General Security Concepts Flashcards

Basic

1
Q

CIA

A

Confidentiality, integrity, availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Confidentiality

A

Concept of preventing the disclosure of information to unauthorized parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Integrity

A

Protecting the data from unauthorized alteration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Availability

A

Access to system/data by authorized personnel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Authentication

A

Process of determining the identity of a user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

authorization

A

the mechanisms to ensure that only valid users are permitted to perform specific allowed actions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Three general methods used in authentication.

A

Something you know (password)
Something you have (cac card)
Something about you (bio-metrics)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Elements of Authorization

A

A requester
The object
type or level of access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Accounting / Auditing

A

Means of measuring activity.(IT Example, critical elements of activity)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Non-repudiation

A

Concept of preventing a subject from denying a previous action with an object in a system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Session Management

A

Design and implementation of controls to ensure that communication channels are secured from unauthorized access and disruption of communication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Exception Management

A

process of handling errors and unknown conditions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

TCP

A

Transmission Control Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

UDP

A

User Datagram Protocal (connectionless/sessionless)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Secure Design Tenets

A
Good Enough Security
Least Privilege
Separation of Duties
Defense in Depth
Fail Safe
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Separation of Duties

A

Ensures that for any given task, more than one individual needs to be involved.

17
Q

Defense in Depth

A

Layered Security