Policy enforcement point). Doesn't make the decision on whether traffic is allowed or denied just gathers information and provides it to the policy decision point. (PDP)
42
Policy decision point is made up of what two points -
Policy Engine, Policy Administrator
43
Policy engine
Evaluates each access decision based on policy and other information sources
44
Policy Administrator
- Communicates with the policy enforcement point - Generates access tokens or credentials - Tells the PEP to allow or disallow access
45
Physical Security - Bollards
Prevent access Channel people through a specific access point Identify safety concerns
46
Physical Security - Vestibules
Doors which lock in a specific sequence or in a specific way, or require an ID card.
47
Physical Security - Fence
Build a perimeter, Usually very obvious, but prevent access.
48
Physical Security - Video Surveillance
CCTV, Motion detection,
49
Physical security - guards and badges
Security guard - Physical protection at the reception area of a facility. Two-person integrity/control Access badge, picture, name other details must be worn at all times, electronically logged.
50
Physical control - Lighting
More light means more security. Attacks avoid the light Specialised design consider overall light levels.
51
Physical control - Sensors
Infrared - Detects infrared radiation in both light and dark. Common in motion detectors. Pressure, detects a change in force, floor or window sensors Microwave - detects movement across large area. Ultrasonic - send ultra sonic signals receive reflected sound waves.
52
Honeypot
Attract criminals, attract automated machines (sometimes real people) which creates a virtual display of attacking methods.
53
Honeynets
A real network which includes more than one single device - Servers, workstations, routers, switches, firewalls.
54
Honeyfiles
Files with fake information which appear to have fake information. Bait the attacker to go into honey files. An alert will be set up if the file is accessed.
55
Honey token.
traceable data being added to the honey pot so if this data is disrupted you know where it came from. - API credentials (Fake) -Fake email addresses (constantly monitor for them to come up on the internet). Any type of data to find.