General Security Concepts Flashcards
Technical Controls
Controls implemented using hardware, software, and/or firmware.
Examples: Firewalls, anti-virus
Managerial Controls
Relate to risk management, governance, oversight, strategic alignment and decision making Examples: risk assessments, project management
Operational Controls
Aligned with a processes that are primarily implemented and executed by people.
Examples: change management, training, testing
Physical Controls
Designed to address physical interactions like connected to buildings.
Examples: gates, barricades, fences
Preventive Control
Stop a threat agent from being successful
Examples: Firewall rules, security policy, security guard, door locks
Deterrent Control
Discourage a threat agent from acting
Examples: posted warning signs, threat of demotion, splash screen, reception desk,
Detective Control
Identify and report a threat agent or action
Examples: System logs, review login reports, patrol the property, motion detectors
Corrective Control
Minimize the impact of a threat agent or modify or fix a situation
Examples: Backups, fire extinguisher, policies for reporting issues, contact authorities
Compensating Control
Controls implemented in lieu of a recommended control that provides comparable protection
Examples: Block instead of patch, separation of duties, require multiple security staff, power generator
Directive Control
Proactive actions taken to cause/encourage a desirable event or outcome to occur
Examples: Trainings, policies, and authorized personnel only sign
CIA Traid
Fundamentals of security
Confidentiality: prevents disclosure of information to unauthorized people or systems
Integrity: Information can’t be modified
Availability: Systems and networks must be up and running
Access Controls
Selectively restrict access to a resource
Hashing
Map data of a length to data of a fixed length
Digital signatures
Math scheme to verify the integrity of data
Certificates
Combine with a digital signature to verify an individual
Non-Repuditation
Provides proof of integrity, can be asserted to be genuine.
Redundancy
Build services that will always be available
Fault tolerance
system will continue to run, even when a failure occurs.
AAA
Authentication: Verifies a user and who they claim to be
Authorization: Determines if the user has permission to use a resource or access a file.
Accounting: Keeps track of a user’s activity on the system or network.
Certificate Authority (CA)
Stores, signs, and issues digital certificates.
Registration Authority (RA)
Verifies user requests for a digital certificate and tells the CA to issue it.
Honeypot
Decoy server set up to trick an attacker
Honeyfile
A decoy file deceptively named so it attracts the attention of an attacker
Honeynet
A network of honeypots.
Honeytoken
A beacon embedded somewhere that can bait and track an attacker
Gap Analysis
The process of evaluating your org’s current security posture and security framework
Least Privilege
Granting users only the access necessary to perform their job functions
Malware
Malicious software designed to harm, exploit, or compromise a system.
Defense in Depth
Implementing multiple layers of security controls to protect information.
Vulnerability Assessment
Process of identifying, quantifying, and prioritizing vulnerabilities in a system.
Zerto Trust Architecture
Security model that assumes no implicit trust and requires continuous verification.
Data Loss Prevention (DPL)
Strategies and tolls to prevent unauthorized access, use, or transmission of data
Public Key Infrastructure (PKI)
A framework for managing digital certificates and public key encryption
Symmetric Encryption
Encryption method where the same key is used for both encryption and decryption.
Asymmetric Encryption
Encryption method that uses a pair of keys a public key for encryption and a private key for decryption
Pharming
Cyberattack that redirects a website’s traffic to a fraudulent website without a user’s consent.
SQL Injection
Attack that involves inserting malicious SQL code into a query to a manipulate the database.
Cross Site Scripting
A vulnerability that allows attackers to inject malicious scripts into a web pages viewed by other users
Twofish
Symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits.
Diffie-Hellman Key Exchange
Allows two parties to securely share a secret key over an unsecured communication channel
Mandatory Access Control (MAC)
Access control policy determined by a central authority, strictly enforcing access based on classifications
Discretionary Access Control (DAC)
Access control policy where the owner of the resource determines who has access
Role-Based Access Control (RBAC)
Access Control method where permissions are assigned to roles, and users are assigned to roles based on their responsibilities.
Demilitarized Zone (DMZ)
A physical or logical subnetwork that separates and internal LAN from untrusted external networks
Network Address Translation (NAT)
Translates private IP’s to a public IP and vice versa to enable devices on a private network to access the internet
Virtual Land Area Network (VLAN)
Logical subdivision of a physical network designed to group devices, reduce traffic, and enhance security
Port Security
Network security feature on switches that limit access by controlling which devices can connect to specific ports based on their MAC address
ARP Spoofing
Attack where an attack sends ARP messages to associate their MAC address with a legit IP to intercept data
DHCP Snooping
Security Feature that prevents unauthorized or rouge DHCP servers from assigning IP’s on a network by filtering DHCP messages and verifying trusted sources
SSL/TLS
Protocols used to secure communication over a network by encrypting data in transit, ensuring confidentiality, and Integrity