Security Basics Flashcards
What is the CIA Triade?
Confidentiality, Integrity, Availability
What is Confidentiality?
The ability to keep data secret usually utilizing the principle of “least privilege”
What is Integrity?
The ability to keep data accurate and making sure it is trusted and is protected from intentional, unauthorized, or accidental changes while the object is in storage, in transit, or in process.
What is Avalibility?
Availability is the security principle that provides a high level of assurance that authorized subjects have timely and uninterrupted access to data, objects, and resources when needed.
What is the IAAA (I Triple A)?
The process of holding users accountable within a system
Identification, Authentication, Authorization, Accountability
What is Identification?
The process of declaring who you are (usually username)
What is Authentication?
Proves who you are (password, pin, biometric, ect…) to a system
What is Authorization?
the amount of access users have within a system
What is Auditing?
It is the ability to collect data on what is happening within a system
What is accountability?
Acting on data gathered from from Auditing
What is Nonrepudiation?
A subject cannot deny an event has taken place
What basic Security Controls should every organization implement?
User Training, Endpoint Protection Software, Encryption, and Access Controls (Software and Physical)
