Lesson 1.1 Information Security Fundamentals Flashcards
What are the 3 main principles of cyber or information security?
Confidentiality, Integrity, Availability
This principle states that only authorized people, processes, or systems have access to information and that information must be protected from unauthorized disclosure.
Confidentiality
This principle states that data and systems should be protected from unintentional, unauthorized, or accidental changes.
Integrity
What are the two components to the principle of integrity?
Data Integrity and System Integrity
What does the data integrity component imply?
information is known to be good, and that information can be trusted as being complete, consistent, and accurate
What does the term system integrity imply?
that a system will work as intended
This principle states that information systems and supporting infrastructure are operating and accessible when needed.
Availability
In the availability principle, what is meant by information systems and supporting infrastructure?
systems, processes, people, and facilities
What are the five A’s of critical supporting activities for CIA?
Accountability Authentication Authorization Accounting Assurance
the process of tracing actions to the source
accountability
the positive identification of a person or system who is seeking access to information or to a system
authentication
granting users and systems a predetermined level of access to resources
authorization
the logging of access and use of information resources
accounting
the processes we use to develop confidence that our security measures are working as intended
assurance
What is meant by the term trustworthy computing?
confidence that a system will act in a correct and predictable manner in every situation
