J.Dion Sec. 2 Security Fundamentals Flashcards
Any weakness in the system design or implementaton.
Vulnerability
Why can vulnerabilities be controlled?
They are typically internal factors that are within the organizational control such as
software bugs
Misconfigured software
Improper protection for Network Devices
Missing security patches
Lack of physical security
What lies at the intersection of threats and vulnerabilities?
Risk to the enterprise systems and networks.
Threat + No Vulnerability =
No Risk
Vulnerability + No Threat =
No Risk
Finding different ways to minimize the likelihood of an outcome occurring and achieve the desires outcomes.
Risk management
Anything that could cause harm, loss, damage, or compromise to information technology systems.
Threat
Refers to the protection of information from unauthorized access and disclosure.
Confidentiality
Process of converting data into code to prevent unauthorized access.
Encryption
What are the 5 basic methods to ensure confidentiality?
Encryption
Access Controls
Data Masking
Physical Security Measures
Training and Awareness
Method that ensures only authorized personnel can access certain types of data?
Access controls
Method that involves obscuring data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users.
Data masking
Method used to ensure confidentiality for physical types of data and for digital information contained on servers and workstations.
Physical security measures
Method of conducting regular training on the security awareness best practices that employees can use to protect the organization’s sensitive data.
Training and awareness
When we hear confidentiality think
Encryption
When we hear encryption think
confidentiality
Helps to ensure information and data remain accurate and unchanged from their original state unless intentionally modified by an authorized user.
Integrity
What does integrity verify?
The accuracy and trustworthiness of data over the entire lifecycle.
What three main reasons is integrity important?
Ensure data accuracy
Maintain trust
Ensure system operability
What five methods help maintain integrity of data?
Hash
Digital signatures
Checksums
Access Controls
Regular Audits
Method that converts data into a fixed-size value.
Hashing
What are the results of hashing function?
Hash digest
Serves as a digital fingerprint for any given piece of data to prove its integrity.
Hash digest
Method that uses encryptions to ensure integrity and authenticy.
Digital signatures
Method to verify the integrity of data during transmission.
Checksums
Methos that ensures only authorized individuals can modify data and reduce the risk of unintentional or malicious alterations.
Access Controls
Method that involves reviewing logs and operations to ensure only authorized changes have been made and any discrepancies are addressed,
Regular audits
When we hear integrity think
hashing
Used to ensure that information, systems, and resources are accessible and operational when needed by authorized users.
Availability
What does it mean when a service provider has 3 Nines?
In a standard calendar year the service is available 99.9% of the time with a maximum downtime of 8.76 hours.
What is the maximum down time for 3 Nines?
8.76 hours in 365 days
What is the maximum down time for 5 Nines?
5.26 minutes per year (365 days)
Duplication of critical components or functions of a system with the intention of enhancing its reliability.
Redundancy
What are the types of redundancy?
Server redundancy
Data redundancy
Network redundancy
Power redundancy
Redundancy type that involves using multiple servers in a load balance so that if one is overloaded or fails, the other servers can take over the load to continue supporting end users.
Server redundancy
Redundancy type that involves storing data in multiple places.
Data redundancy
Redundancy that ensures if one network path fails, the data can travel through another route.
Network redundancy
Redundancy that involves using backup power sources to ensure that an organization’s systems remain operational during period of power disruption or outages within a local service area,
Power redundancy
When we hear availability think
redundancy
Security measure that is focused on providing undeniable proof in digital transactions.
Non-repudiation
Security method the is created by first hashing a particular message/communication and encrypting the hash digest with the user’s private key using asymmetric encryption.
Digital signature
What three main reasons is non-repudiation important?
Confirm digital transactions authenticity
Ensuring integrity of critical communications
Provides accountability in digital processes
When we hear non-repudiation think
digital signatures
Security measure that ensures individuals/entities are who they claim to be during a communication/transaction.
Authentication
What are the 5 commonly used authentication methods?
Something you know
Something you have
Something you are
Something you do
Somewhere you are
Authentication method that relies on information that a user can recall.
Something you know (knowledge factor)
What is an example of a knowledge factor?
Username and password
Authentication method that relies on the user presenting a physical item to authenticate themselves.
Something you have (possession factor)
What is an example of a possession factor?
A security badge for getting into work.
Authentication method that relies on the user providing a unique physical/behavioral characteristic to validate that they are who they claim to be.
Something you are (inherence factor)