Section 2 Flashcards

1
Q

What is Risk Management in Cyber Security?

A
  • Provide continuity of service to end users
  • Maintain security of systems
  • Protect from data breaches
  • minimize vulnerabilities
  • mitigate damage caused by a threat through mitigation actions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Describe Confidentiality.

A

Protection of information from unauthorized access and disclosure.

ex. Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why is Confidentiality important?

A
  • Protects personal Privacy
  • Maintain Business advantage
  • Achieve Regulatory compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name 5 methods to ensure Confidentiality.

A
  • Encryption
  • Access Controls
  • Data Masking
  • Physical Security Measures
  • Training & Awareness
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Encryption

A

Process of converting data into code to prevent unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Access Controls

A

User permissions that ensure only authorized personnel can access certain data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Data Masking

A

Obscuring data for unauthorized users while maintaining authenticity and use for authorized users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Physical Security Measures

A

Physical measures used to protect both physical and digital data.

Ex. Cameras, Biometric scanners, keycards, door locks, cabinet locks etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Training & Awareness

A

Training personnel on security awareness & best practices to mitigate human error and protect sensitive data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Describe Integrity

A

Verifies the Accuracy and Authenticity of Data over the entire lifecycle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Why is Integrity important?

A
  • Ensure data Accuracy
  • Maintain Trust
  • Ensure System operability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Name 5 Methods to ensure Integrity

A
  • Hashing
  • Digital Signatures
  • Checksums
  • Access Controls
  • Regular Audits
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Hashing

A

Converting data into a fixed-size value.

  • Any minor change will result in a vastly different hash
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Hash Digest

A

Digital fingerprint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Digital Signatures

A

Uses encryption to ensure integrity and authenticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Checksums

A

Method to verify the integrity of data during transmission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Regular Audits

A

Reviewing logs and operations to address discrepancies and ensure authorized changes.

18
Q

Describe Availability

A

Ensuring that data, systems and services are accessible and operational to authorized end users.

19
Q

How is the quality Availability status determined?

A

By the number of “nines”
ex. 99.9%, 99.999%

20
Q

What is the Gold Standard for Availability status?

A

Five “nines” (99.999%)

21
Q

Why is Availability important?

A
  • Ensures business continuity
  • Maintain customer trust
  • Upholds Reputation
22
Q

What is Redundancy?

A

Duplicating Critical system components and functions to ensure reliability.

23
Q

What are 4 types of Redundancy ?

A
  • Server Redundancy
  • Network Redundancy
  • Power Redundancy
  • Data Redundancy
24
Q

Server Redundancy

A

Using a Load balancer configuration to ensure server uptime should one fail.

25
Q

Network Redundancy

A

Ensuring data can travel through an alternate route should a network path fail.

26
Q

Data Redundancy

A

Storing Data in multiple places so it can always be recovered should a data store fail.

27
Q

Power Redundancy

A

Implementing back up power sources to ensure that systems remain operational.

28
Q

Define Non-repudiation

A

Providing undeniable proof in digital transactions

29
Q

Why is Non-Repudiation important?

A
  • Confirms Authenticity in digital transactions
  • Ensures Integrity
  • Provides Accountability
30
Q

How is Non-Repudiation performed?

A

Digital Signatures

31
Q

Define Authentication

A

Verifying the identity of individuals or entities participating in a digital interaction.

32
Q

What are 5 common forms of Authentication?

A
  • Something you KNOW
  • Something you HAVE
  • Something you ARE
  • Something you DO
  • SOMEWHERE you are
33
Q

Something you KNOW

A

Information a user can recall
(Knowledge Factor)
eg. Secret Phrase, Password,

34
Q

Something you HAVE

A

Use presents a physical item to authenticate themselves
(Possession Factor)
Eg. Keycard, Badge, Smartphone

35
Q

Something you ARE

A

User Provides a unique physical or behavioral characteristic of themselves to authenticate.
(Inherence Factor) (Biometrics)
Eg. Fingerprint scan, voice authentication, Facial Recognition

36
Q

Something you DO

A

User conduction a unique action to authenticate
(Action Factor)
Eg. Hand Writing recognition, Gait recognition

37
Q

SOMEWHERE you are

A

User being in a certain location to authenticate
(Location Factor)
Eg. Geo-Fencing, Region locking

38
Q

what is 2FA?

A

Two-factor Authentication
- 2 authentication methods

39
Q

What is MFA?

A

Multi-factor Authentication
- 2 or more authentication methods