Security Plus - Chapter 1 Flashcards
Confidentiality
Ensures that unauthorized individuals are not able to gain access to sensitive information.
Integrity
Ensures that there are no unauthorized modifications to information or systems, either intentionally or unintentionally.
Availability
Ensures that information and systems are ready to meet the needs of legitimate users at the time those users request them.
Confidentiality Controls
Firewalls
Access Control Lists
Encryption
Integrity Controls
Hashing
Integrity Monitoring Solution
Power surge protection
Availability Controls
Fault tolerance
Clustering
Backups
Nonrepudiation
A person that performed an action cannot later deny having taken that action. Digital signatures ensure nonrepudiation.
CIA Triad
Confidentiality, Integrity, Availability
DAD Triad
Disclosure, Alteration, Denial
Disclosure
The exposure of sensitive information to unauthorized individuals. Also known as data loss and a violation of the principle of Confidentiality.
Alteration
The unauthorized modification of sensitive information and is a violation of the principle of integrity.
Denial
The disruption of an authorized user’s legitimate access to information. This is a violation of the principle of Availability.
Types of breach impact risks
Financial
Reputational
Strategic
Operational
Compliance
Financial Risk
The risk of monetary damage to the organization as the result of a data breach.
Reputational Risk
Negative publicity surrounding a security breach that causes loss of goodwill among customers, employees, suppliers, and other stakeholders.
Strategic Risk
The risk an organization will become less effective in meeting its major goals and objectives as a result of a security breach.
Operational Risk
The risk to the organizations ability to carry out its day-to-day functions as the result of a security breach.
Compliance Risk
When a security breach causes an organization to run afoul of legal or regulatory requirements.
Control Objectives
Statements of a desired security state that the organization wishes to achieve.
Security Controls
Specific measures that fulfill the security objectives of an organization.
Gap Analysis
The Cybersecurity team reviews the control objectives for a particular organization, system, or service and then examines the controls designed to achieve those objectives. Any controls that do not meet the objectives are identified, and are considered potential risks that should be remediated as time and resources permit.
Technical Controls
A security control category that enforces confidentiality, integrity, and availability in the digital space.
Firewall rules
Access Control lists
Intrusion prevention systems
Encryption
Operational Controls
A security control category in which processes are established to manage technology in a secure manner.
User access reviews
Log monitoring
Vulnerability management
Managerial Controls
A security control category where procedural mechanisms that focus on the mechanics of the risk management process.
Risk assessments
Security planning exercises
Review security in change management
Physical Controls
A security control category where security controls that impact the physical access areas of an organization.
Fences
Lighting
Locks
Fire suppression
Burglar alarms
Preventive Controls
A security control type that intends to stop a security issue before it occurs.
Firewalls
Encryption
Deterrent Controls
A security control type that seeks to prevent an attacker from attempting to violate security policies.
Guard dogs
Barbed wire fences
Detective Controls
A security control type that identifies security events that have already occurred.
Intrusion detection systems
Corrective Controls
A security control type that remediates any security issues that have already occurred.
Restoration of backups
Compensating Controls
A security control type designed to mitigate the risk associated with exceptions made to a policy. Controls established to be used in place of a control that is not able to be implemented. These usually do not place the same control strength as the original, so used in conjunction with an exception.
Directive Controls
A security control type the informs users of the organizations systems what they should do to achieve security objectives.
Policies
Procedures
Data At Rest
Stored data that resides on hard drives, tapes, in the cloud, or on other storage media.
Data In Transit
Data that is in motion/transit over a network.
Data In Use
Data that is actively in use by a computer system.
Data Encryption
Technology that uses mathematical algorithms to protect information from prying eyes, while in transit over a network and while it resides on systems.
Data Loss Prevention
A system that helps organizations enforce information handling policies and procedures to prevent data loss and theft.
Pattern Matching
A DLP mechanism that watches for specific attributes of data that can be categorized as sensitive data.
Watermarking
A DLP mechanism where systems or administrators apply electronic tags to sensitive documents and the DLP system monitors the systems and networks for unencrypted data containing those tags.
Digital Rights Management
Enforces copyright and data ownership restrictions
Data Minimization
A technique that seeks to reduce risk by reducing the amount of sensitive information that we maintain on a regular basis.
Deidentification
A process that removes the ability to link data back to an individual, reducing its sensitivity.
Data Obfuscation
Transforming data into a format where the original information cannot be retrieved.
Hashing
Utilizes a hash function to transform a value in the dataset to a corresponding hash value.
Tokenization
Replaces sensitive values with a unique identifier using a lookup table.
Masking
Partially redacts sensitive information by replacing some or all of the sensitive fields with blank characters.
Rainbow Table Attack
The attacker computes the hashes of known candidate values and checks to see if those hashes exist in the data file.
Access Restrictions
Security measures that limit the ability of individuals or systems to access sensitive information or resources.
Geographic restrictions
Permission restrictions
Segmentation
Places sensitive systems on separate networks where they may communicate with each other but have strict restrictions on their ability to communicate with systems on other networks.
Isolation
Removes access for a system to or from an outside network.