Section 2 Flashcards
What is Information Security?
Protecting data and information from unauthorized access, modification, disruption, disclosure, and destruction.
What is Information Systems Security?
Protecting the systems (e.g., computers, servers, network devices) that hold and process critical data.
What does the CIA Triad stand for?
Confidentiality, Integrity, Availability.
What is Confidentiality in the CIA Triad?
Ensures information is accessible only to authorized personnel (e.g., encryption).
What does Integrity ensure in the CIA Triad?
Ensures data remains accurate and unaltered (e.g., checksums).
What is Availability in the CIA Triad?
Ensures information and resources are accessible when needed (e.g., redundancy measures).
What is Non-Repudiation?
Guarantees that an action or event cannot be denied by the involved parties (e.g., digital signatures).
What is the CIANA Pentagon?
An extension of the CIA triad with the addition of non-repudiation and authentication.
What are the Triple A’s of Security?
- Authentication
- Authorization
- Accounting
What is the purpose of Authentication?
Verifying the identity of a user or system (e.g., password checks).
What does Authorization determine?
Determining actions or resources an authenticated user can access (e.g., permissions).
What is Accounting in security?
Tracking user activities and resource usage, usually for audit or billing purposes.
What are the categories of Security Control?
- Technical
- Managerial
- Operational
- Physical
What are the types of Security Control?
- Preventative
- Deterrent
- Detective
- Corrective
- Compensating
- Directive
What is a Preventative Security Control?
Proactive measures used to prevent potential security threats and breaches.
What is a Deterrent Security Control?
Discourage potential attackers by making the effort seem less appealing or more challenging (e.g., no entry sign, warning banner on website)
What is a Detective Security Control?
Monitor and alert organizations to malicious activities as they occur.
What is a Corrective Security Control?
Mitigates any potential damage and restores systems to their normal state.
What is a Compensating Security Control?
Alternative measures that are implemented when primary security controls are not feasible or effective.
What is a Directive Security Control?
Guide, inform, or mandate actions. (e.g., policy or documentation, set standards for behaviour within an org.)
What does the Zero Trust Model operate on?
The principle that no one should be trusted by default.
What are the components of the Control Plane in Zero Trust?
- Adaptive identity
- Threat scope reduction
- Policy-driven access control
- Secured zones
In Zero Trust architecture, what is a Control Plane?
Framework responsible for managing and enforcing policies related to user and system access.
In the context of a Control Plane, what is Adaptive Identity?
Real-time validation that takes into account the user’s behaviour, device, location, and more.
In the context of a Control Plane, what is Threat Scope Reduction?
Limits user access to only what they need for their work tasks to reduce the network’s potential attack surface.
In the context of a Control Plane, what is Policy-Driven Access Control?
Entails developing, managing, and enforcing user access policies based on their roles and responsibilities.
In the context of a Control Plane, what is a Secured Zone?
Isolated environments within a network that are designed to house sensitive data. Requires Authorization to access.
What does the Data Plane consist of in Zero Trust?
- Subject/system
- Policy enforcement points
What is the Subject/System in the context of the Data Plane?
Refers to the individual/entity attempting to gain access
What is a Policy Enforcement Point?
A point where the decision to grant/deny access is actually executed.
Define Threat.
Anything that could cause harm, loss, damage, or compromise to our information technology systems.
What are common sources of Threats?
- Natural disasters
- Cyber-attacks
- Data integrity breaches
Define Vulnerability.
Any weakness in the system design or implementation.
What are some internal factors that can lead to Vulnerabilities?
- Software bugs
- Misconfigured software
- Improperly protected network devices
- Missing security patches
- Lack of physical security
Where do threats and vulnerabilities intersect?
That is where the risk to your enterprise systems and networks lies.
What is Risk Management?
Finding different ways to minimize the likelihood of an undesired outcome and achieve the desired outcome.
What is Confidentiality?
Refers to the protection of information from unauthorized access and disclosure.
Why is Confidentiality important?
- To protect personal privacy
- To maintain a business advantage
- To achieve regulatory compliance
What are the five methods to ensure Confidentiality?
- Encryption
- Access Controls
- Data Masking
- Physical Security Measures
- Training and Awareness
Why is Integrity important?
- To ensure data accuracy
- To maintain trust
- To ensure system operability
What are the five methods to maintain Integrity?
- Hashing
- Digital Signatures
- Checksums
- Access Controls
- Regular Audits
What does Availability ensure?
Ensures that information, systems, and resources are accessible and operational when needed by authorized users.
Why is Availability valued in cybersecurity?
- Ensuring Business Continuity
- Maintaining Customer Trust
- Upholding an Organization’s Reputation
What is Redundancy in system design?
Duplication of critical components or functions of a system with the intention of enhancing its reliability.
What are the types of Redundancy to consider?
- Server Redundancy
- Data Redundancy
- Network Redundancy
- Power Redundancy
What is Non-repudiation focused on?
Providing undeniable proof in the world of digital transactions.
What do Digital Signatures ensure?
They ensure both integrity and authenticity.
How is a Digital Signature created?
By hashing a message and encrypting that hash digest with the user’s private key using asymmetric encryption.
(Confidentiality) What is Encryption?
Process of converting data into a code to prevent unauthorized access.
Encryption is essential for protecting sensitive information from unauthorized users.
(Confidentiality) What are Access Controls?
Setting up strong user permissions to ensure that only authorized personnel can access certain types of data.
Access controls are critical for maintaining data security.
(Confidentiality) What is Data Masking?
Method that involves obscuring specific data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users.
Data masking is commonly used in environments where real data cannot be exposed.
(Confidentiality) What do Physical Security Measures ensure?
Confidentiality for both physical and digital information.
Physical security includes measures for protecting paper records and digital information on servers and workstations.
(Confidentiality) What is the purpose of Training and Awareness in security?
To conduct regular training on security awareness best practices for employees to protect sensitive data.
Employee training is a crucial component of an organization’s security strategy.
What is server redundancy?
Using multiple servers in a load balanced or failover configuration to support end users if one server fails or is overloaded
Server redundancy helps maintain service availability.
What does data redundancy involve?
Storing data in multiple places
Data redundancy enhances data availability and protects against data loss.
What is network redundancy?
Ensuring that if one network path fails, the data can travel through another route
Network redundancy improves network reliability.
What is power redundancy?
Using backup power sources, like generators and UPS systems
Power redundancy is crucial for maintaining operations during power outages.
What is the Knowledge Factor in authentication methods? (Something you know)
Relies on information that a user can recall
This method typically involves passwords or PINs.
What does the Possession Factor entail in authentication? (Something you have)
Relies on the user presenting a physical item to authenticate themselves
Examples include smart cards or mobile devices.
Define the Inherence Factor in authentication methods. (Something you are)
Relies on the user providing a unique physical or behavioral characteristic of the person to validate that they are who they claim to be
This can include fingerprints or facial recognition.
What is the Action Factor in authentication? (Something you do)
Relies on the user conducting a unique action to prove who they are
Examples include gesture-based authentication or keystroke dynamics.
Explain the Location Factor in authentication methods. (Somewhere you are)
Relies on the user being in a certain geographic location before access is granted
This can utilize GPS data or IP address verification.
What are Technical Controls?
Technologies, hardware, and software mechanisms that are implemented to manage and reduce risks
What are Managerial Controls?
Strategic planning and governance side of security; also referred to as administrative controls
What are Operational Controls?
Procedures and measures designed to protect data on a day-to-day basis; governed by internal processes and human actions
What are Physical Controls?
Tangible, real-world measures taken to protect assets
