J.Dion Sec. 2 Security Fundamentals Flashcards

1
Q

Any weakness in the system design or implementaton.

A

Vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why can vulnerabilities be controlled?

A

They are typically internal factors that are within the organizational control such as

software bugs
Misconfigured software
Improper protection for Network Devices
Missing security patches
Lack of physical security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What lies at the intersection of threats and vulnerabilities?

A

Risk to the enterprise systems and networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Threat + No Vulnerability =

A

No Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Vulnerability + No Threat =

A

No Risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Finding different ways to minimize the likelihood of an outcome occurring and achieve the desires outcomes.

A

Risk management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Anything that could cause harm, loss, damage, or compromise to information technology systems.

A

Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Refers to the protection of information from unauthorized access and disclosure.

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Process of converting data into code to prevent unauthorized access.

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the 5 basic methods to ensure confidentiality?

A

Encryption
Access Controls
Data Masking
Physical Security Measures
Training and Awareness

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Method that ensures only authorized personnel can access certain types of data?

A

Access controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Method that involves obscuring data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users.

A

Data masking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Method used to ensure confidentiality for physical types of data and for digital information contained on servers and workstations.

A

Physical security measures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Method of conducting regular training on the security awareness best practices that employees can use to protect the organization’s sensitive data.

A

Training and awareness

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

When we hear confidentiality think

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

When we hear encryption think

A

confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Helps to ensure information and data remain accurate and unchanged from their original state unless intentionally modified by an authorized user.

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does integrity verify?

A

The accuracy and trustworthiness of data over the entire lifecycle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What three main reasons is integrity important?

A

Ensure data accuracy
Maintain trust
Ensure system operability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What five methods help maintain integrity of data?

A

Hash
Digital signatures
Checksums
Access Controls
Regular Audits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Method that converts data into a fixed-size value.

A

Hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are the results of hashing function?

A

Hash digest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Serves as a digital fingerprint for any given piece of data to prove its integrity.

A

Hash digest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Method that uses encryptions to ensure integrity and authenticy.

A

Digital signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Method to verify the integrity of data during transmission.

A

Checksums

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Methos that ensures only authorized individuals can modify data and reduce the risk of unintentional or malicious alterations.

A

Access Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Method that involves reviewing logs and operations to ensure only authorized changes have been made and any discrepancies are addressed,

A

Regular audits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

When we hear integrity think

A

hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Used to ensure that information, systems, and resources are accessible and operational when needed by authorized users.

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What does it mean when a service provider has 3 Nines?

A

In a standard calendar year the service is available 99.9% of the time with a maximum downtime of 8.76 hours.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is the maximum down time for 3 Nines?

A

8.76 hours in 365 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is the maximum down time for 5 Nines?

A

5.26 minutes per year (365 days)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Duplication of critical components or functions of a system with the intention of enhancing its reliability.

A

Redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What are the types of redundancy?

A

Server redundancy
Data redundancy
Network redundancy
Power redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Redundancy type that involves using multiple servers in a load balance so that if one is overloaded or fails, the other servers can take over the load to continue supporting end users.

A

Server redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Redundancy type that involves storing data in multiple places.

A

Data redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Redundancy that ensures if one network path fails, the data can travel through another route.

A

Network redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Redundancy that involves using backup power sources to ensure that an organization’s systems remain operational during period of power disruption or outages within a local service area,

A

Power redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

When we hear availability think

A

redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Security measure that is focused on providing undeniable proof in digital transactions.

A

Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Security method the is created by first hashing a particular message/communication and encrypting the hash digest with the user’s private key using asymmetric encryption.

A

Digital signature

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What three main reasons is non-repudiation important?

A

Confirm digital transactions authenticity
Ensuring integrity of critical communications
Provides accountability in digital processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

When we hear non-repudiation think

A

digital signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Security measure that ensures individuals/entities are who they claim to be during a communication/transaction.

A

Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What are the 5 commonly used authentication methods?

A

Something you know
Something you have
Something you are
Something you do
Somewhere you are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Authentication method that relies on information that a user can recall.

A

Something you know (knowledge factor)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What is an example of a knowledge factor?

A

Username and password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Authentication method that relies on the user presenting a physical item to authenticate themselves.

