Secton 2 | Fundamentals of Security

Question 1

Information Security

Protecting the data.

Answer 1

Act of protecting data and information from unauthorized access, unlawful modification and distruption, disclosure, and corruption, and destruction.

Devices that hold the data.

Question 2

Information Systems Security

Answer 2

Act of protecting the systems that hold and process the critical data.

Question 3

Confidentiality

Encryption

Refers to the protection of information from unauthorized access and disclosure.

Answer 3

Ensures that information is only accessible to those with the appropriate authorization.

Protect personal privacy, Maintain a business advantage, Achieve regulatory compliance.

Question 4

Encrpytion

Answer 4

Process of converting data into code to prevent unauthorized access.

Question 5

Data Masking

Answer 5

Method that involves obscuring data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users.

Question 6

Physical Security Measures

Answer 6

Used to ensure confidentiality for physical types of data and for digital information contained on servers and workstations.

Question 7

Training and Awareness

Answer 7

Conducting regular training on the security awareness best practices that employees can use to protect the organization’s sensitive data.

Question 8

Integrity

Hashing

Integrity verifies the accuracy and trustworthiness of data over the entire lifecycle.

Answer 8

Ensures that data remains accurate and unaltered unless modification is required.

Ensure Data Accuracy, Maintain Trust, Ensure System Operability.

Maintaining data integrity ensures that decisions are made based on correct information and with the expected outcomes.

Question 9

Hashing

Answer 9

Process of converting data into a fixed-size value

Hash Digest, Digital fingerprint

Question 10

Digital Signatures

Answer 10

Use encryption to ensure integrity and authenticity

Question 11

Checksums

Answer 11

Method to verify the integrity of data during transmission

Question 12

Access Controls

Answer 12

Ensures that only authorized individuals can modify data and reduce the risk of unintentional or malicious alterations.

Question 13

Regular Audits

Answer 13

Involve reviewing logs and operations to ensure that only authorized changes have been made and any discrepancies are addressed.

Question 14

Availability

Making sure that services, systems, and data are always available when they’re supposed to be.

Answer 14

Ensures that information and resources are accessible and functional when needed by authorized users.

99.9 % (3 Nines) or 99.999% (5 Nines)

8,760 hours are available and can only be down for a maximum of 8.76 hours. 99.999% System guarantees a downtime of no more than 5.26 minutes in a year. 99% Uptime (3.5 Days of downtime per year). Ensuring Business Continuity, Maintaining Customer Trust, Upholding an Organization’s Reputation.

Question 15

Redundancy

Having backup options to ensure uninterrupted service.

Availiability

Answer 15

Duplication of critical components or functions of a system with the intention of enhancing its reliability.

Question 16

Server Redundancy

Answer 16

Involves using multiple servers in a load balance so that if one is overloaded or fails, the other servers can take over the load to continue supporting end users.

Question 17

Data Redundancy

Answer 17

Involves storing data in multiple places.

Question 18

Network Redundancy

Answer 18

Ensures that if one network path fails, the data can travel through another route.

Question 19

Power Redundancy

Answer 19

Involves using backup power sources to ensure that an organization’s systems remain operational during periods of power distruption or outages within a local service area.

Question 20

Non-repudiation

Ensuring undeniable proof of your participation in digital interaction.

Focused on providing undeniable proof in digital transactions.

Answer 20

Guaranteeing that a specific action or event has taken place and cannot be denied by the parties involved.

Digital Signatures

Confirming the Authenticity of Digital Transactions, Ensuring Integrity, Providing Accountability.

Question 21

Authentication

Prevent unauthorized access, Protect user data and privacy.

Something you know, Something you have, Something you are, Something you do, Somewhere you are. Two-factor Authentication (2FA) Two authentication methods. Multi-factor Authentication (MFA) Two or more authentication methods. Mult-Factor Authentication (MFA) Security process that requires users to provide multiple methods of identification to verify their identity.

Answer 21

Process of verifying the identity of a user or system.

Ensure resource validity.

Something You Know, Relies on information that a user can recall (KNOWLEDGE FACTOR). Something You Have, Relies on the user presenting a physical item to authenticate themselves (POSSESSION FACTOR). Something You Are, Relies on the user providing a unique phyiscal or behavioral characteristic of the person to validate that they are who they claim to be (INHERENCE FACTOR). Something You Do, Relies on the user conducting a unique action to prove who they are (ACTION FACTOR). Somewhere You Are, Relies on the user being in a certain geographic location before access is granted (LOCATION FACTOR).

Question 22

Authorization

Protect sensitive data, Maintain system integrity in organizations.

Set of rules and policies that are used to dictate what actions users can be perform once verified.

Answer 22

Defines what actions or resources a user can access.

Create more streamlined user experiences.

Question 23

Accounting

Transparency, Security, Accountability

Focuses on moderating and logging actions of users or entities during their digital interactions. Audit Trial, Regulatory Compliance, Forensic Analysis, Resource Optimzation, User Accountability.

Answer 23

Act of tracking user activities and resources usage, typically for audit or billing purposes.

Logging into the system, Accessing files, Modifying configuration settings, Downloading or installing software, Attempting unauthorized actions on systems and networks.

Question 24

Audit Trail

Answer 24

Provides a chronological record of all user activities that can be used to trace changes, unauthorized access, or anomalies back to a specific user or point in time.

Question 25

Regulatory Compliance

Answer 25

Maintaining a comprehensive record of all the users’ activities.

