Network Security Concepts Flashcards
What are six terms associate with security management?
Asset; Vulnerability; Exploit; Threat; Risk; Countermeasure
A weakness in a system or its design that could be exploited by a threat.
Vulnerability
The mechanism used to leverage a vulnerability to compromise an asset.
Exploit
A potential danger to an asset such as information or network functionality.
Threat
The likelihood that a particular threat will exploit a particular vulnerability of an asset that results in an undesirable consequence.
Risk
A protection that mitigates a potential threat or risk.
Countermeasure
To provide adequate protection of network assets, what three things must be guaranteed?
Confidentiality, Integrity, Availability (CIA)
Only authorized users can view sensitive information.
Confidentiality
Only authorized users can change sensitive information. It can also guarantee the authenticity of data.
Integrity
Authorized users must have uninterrupted access to important resources and data.
Availability
What factors should be considered when classifying data?
Value; Age; Useful Life; Personal association
The number one criteria when classifying data, and is based on the cost to acquire, develop, and replace.
Value
The importance of data usually decreases with time.
Age
The amount of time in which data is considered valuable and must be kept classified.
Useful Life
Data that involves personal information of users and employees.
Personal association
What data classifications terms are commonly used by government and military?
Unclassified; Sensitive but Unclassified (SBU); Confidential; Secret; Top Secret
Which security term refers to a person, property, or data of value to a company?
Asset
Which asset characteristic refers to the risk that results from a threat and lack of a countermeasure?
Liability
Data that has little or no confidentiality, integrity, or availability requirements, and therefore little effort is made to secure it.
Unclassified
Data that could prove embarrassing if it is revealed, but no great security breach would occur.
Sensitive but Unclassified (SBU)
Data that must be kept secure.
Confidential
Data for which significant effort is made to keep it secure. Few individuals have access to this data.
Secret
Data for which great effort and sometimes considerable cost is made to guarantee its secrecy. Few individuals on a need-to-know condition have access.
Top secret
What data classifications terms are commonly used by private sector?
Public; Sensitive; Private; Confidential
Data that is available publicly, such as websites, publications, and brochures.
Public
Data that is similar to SBU data in that it might cause some embarrassment if revealed.
Sensitive
Data that is important to an organization and an effort is made to maintain secrecy and accuracy of this data.
Private
Data that companies make the greatest effort to keep secure, such as trade secre4ts, employee data, and customer information.
Confidential
What are the three Classification roles?
Owner; Custodian; User
Person responsible for the information
Owner
Perosn in charge of performing day-day data maintenance, including securing and backing up the data.
Custodian
Person using the data in accordance to established procedures.
User
What are the three categories of threat classification?
Administrative; Technical; Physical
Policy and procedure based, including change/configuration control, security training, audits, and tests.
Administrative
Controls that involve hardware and software.
Technical
Controls for protecting the physical infrastructure.
Physical
_______ includes insidious reasons, such as for political and financial reasons, aimed at economic espionage and money-making activities.
Motivation
Activities are now _____ with mutating and stealth features.
Targeted
Threats are consistently focusing on the _______ _______ such as known web browser vulnerabilities and looking for new web programming errors.
Application Layer
________ ________ sites are a huge source of information. Attackers use it not only to try to steal an identity, but also try to assume the identity of the user.
Social Engineering
Attackers are also targeting mobile platforms because data is in more places.
Borderless
What five categories entail Incident and Exposure management?
Preventive; Detective; Corrective; Recovery; Deterrent
Preventing the threat form coming in contact with a vulnerability, such as using a firewall, physical locks, and security policy.
Preventive
Identifying that the threat has entered the network or system using system logs, intrusion prevention systems (IPSs), and surveillance cameras.
Detective
Determining the underlying cause of a security breach and then mitigating the effects of the threat being manifested, such as updating virus or IPS signatures.
Corrective
Putting a system back into production after an incident.
Recovery