Module 2 - 01-2 Flashcards
The Eight CISSP Security Domains
What does CISSP stand for?
Certified Information Systems Security Professional (CISSP)
What are Core Security Concepts called?
Security Domains
As of 2022, how many Security Domains has the CISSP defined?
Eight (8)
What are the Eight CISSP Security Domains?
1) Security and Risk Management
2) Asset Security
3) Security Architecture and Engineering
4) Communication and Network Security
5) Identity and Access Management
6) Security Assessment and Testing
7) Security Operations
8) Software Development Security
What is the First (1st) CISSP Security Domain?
1) Security and Risk Management
Define (1) Security and Risk Management
Defines security goals and objectives, risk mitigation, compliance, business continuity, and the law
What is the Second (2nd) CISSP Security Domain?
2) Asset Security
Define (2) Asset Security
Secures digital and physical assets.
It’s also related to the storage, maintenance, retention, and destruction of data.
What is the Third (3rd) CISSP Security Domain?
3) Security Architecture and Engineering
Define (3) Security Architecture and Engineering
Optimizes data security by ensuring effective tools, systems, and processes are in place
What is the Fourth (4th) CISSP Security Domain?
4) Communication and Network Security
Define (4) Communication and Network Security
Manage and secure physical networks and wireless communications
What is the Fifth (5th) CISSP Security Domain?
5) Identity and Access Management
Define (5) Identity and Access Management
Keeps data secure, by ensuring users follow established policies to control and manage physical assets, like office spaces, and logical assets, such as networks and applications
What is the Sixth (6th) CISSP Security Domain?
6) Security Assessment and Testing
Define (6) Security Assessment and Testing
Conducting security control testing, collecting and analyzing data, and conducting security audits to monitor for risks, threats, and vulnerabilities
What is the Seventh (7th) CISSP Security Domain?
7) Security Operations
Define (7) Security Operations
Conducting investigations and implementing preventative measures
What is the Eighth (8th) CISSP Security Domain?
8) Software Development Security
Define (8) Software Development Security
Uses secure coding practices, which are a set of recommended guidelines that are used to create secure applications and services
Define Firewall
A device used to monitor and filter incoming and outgoing computer network traffic
What are some additional methods of attacks (6)?
Password Attack
Social Engineering Attack
Physical Attack
Adversarial Artificial Intelligence
Supply-Chain Attack
Cryptographic Attack
Define Password Attack
An attempt to access password-secured devices, systems, networks, or data
What are some forms of Password Attacks (2)?
- Brute Force
- Rainbow Table
What CISSP Security Domain does Password Attacks fall under?
Communication and Network Security Domain
Define Social Engineering Attack
A manipulation technique that exploits human error to gain private information, access, or valuables
What are some forms of Social Engineering Attack (10)?
- Phishing
- Smishing
- Vishing
- Spear Phishing
- Whaling
- Social Media Phishing
- Business Email Compromise (BEC)
- Watering Hole Attack
- USB (Universal Serial Bus) Baiting
- Physical Social Engineering
What CISSP Security Domain does Social Engineering Attacks fall under?
Security and Risk Management Domain
Define Physical Attack
A security incident that affects not only digital but also physical environments where the incident is deployed
What are some forms of Physical Attack (3)?
- Malicious USB Cable
- Malicious Flash Drive
- Card Cloning and Skimming
What CISSP Security Domain does Physical Attack fall under?
Asset Security Domain
Define Adversarial Artificial Intelligence
A technique that manipulates artificial intelligence and machine learning technology to conduct attacks more efficiently
What CISSP Security Domain does Adversarial Artificial Intelligence fall under (2)?
- Communication and Network Security Domain
- Identity and Access Management Domain
Define Supply-Chain Attack
Targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed
What CISSP Security Domain does Supply-chain attack fall under (3)?
Supply-chain attacks can fall under several domains, including but not limited to the:
- Security and Risk Management,
- Security Architecture and Engineering, and
- Security Operations Domains.
Define Cryptographic Attack
Affects secure forms of communication between a sender and intended recipient
What are some forms of Cryptographic Attack (3)?
- Birthday
- Collision
- Downgrade
What CISSP Security Domain does Cryptographic Attack fall under?
Communication and Network Security Domain
Define Threat Actor
Any person or group who presents a security risk
What are some Threat Actor types (3)?
- Advanced Persistent Threats
- Insider Threats
- Hacktivists
What does APTs stand for?
Advanced Persistent Threats (APTs)
Define APTs
Advanced Persistent Threats (APTs) have significant expertise accessing an organization’s network without authorization.
APTs tend to research their targets in advance and can remain undetected for an extended period of time.
Their intentions and motivations can include:
* Damaging critical infrastructure, such as the power grid and natural resources
* Gaining access to intellectual property, such as trade secrets or patents
Define Insider Threats
Abuse their authorized access to obtain data that may harm an organization.
Their intentions and motivations can include:
* Sabotage
* Corruption
* Espionage
* Unauthorized data access or leaks
Define Hacktivists
Threat actors that are driven by a political agenda.
They abuse digital technology to accomplish their goals, which may include:
* Demonstrations
* Propaganda
* Social change campaigns
* Fame
Define Hacker
Any person who uses computers to gain access to computer systems, networks, or data
What are some Hacker types (3)?
- Authorized Hackers are also called Ethical Hackers
- Semi-Authorized Hackers are considered Researchers
- Unauthorized Hackers are also called Unethical Hackers
Define Authorized Hackers
(Ethical Hackers)
They follow a code of ethics and adhere to the law to conduct organizational risk evaluations. They are motivated to safeguard people and organizations from malicious threat actors.
Define Semi-Authorized Hackers
(Researchers)
They search for vulnerabilities but don’t take advantage of the vulnerabilities they find.
Define Unauthorized Hackers
(Unethical Hackers)
They are malicious threat actors who do not follow or respect the law. Their goal is to collect and sell confidential data for financial gain.
Examples of security _____ include security and risk management and security architecture and engineering.
domains
Examples of security domains include security and risk management and security architecture and engineering.
A security professional is asked to destroy and dispose of old hard drives that include confidential customer information. Which security domain is this task related to?
Asset security
This task is related to the asset security domain. This domain focuses on managing and securing digital and physical assets, as well as the storage, maintenance, retention, and destruction of data.
Your supervisor asks you to audit user permissions for payroll data to ensure no unauthorized employees have access to it. Which security domain is this audit related to?
Security assessment and testing
This is related to security assessment and testing, which often involves regular audits of user permissions to make sure employees and teams have the correct level of access.
You are asked to investigate an alert related to an unknown device that is connected to the company’s internal network. After you complete your investigation, you follow company policies and procedures to implement preventative measures that will stop the potential threat posed by the device. Which security domain is this scenario related to?
Security operations
This is related to the security operations domain, which is focused on conducting investigations and implementing preventative measures. In this scenario, following company policies and procedures to stop the potential threat is an example of taking preventative measures.