A

Something you have (possession factor)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What is an example of a possession factor?

A

A security badge for getting into work.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Authentication method that relies on the user providing a unique physical/behavioral characteristic to validate that they are who they claim to be.

A

Something you are (inherence factor)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

What is an example of inherence factor?

A

A biometric verification such as facial recognition to unlock iphone.

48
Q

Authentication method that relies on the user conducting a unique action to prove who they are.

A

Something you do (action factor)

49
Q

What is an example of an action factor?

A

A secret handshake.

50
Q

Authentication method that relies on the user being in a certain geographic location before access is granted.

A

Somewhere you are (location factor)

51
Q

What is an example of a location factor?

A

Adding geofencing on kids smartphones so they can unlock the front door when they are within 20 feet from the door.

52
Q

Two authentication methods combined

A

Two-factor authentication (2FA)

53
Q

Two or more authentication methods combined

A

Multi-factor authentication (MFA)

54
Q

Security process that requires users to provide multiple methods of identification to verify their identity.

A

Multi-factor authentication (MFA)

55
Q

What are the 5 factors of authentication?

A

Knowledge
Possession
Inherence
Action
Location

56
Q

Permissions and privileges granted to users or entities after they have been authenticated.

A

Authorization

57
Q

Explain authorization

A

A set of rules and policies that are used to dictate what actions users can perform once verified.

Serves as the gatekeeper to ensure that the right people have access to the right things.

58
Q

Security measure that ensures all user activities are properly tracked and recorded.

A

Accounting

59
Q

What is included in a robust accounting system?

A

Audit trail
Regulatory compliance
Forensic analysis
Resource optimization
User accountability

60
Q

Accounting measure that provides chronological record of all user activities that can be used to trace changes, unauthorized access, or anomalies back to a specific user or point in time.

A

Audit trail

61
Q

Accounting measure that maintains a comprehensive record of all the users’ activities.

A

Regulatory compliance

62
Q

Accounting measure that uses detailed accounting/event logs to help cybersecurity experts understand what happened, how it happened, and how to prevent similar incidents from occurring again.

A

Forensic analysis

63
Q

Accounting measure where organizations can optimize system performance and minimize costs by tracking resource utilization/allocation decisions.

A

Resource optimization

64
Q

Accounting measure that ensures users’ actions are monitored/logged, deterring potential misuse and promoting adherence to organization’s policies.

A

User accountability

65
Q

Three technologies used in accounting?

A

Syslog servers
Network analysis tools
SIEMs

66
Q

Technology that is used to aggregate logs from various network devices/systems so that system admins can analyze them to detect patterns/anomalies in organization systems.

A

Syslog servers

67
Q

Accounting technology used to capture/analyze network traffic to gain detailed insights into all the data moving within a network.

A

Network analyzers

68
Q

Name a network analyzer product.

A

Wireshark

69
Q

Accounting technology used to provide real-time analysis of security alerts generated by various hardware/software infrastructures in an organization.

A

Security Information and Event Management (SIEM)

70
Q

What are the 4 broad categories for security control?

A

Technical controls
Managerial controls
Operational controls
Physical controls

71
Q

Controls that are implemented to manage and reduce risks of the technological, hardware, and software mechanisms.

A

Technical controls

71
Q

What are examples of technical controls?

A

Antivirus
Firewalls
Encryption processes
Intrusion detection systems

72
Q

Control that involves strategic planning and governance side of security.

A

Managerial controls

73
Q

Managerial controls are also known as?

A

Administrative controls

74
Q

Control with procedures/measures that are designed to protect data on a day-to-day basis and are mainly governed by internal processes and human actions.

A

Operational controls

75
Q

What is an example of operational control?

A

Organization requiring a password change every 90 days.

76
Q

What 4 general areas do managerial controls encompass?

A

Risk assessment
Security policies
Training programs
Incident response strategies

77
Q

What general areas do operation controls encompass?

A

Backup procedures
Account reviews
User training programs

78
Q

Controls with tangible, real-world measures taken to protect assets.

A

Physical controls

79
Q

Examples of physical controls

A

Shredding sensitive documents
Security guards
Locking the doors

80
Q

What are the 6 basic types of controls?

