Introduction to Security Plus Flashcards
AAA
authentication, authorization, and accounting
Authentication
When a person’s identity is established with proof and confirmed by a system.
Typically, this requires a digital identity of some sort, username/password, or other authentication scheme
Authorization:
When a user is given access to certain data or areas of a building.
Authorization happens after authentication and can be determined in several ways, including permissions, access control lists, time-of-day restrictions, and other login and physical restrictions
Accounting
The tracking of data, computer usage, and network resources.
Often it means logging, auditing, and monitoring of the data and resources.
Accountability is quickly becoming more important in today’s secure networks.
Part of this concept is the burden of proof. You as the security person must provide proof if you believe that someone committed an unauthorized action.
When you have indisputable proof of something users have done and they cannot deny it, it is known as non-repudiation
Malicious software
Known as malware, this includes computer viruses, worms, Trojan horses, spyware, rootkits, adware, and other types of unwanted software.
Everyone has heard of a scenario in which a user’s computer was compromised to some extent due to malicious software
Unauthorized access
Access to computer resources and data without consent of the owner. It might include approaching the system, trespassing, communicating, storing and retrieving data, intercepting data, or any other methods that would interfere with a computer’s normal work.
Access to data must be controlled to ensure privacy. Improper administrative access falls into this category as well.
System failure
Computer crashes or individual application failure.
This can happen due to several reasons, including user error, malicious activity, or hardware failure.
Social engineering
The act of manipulating users into revealing confidential information or performing other actions detrimental to the user. Almost everyone gets e-mails nowadays from unknown entities making false claims or asking for personal information (or money!); this is one example of social engineering.
When creating the security plan, some IT professionals divide the plan int three categories of controls as follows:
Physical: Things such as alarm systems, surveillance cameras, locks, ID cards,
security guards, and so on.
Technical: Items such as smart cards, access control lists (ACLs), encryption, and network authentication.
Administrative: Various policies and procedures, security awareness training, contingency planning, and disaster recovery plans (DRPs). Administrative controls can also be broken down into two subsections: procedural controls and legal/regulatory controls.
Anti-malware software
Anti-malware protects a computer from the various forms of malware and, if necessary, detects and removes them.
Types include antivirus and anti-spyware software.
Well-known examples include programs from Symantec and McAfee, as well as Microsoft’s Windows Defender. Nowadays, a lot of the software named “antivirus” can protect against spyware and other types of malware as well
Data backups
: Backups won’t stop damage to data, but they can enable you to recover data after an attack or other compromise, or system failure. From programs such as Windows Backup and Restore and programs such as IBM’s Tivoli and Symantec’s Backup Exec, data backup is an important part of security. Note that fault-tolerant methods such as RAID 1, 5, and 6 are good preventative measures against hardware failure but might not offer protection from data corruption or erasure (We will cover RAID in future classes)
Encryption
The act of changing information using an algorithm (known as a cipher) to make that information unreadable to anyone except users who possess the proper “key”. Examples of this include wireless sessions encrypted with Advanced Encryption Standard (AES), web pages encrypted with HTTP Secure (HTTPS), and e-mails encrypted with Secure/Multipurpose Internet Mail Extensions (S/MIME) or Pretty Good Privacy (PGP).
Data removal
Proper data removal goes far beyond file deletion or the formatting of digital media. The problem with file deletion/formatting is data remanence , or the residue, left behind, from which re-creation of files can be accomplished by some less-than-reputable people with smart tools. Companies typically employ one of three options when met with the prospect of data removal: clearing, purging (also known as sanitizing), and destruction
White hats
: These people are non-malicious; for example, an IT person who attempts to “hack” into a computer system before it goes live to test the system.
Generally, the person attempting the hack has a contractual agreement with the owner of the resource to be hacked.
White hats often are involved in something known as ethical hacking.
ethical hacker
is an expert at breaking into systems and can attack systems on behalf of the system’s owner and with the owner’s consent. The ethical hacker uses penetration testing and intrusion testing to attempt to gain access to a target network or system.