Section 4.1 Flashcards
What does CIA stand for?
Confidentiality, Integrity, and Availability
Define Confidentiality
Information is kept safe from unauthorized individuals
Define Integrity
Information is true and unaltered
Define Availability
Information is accessible at all times
How do you maintain Confidentiality?
Encryption, Access Controls, and Steganography
How do you maintain Integrity?
Hashing, Digital signatures (encrypting hash with private key), and Certificates
How do you maintain Availability?
Redundancies, Load Balancing, Patching
Define Zero Trust
It means that no one is trusted by default from inside or outside the network
What is a Threat?
A person or thing that could take advantage of a vulnerability
What is a Vulnerability?
A weakness in a system or a network that can be exploited by a threat.
What is an Exploit?
When a threat takes advantage of a vulnerability
What is RBAC?
Role Based Access Control
What is Defense in Depth?
The utilization of multiple methods and layers of defense to minimize attack surface
What is Separation of Duties?
No one person has all of the access or knowledge
How can a switch be protected from anyone simply plugging into it to gain access to the network?
Three methods exist:
1) NAC requires anyone who plugs in to authenticate.
2) Administrator can disable the actual port that’s not in use.
3) Use MAC address validation to filter duplicate and spoofed MAC addressses.
