Overview of Security Flashcards

1
Q

The act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction.

A

Information Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The act of protecting the systems that hold and process our critical data

A

Information System Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The CIA Triad

A

Confidentiality
Integrity
Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Information that has not been disclosed to unauthorized people

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Information has not been modified or altered without proper authorization

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Information is able to be stored, accessed, or protected at all times

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AAA of Security

A

Authentication
Authorization
Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

When a person’s identity is established with proof and confirmed by a system

A

Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The different kinds of authentication

A

Something you know
Something you are
Something you have
Something you do
Somewhere you are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Occurs when a user is given a certain piece of data or certain areas of a building

A

Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Tracking of data, computer usage, and network resources

A

Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Occurs when you have proof that someone has taken an action

A

Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Security threats

A

Malware
Unauthorized access
System failure
Social engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Short-hand term for malicious software

A

Malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Occurs when access to computer resources and data occurs without the consent of the owners

A

Unauthorized Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Occurs when a a computer crashes or an individual application fails

A

System failure

17
Q

Act of manipulating users into revealing confidential information or performing other detrimental action

A

Social Information

18
Q

Types of controls to mitigate threats

A

Physical Controls
Technical Controls
Administrative Controls

19
Q

Alarm systems, locks, surveillance cameras, identification cards, and security guards

A

Physical Controls

20
Q

Smart cards, encryption, access control lists (ACLs), intrusion detection
systems, and network authentication

A

Technical Controls

21
Q

Policies, procedures, security awareness training, contingency planning, and disaster recovery plans

A

Administrative Controls

22
Q

Most effective control to use

A

User training

23
Q

Five types of hackers

A

White hat
Black hat
Gray hat
Blue hat
Elite

24
Q

Non-malicious hackers who attempt to break into a company’s
systems at their request

A

White hat hackers

25
Q

Malicious hackers who break into computer systems and networks without authorization or permission

A

Black hat hacker

26
Q

Hackers without any affiliation to a company who attempt to
break into a company’s network but risk the law by doing so

A

Grey hat hackers

27
Q

Hackers who attempt to hack into a network with permission of the company but are not employed by the company

A

Blue hat hackers/ bug bounty hunters

28
Q

Hackers who find and exploit vulnerabilities before anyone else
does

A

Elite hackers (1 in 10,000)

29
Q

Hackers with little to no skill who only use the tools and exploits written by others

A

Script kiddies

30
Q

Type of Threat Actors

A

Script Kiddies
Hacktivists
Organized Crime
Advanced Persistent Threats (APT)

31
Q

Hackers who are driven by a cause like social change, political agendas, or terrorism

A

Hacktivists

32
Q

Hackers who are part of a crime group that is well-funded and highly sophisticated

A

Organized Crime

33
Q

Highly trained and funded groups of hackers (often by nation states) with covert and open-source intelligence at their disposal

A

Advanced Persistent Theats (APT)