Introduction to Security Flashcards
What is Information Security?
The practice of protecting sensitive information from unauthorized access.
What are the 2 Security Concepts?
C.I.A Triad (Confidentiality, Integrity, Availability)
Tripe A.A.A Model (Authentication, Authorization, Accounting)
What are the three types of information protection and what are they known as?
Confidentiality, Integrity, Availability
Also known as the C.I.A Triad.
What is Confidentiality?
Ensures only authorized individuals have access to sensitive information.
What is Integrity?
Ensures information is correct and unaltered.
What is Availability?
Ensures information is accessible to authorized users.
What is the Triple A.A.A Model?
Authentication,Authorization, Accounting
What is Authentication?
Verifying a user’s credentials before giving them access to a Network.
What is Authorization?
Grants the Authenticated user access to the available services based on their credentials.
What is Accounting?
Provides a record of what services a user accessed and when they were accessed.
What are Security Controls?
A safeguard used to protect the C.I.A of information.
Is there a difference between Cybersecurity and Information Security?
Cybersecurity is the umbrella term where Information Security is found.
What is a Threat Actor?
An individual or entity that gains unauthorized access to systems with malicious intent.
What is a Script Kiddie (Threat)?
An unskilled attacker who lacks the technical knowledge to perform attacks and relies on pre-built tools to carry out their attacks.
What is Shadow IT(Threat)?
Process of bypassing corporate approval for technology purchases.
Why would Organized Crime move into Cyber Attacks
For financial gain and taking a less risky route.
What are Insider Threats?
Trusted employees or individuals of an enterprise who exploit vulnerabilities within that organization
What are Hacktivists(Threat)?
An individual or group who gains unauthorized access to systems to further their political or social agendas.
What are State Actors(Threat)?
Individuals or groups sponsored by a government to perform attacks on other rival governments.
What is an A.P.T(Threat)?
An Advanced Persistent Threat is a multiyear intrusion campaign primarily performed by State Actors.
What is a Competitor(Threat)?
An entity that launches attacks against rival companies.
What is a Broker(Threat)
An individual who sells their knowledge of vulnerabilities to other attackers or governments.
What is a Cyber Terrorist(Threat)?
Attacks a nation’s infrastructure to cause disruption and panic.
What is a Threat Vector?
Methods used by Threat Actors to perform exploits.
What is a Framework?
Policies and procedures used to secure enterprise information.