A

Preventative
Deterrent
Detective
Corrective
Compensating
Directive

81
Q

Control with proactive measures implemented to thwart potential security threats/breaches.

A

Preventive controls

82
Q

An example of preventative control.

A

Firewall because it can filters incoming/outgoing traffic and could block any potentially harmful data packets.

83
Q

Control type that aims to discourage potential attackers by making the effort seem less appealing or more challenging.

A

Deterrent control

84
Q

Give an example of deterrent control

A

A house alarm system with the ADT signs in the front yard or on the windows. The signs are the deterrent not the actual alarm system.

85
Q

Control type that monitors and alerts organizations to malicious activities as they occur or shortly after.

A

Detective controls

86
Q

Give an example of detective control.

A

The security cameras showing the burglar breaking into the home. The burglar still broke in but is now recorded and identified.

87
Q

Give an example of network detective control.

A

Intrusion Detection System (IDS)

Scans network traffic constantly looking for unusual activity such as an unexpected data spike, the IDS will notify the network admin.

88
Q

Control type that mitigates any potential damage and restores the systems to their normal state.

A

Corrective controls

89
Q

Give an example of corrective control.

A

Organization affected by malware, antivirus software will be used to detect, quarantine, and remove the malware. The quarantine and removal is the corrective control not the detection.

90
Q

What control type is detecting malware?

A

Detective control

91
Q

What control type is quarantining and removing malware?

A

Corrective control

92
Q

Type of control that takes alternative measures when primary security controls are not feasible or effective.

A

Compensating controls

93
Q

What is the latest form of wireless encryption?

A

WPA3

94
Q

Using a legacy system that is compatible with WPA2 and placing a VPN on top of that from endpoint to internal servers. What type of control is the VPN?

A

Compensating control

It’s a legacy system and using the VPN on top of the WPA2 connection helps mitigate potential vulnerabilities within the WPA2 encryption schema.

95
Q

Control type that often is rooted in policy or documentation and sets the standard for behavior within the organization.

A

Directive control

96
Q

An AUP is what type of control?

A

Acceptable Use Policy is a directive control.

97
Q

Process of evaluating the differences between an organization’s current performance and its desired performance.

A

Gap Analysis

98
Q

Name the 4 steps in gap analysis.

A
  1. Define the scope of the analysis.
  2. Gather data on the current state of the organization.
  3. Analyze the data to identify the gaps.
  4. Develop a plan to bridge the gaps.
99
Q

What are the two basic types of gap analysis?

A

Technical gap analysis
Business gap analysis

100
Q

Gap analysis type that involves evaluating an organization’s current technical infrastructure & identifying any areas where it falls short of the technical capabilities required to fully utilize their security solutions.

A

Technical gap analysis

101
Q

Gap analysis type that involves evaluating an organization’s current business processes & identifying any areas where they fall short of the capabilities required to fully utilize cloud-based solutions.

A

Business gap analysis

102
Q

Outlines the specific measures to address each vulnerability, allocate resources, and set up timelines for each remediation task that is needed.

A

Plan of action and milestones (POA&M)

103
Q

This demands verification for every device, user, and transaction within the network regardless of origin.

A

Zero Trust

104
Q

What are the two zero trust architectures?

A

Control plane
Data plane

105
Q

What are the key elements incorporated in control plane structure?

A

Adaptive identity
Threat scope reduction
Policy-drive access control
Secured zones

105
Q

This zero trust architecture has an overarching framework & set of components responsible for defining, managing, and enforcing the policies related to user & systems access within an organization.

A

Control plane

106
Q

Zero trust control plane element that understands static one-time verifications are not sufficient so this element relies on real-time validation that takes into account the user’s behavior, device, location, and other factors like that.

A

Adaptive identity

107
Q

Zero trust control plane element that limit the users’ access to only what they need for their work tasks because this drastically reduces the network’s potential attack surface.

A

Threat scope reduction

108
Q

Zero trust control plane element that entails developing, managing, and enforcing user access policies based on their roles and responsibilities.

A

Policy-drive access control

109
Q

Zero trust control plane element that isolates environments within a network that are designed to house sensitive data.

