Lesson 1: Summarize Fundamental Security Concepts Flashcards

1
Q

What are the 3 components of the CIA Triad?

A
  1. Confidentiality
  2. Integrity
  3. Availability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define ‘Confidentiality’ in the CIA Triad

A

Keeping data and communications private and protecting them from unauthorized access; data can only be read by people who have explicit authorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define ‘Integrity’ in the CIA (AIC) Triad

A

Keeping organizational data accurate, free of errors, and without unauthorized modifications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define ‘Availability’ in the CIA Triad

A

Ensuring computer systems operate continuously and that authorized persons can access data that they need.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define ‘Non-repudiation’

A

Goal of ensuring that the party that sent a transmission/created data remains associated with that data and cannot deny sending or creating that data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define ‘NIST’ (National Institute of Standards and Technology)?

A

Develops computer security standards; Publishes cybersecurity best practice and research.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the 5 functions of information/cyber security classified by NIST?

A
  1. Identify
  2. Protect
  3. Detect
  4. Respond
  5. Recover
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Define the ‘Identify’ function defined by NIST

A

Evaluating assets, risks, business function, policies, threats/vulnerabilities and recommending security controls/policies to manage them securely.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define the ‘Protect’ function defined by NIST

A

Ensures delivery of critical infrastructure services; Supports the ability to limit/contain a potential cybersecurity event.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are examples of the ‘Protect’ function defined by NIST?

A

Securing IAM; Security Awareness training; Data protection controls and documentation; Maintenance of assets; Managing protective technology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define the ‘Detect’ function defined by NIST

A

Perform ongoing monitoring ensuring controls are effective and capable of protecting against new types of threats; Enables timely discovery of cybersecurity events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are examples of the ‘Detect’ function defined by NIST?

A

Ensuring Anomalies and Events are detected; Implementing Continuous Monitoring; Maintaining Detection Processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Define the ‘Respond’ function defined by NIST

A

Identify, analyze, contain, and eradicate threats to systems and data security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are examples of the ‘Respond’ function defined by NIST?

A

Managing communications with stakeholders and law enforcement; Analysis of incidents; Mitigation to prevent expansion and for resolution;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Define the ‘Recover’ function defined by NIST

A

Implementing resilience to restore systems/services/data if other functions are unable to prevent attacks; Supports timely recovery to normal operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are examples of the ‘Recover’ function defined by NIST?

A

Implementing recovery processes to restore systems; Implement improvements based on lessons learned and review of strategy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How are NIST or other framework functions achieved?

A

By implementing security controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Define a ‘Security Control’

A

A technology or procedure put in place to mitigate vulnerabilities and risk and to ensure the confidentiality, integrity, and availability (CIA/AIC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is the purpose of a cybersecurity framework?

A

Guides selection and configuration of security controls; Gives structure to risk management and provides externally verifiable statement of regulatory compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are the outcomes of an organization following a cybersecurity framework?

A

Allows an organization to asses current cybersecurity capabilities, identify a target level of capability, and prioritize investments to achieve targets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Define ‘Gap Analysis’

A

Measures the difference between the current and desired system state(s) to help assess the scope of work included in a project.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is the purpose of access controls?

A

Ensure that information system meets the goals of the CIA triad by governing how subjects interacts with objects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Define a ‘Subject’

A

Something that can request and be granted access to a resource; Person, Service/Process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Define an ‘Object’

A

The resources that access is granted to; Network, server, database, app, or file.

25
Define IAM (Identity and Access Management)
Process providing identification, authentication, and authorization for users, computers, and services/process to access a network/host/application
26
What are the 4 main processes of IAM?
1. Identification 2. Authentication 3. Authorization 4. Accounting
27
Define the 'Identification' process of IAM
Aka enrollment; Creating an account and credentials to uniquely represent a user/host/process in the organization.
28
Define the 'Authentication' process of IAM
Determines the method used to validate an entity or individuals credentials.
29
Define the 'Authorization' process of IAM
Determining the rights/abilities subjects should have on each resource, and enforcing those rights.
30
Define the 'Accounting' process of IAM
Tracking authorized usage of a resource or use of rights by a subject and alerting when unauthorized use is detected or attempted.
31
What is another form of IAM?
AAA (Authentication, Authorization, and Accounting)
32
What are the properties of a secure information processing system?
Confidentiality, integrity, and availability (and non-repudiation)
33
What is the CMD to show the version of windows running on the machine?
winver
34
What are the 4 categories of security controls?
1. Managerial 2. Operational 3. Technical 4. Physical
35
Define a 'Managerial' security control
Focuses on the management of risk and the management of information system security.
36
Define an 'Operational' security control
Controls implemented by people; Security Guards, Training programs, SOPs
37
Define a 'Technical' security control
Implemented as a system (hardware, software, or firmware); Aka. 'logical controls'; Firewalls, AV, IDS
38
Define a 'Physical' security control
Controls such as alarms, gateways, locks, lighting, and security cameras that deter and detect access to premises and hardware.
39
What is another way to define a security control?
.
40
Define a 'Preventive' security control
Operates before an attack takes place to eliminate/reduce the likelihood that the attack will succeed.
41
What are examples of a preventive security control?
ACLs, Anti-Virus/Malware, encryption
42
Define a 'Detective' security control
Operates during an attack to identify and record an attempted or successful intrusion.
43
What are examples of a detective security control?
Logs review, IDS
44
Define a 'Corrective' security control
Eliminates/reduces the impact of a security policy violation.
45
What are examples of a corrective security control?
Backup system to restore data damaged during an intrusion; A patch management system that eliminates a vulnerability before/during/after an attack; Lessons learned.
46
Define a 'Directive' security control
Control that enforces a rule, best practice, SOP, or SLA through a policy or contract.
47
What is an example of a directive security control?
A contract/policy; Training/awareness programs.
48
Define a 'Deterrent' security control?
Control that discourages intrusion attempts; signs/warnings
49
Define a 'Compensating' security control
A substitute for a principal control recommended by a security standard to mitigate risk and affords similar level of protection.
50
Define a security policy
A formalized statement defining how security will be implemented within an organization.
51
What is the role of a CIO (Chief Information Officer)?
Company officer responsible for management of information technology assets and procedures.
52
What is the role of a Chief Technology Officer (CTO)
Company officer with the primary role of making effective use of new and emerging computing platforms and innovations.
53
What is the role of a Chief (Information) Security Officer (CSO)/(CISO)
Person with overall responsibility for information assurance and systems security.
54
Define a security operations center (SOC)
A location where security professionals monitor and protect critical information assets across other business functions.
55
Define DevOps
A combination of software development and system/network operations.
56
What is the purpose of DevOps?
IT personnel and developers can build, test, and release software faster and more reliably.
57
Define DevSecOps
A combination of software development, security operations, and systems/network operations.
58
What is the purpose of DevSecOps?
To embed security expertise into any development project.
59
Define a computer incident response team (CIRT)
A single point of contact for notification of security incidents; Function might be handled by SOC or established as an independent business unit.