SESSION 04: Policy Goal and Mechanisms

Question 1

Three goals of cybersecurity?

Answer 1

1. Protect data confidentiality
2. Maintain data integrity
3. Make data available to authorized users.

Question 2

CIA triad?

Answer 2

Confidentiality
Integrity
Availability

Question 3

What is confidentiality?

Answer 3

Keeping sensitive information secret and only available to authorized individuals.

Question 4

How to ensure confidentiality?

Answer 4

1. User strong password
2. Encrypt data
3. Access control
4. Secure communication
   5 Regular updates
5. Provide proper training and awareness 7. Data minimization

Question 5

Tools for confidentiality?

Answer 5

1. Encryption of data
2. Data Masking
3. Establish a confidentiality policy
4. Authentication
   5.Authorization
5. Access control
6. Two-factor or multi-factor authentication

Question 6

What is Integrity?

Answer 6

Accuracy and consistency of data.
Ensures that information remains unaltered.

Question 7

How to ensure Integrity?

Answer 7

1. Access control
2. Data encryption
3. Regular backups
4. Data validation
5. Version control

Question 8

Tools for integrity?

Answer 8

1. Backups
2. Data validation
3. Checksums and hashing
4. Audit trails
5. Data correcting codes

Question 9

What is Availability?

Answer 9

Ensuring that information and resources are accessible and operational when needed.

Question 10

Tools for availability?

Answer 10

1. Physically protection of data
2. Disaster recovery plan
3. Computational redundancy
4. Failover

Question 11

What is Security mechanism?

Answer 11

A set of processes that handle recovery from security attacks.

Question 12

What are the types of security mehanisms?

Answer 12

1. Encryption
2. Access control
3. Data Integrity
4. Digital signature
5. Bit stuffing