A

Secured zones

110
Q

Zero trust architecture that ensures the policies and procedures are properly executed.

A

Data Plane

111
Q

Which zero trust architecture is responsible for creating the policies and procedures and which architecture is responsible for executing the policies and procedures?

A

Control plane = creating policies and procedures

Data plane = execute the policies and procedures

112
Q

What are the key elements incorporated in data plane structure?

A

Subject/System
Policy engine
Policy administrator
Policy enforcement point

113
Q

Zero trust data plane element that refers to the individual/entity attempting to gain access.

A

Subject/systems

114
Q

Zero trust data plane element that cross-references the access request with its pre-defined policies.

A

Policy engine

115
Q

Zero trust data plane element that is used to establish and manage the access policies.

A

Policy administrator

116
Q

Zero trust data plane element that allows/restricts access, and it will effectively act as a gatekeeper to the sensitive areas of the systems/networks.

A

Policy enforcement point

117
Q

Jane, a database administrator at Dion Training, wants to ensure that a file has not changed since the last time she uploaded it to her cloud storage. She has created a SHA-256 hash digest of the file and wants to compare the stored file’s hash digest against the one she calculated when she initially uploaded the file. Which of the following pillars of the CIANA pentagon is she focused on?

a. Confidentiality
b. Integrity
c. Availability
d. Non-repudiation

A

b. Integrity

Integrity is the security pillar that focuses on the assurance of data is trustworthy and accurate without unauthorized modification.

118
Q

Vikas, a developer at Dion Training, just digitally signed the company’s new app before releasing it in the App Store. Before the app is installed, the user’s device will validate the digital signature to ensure that it was actually developed and uploaded by Dion Training. Which of the following pillars of the CIANA pentagon is she focused on?

a. Confidentiality
b. Authentication
c. Availability
d. Non-repudiation

A

d. Non-repudiation

Non-repudiation ensures that a party in a transaction can’t deny having performed an action. By digitally signing the app, the developer provides proof of the origin and guarantees that the company developed and uploaded it.

Confidentiality safeguards data against unauthorized access.
Authentication verifies an entity’s identity before granting access.
Availability ensures data or services are ready for authorized users.

119
Q

Jason, an instructor at Dion Training, is logging into the company’s exam application to write some new questions for the CompTIA Security+ exam. He enters his username/password at the login prompt and then receives a one-time code on his smartphone that he enters to validate his identity. Which of the following pillars of security was the focus when performing these actions?

a. Authorization
b. Authentication
c. Availability
d. Accounting

A

b. Authentication

Authentication verifies an entity’s identity before granting access to a resource. When entering the username/password and providing the one-time code from a smartphone, a user is going through a two-factor authentication process.

Authorization determines what rights or privileges a user has after they are authenticated.
Availability ensures data or services are ready for authorized users.
Accounting tracks and logs user activities.

120
Q

David, the CTO of Dion Training, just sent out a new policy that will require all of the company’s users to reset their password every 60 days using a long, strong, and complex password. Which of the following type of security controls best classifies this policy?

a. Detective
b. Compensating
c. Directive
d. Corrective

A

c. Directive

Directive controls are policies or procedures that dictate specific actions or behaviors by users or systems. Since the CTO issued a policy mandating password resets every 60 days with specific criteria for password complexity, they were providing a clear directive to the company’s users.

Detective controls are used to detect and alert about incidents.
Compensating controls provide alternatives to primary controls.
Corrective controls address issues after they arise. In this scenario, the policy acts as a directive control.

121
Q

Christle, a student support manager at Dion Training, is logging into the company’s exam voucher application to help a student schedule their CompTIA Security+ exam. Even though she is already connected to the corporate network, the application asks her to validate her identity by sending her a one-time code on her smartphone that she enters to validate her identity. Which of the following security concepts is being utilized by the company’s architecture?

a. Root of trust
b. Gap analysis
c. Zero trust
d. Side loading

A

c. Zero trust

Zero trust is a security model that advocates for a “never trust, always verify” approach. It does not automatically trust any user or system, whether inside or outside the organizational perimeter. By requiring an internal employee to provide additional authentication factors, the system exemplifies the zero trust principle by not trusting any user by default, even if they are known and inside the network.