Question 26

Forensic Analysis

Answer 26

Uses detailed accounting and event logs that can help cybersecurity experts understand what happened, how it happened, and how to prevent similar incidents from occurring again in the future.

Question 27

Resource Optimization

Answer 27

Organizations can optimize system performance and minimize costs by tracking resource utilization and allocation decisions.

Question 28

User Accountability

Answer 28

Through accounting system ensures users’ actions are monitored and logged, deterring potential misuse and promoting adherence to the organization’s policies.

Question 29

Syslog Servers

Answer 29

Used to aggregate logs from various network devices and systems so that system adminstrators can analyze them to detect patterns or anomalies in the organization’s systems.

Question 30

Network Analyzers

Answer 30

Used to capture and analyze network traffic to gain detailed insights into all the data moving within a network.

Question 31

Security Information and Event Management (SIEM)

Answer 31

Provides real-time analysis of security alerts generated by various hardware and software infrastructure in an organization.

Question 32

Security Controls

Technical Controls, Managerial Controls, Operational Controls, Physical Controls.

Answer 32

Measures or mechanisms put in place to mitigate risks and protect the confidentiality, integrity, and availability of information systems and data.

Preventative Controls, Deterrent Controls, Detective Controls, Corrective Controls, Compensating Controls, Directive Controls.

Question 33

Technical Controls

Answer 33

The technologies, hardware, and software mechanisms that are implemented to manage and reduce risks.

Firewalls, Encryption Processes, Intrusion Detection Systems.

Question 34

Managerial Controls

Administrative Controls.

Answer 34

Involve the strategic planning and governance side of security.

Question 35

Operational Controls

Answer 35

Procedures and measures that are designed to protect data on a day-to-day basis and are mainly governed by internal processes and human actions.

Backup Procedures, Account Reviews, User Training Programs.

Question 36

Physical Controls

Answer 36

Tangible, real-world measures taken to protect assets.

Shredding of sensitive documents, Security guards, Locking the doors.

Question 37

Preventive Controls

Answer 37

Proactive measures implemented to thwart potential security threats or breaches.

Question 38

Deterrent Controls

Answer 38

Aim to discourage potential attackers by making the effort seem less appealing or more challenging.

Question 39

Detective Controls

Answer 39

Monitor and alert organizations to malicious activites as they occur or shortly thereafter.

Question 40

Corrective Controls

Answer 40

Mitigate any potential damage and restore the systems to their normal state.

Question 41

Compensating Controls

Answer 41

Alternative measures that are implemented when primary security controls are not feasible or effective.

Question 42

Directive Controls

Answer 42

Often rooted in policy or documentation and set the standards for behavior within an organization.

Question 43

Gap Analysis

Define the scope of the analysis, Gather data on the current state of the organization, Analyze the data to identify the gaps, Develop a plan to bridge the gap.

Answer 43

Process of evaluating the differences between an organization’s current performance and its desired performance.

Technical Gap Analysis, Business Gap Analysis.

Question 44

Technical Gap Analysis

Answer 44

Involves evaluating an organization’s current technical infrastructure and identifying any areas where it falls short of the technical capabilities required to fully utilize their security solutions.

Question 45

Business Gap Analysis

Answer 45

Involves evaluating an organization’s current business processes and identifying any areas where they fall short of the capabilities required to fully utilize cloud-based solutions.

Question 46

Plan of Action and Milestones (POA&M)

Answer 46

Outlines the specific measures to address each vulnerability, allocate resources, and set up timelines for each remediation task that is needed.

Question 47

Zero Trust

Control Plane, Data Plane.

Answer 47

Security model that operates on the principle that no one, whether inside or outside the organization, should be trusted by default.

Question 48

Control Plane

Policy Engine, Policy Administrator.

Adaptive Identity (real-time valization, takes into account the user’s behavior, device, location, and more), Threat Scope Reduction, (Limit the users’ access to only what they need for their work tasks because this drastically reduces the network’s potential attack surface), Policy-driven Access Control (Enforcing user access policies based on their roles and responsibilites), Secured Zones (Isolated environments within a network that are designed to house sensitive data).

Answer 48

Consists of the adaptive identity, threat scope reduction, policy driven access control, and secured zones.

It provides a centralized way to dictate and control how, when and where access is going to be granted. To ensure that only authenticate and authorized entities can access specific resources. Policy Engine Cross-references the access request with its predefined policies. Policy Administrator Used to establish and manage the access policies.

Question 49

Data Plane

Subject/System

Subject/System Refers to the individual or entity attempting to gain access. Policy Enforcement Point Allow or restrict access, and it will effectively act as a gatekeeper to the sensitive areas of the systems or networks.

Answer 49

Focused on the subject/system, policy engine, policy adminstrator, and estabilishing policy enforcement points.

Question 50

Threat

Where they interesect is where the risk to enterprise systems and networks lies.

Answer 50

Anything that could cause harm, loss, damage, or compromise to information technology systems.

Threat + No Vulnerability = No Risk

Natural disasters, Cyberattacks, Data integrity breaches, Disclosure of confidential information.

Question 51

Vulnerability

Where they interesect is where the risk to enterprise systems and networks lies.

Answer 51

Any weakness in the system design or implementation.

Vulnerability + No Threat = No Risk

Software bugs, Misconfigured software, Improperly protected network devices, Missing security patches, Lack of physical security.

Question 52

Risk Management

Answer 52

Finding different ways to minimize the likelihood of an outcome occuring and achieve the desired outcomes.