Study 2 Flashcards
What is the CIA Triad?
Confidentiality, Integrity, Availability
What is due care?
Taking reasonable actions to prevent harm
What does ISO 27001 specify?
Information security management system (ISMS) requirements
Who is responsible for data classification?
The data owner
What is data remanence?
Residual representation of data that remains after attempts to remove or erase it
What is defense in depth?
Layered security approach to protect assets
What does a firewall do?
Filters network traffic based on predefined rules
What is the purpose of IPSec?
Provides secure network communications using authentication and encryption
What is multifactor authentication (MFA)?
Authentication using two or more factors from different categories
What does RBAC stand for?
Role-Based Access Control
What is a vulnerability assessment?
Identifying and quantifying vulnerabilities in a system
What is the purpose of a security audit?
Evaluate compliance with security policies and standards
What is an incident response plan?
A set of procedures for detecting, responding to, and recovering from incidents
What does SIEM stand for?
Security Information and Event Management
What is the main goal of secure coding practices?
Prevent common vulnerabilities such as buffer overflows and injection attacks
What is the purpose of the OWASP Top 10?
Highlight the most critical security risks to web applications
What is confidentiality in the CIA triad?
Ensuring information is accessible only to those authorized.
What is integrity in the CIA triad?
Assurance that information is accurate and has not been altered.
What is availability in the CIA triad?
Ensuring timely and reliable access to information.
What is due diligence?
Ongoing activities to ensure due care is being applied.
What is the primary purpose of security governance?
To align security with business objectives.
What are administrative controls?
Policies, procedures, and guidelines that define roles and responsibilities.
What is risk appetite?
The level of risk an organization is willing to accept.
What is data classification?
Process of categorizing data based on sensitivity and impact.
What is the role of the data custodian?
Responsible for implementing and maintaining controls.
What is data owner responsible for?
Classifying data and determining access.
What is media sanitization?
Removing data from storage media to prevent data recovery.
What is a security perimeter?
Boundary where security controls are enforced.
What is the Bell-LaPadula model used for?
Maintaining data confidentiality.
What is the Biba model used for?
Ensuring data integrity.
What is a TPM (Trusted Platform Module)?
Hardware chip used for secure crypto operations.
What are symmetric encryption algorithms?
AES, DES, 3DES — use the same key for encryption and decryption.
What is a DMZ?
Demilitarized zone — adds a layer of protection between external and internal networks.
What is the difference between TCP and UDP?
TCP is connection-oriented; UDP is connectionless.
What does a proxy server do?
Intermediary between user and the internet for security and anonymity.
What is port 443 used for?
HTTPS (secure web traffic)
What is SSO?
Single Sign-On — allows user to log in once to access multiple systems.
What is LDAP?
Lightweight Directory Access Protocol — used for accessing and maintaining distributed directory info.
What are the three types of access control models?
Discretionary (DAC), Mandatory (MAC), Role-Based (RBAC)
What is identity federation?
Linking a user’s identity across multiple systems or organizations.
What is penetration testing?
Simulated attack to identify exploitable vulnerabilities.
What is the difference between white-box and black-box testing?
White-box: internal knowledge; Black-box: no prior knowledge.
What is a security audit?
Formal evaluation of an organization’s adherence to policies and regulations.
What is business continuity planning (BCP)?
Ensures critical functions continue during a disaster.
What is DRP (Disaster Recovery Planning)?
Strategies to restore IT systems after a disruption.
What is MTTR?
Mean Time to Repair — average time to recover from a failure.
What is separation of duties?
Dividing tasks among different people to reduce risk of fraud.
What is job rotation?
Moving employees between roles to reduce fraud and improve flexibility.
What is the SDLC?
Software Development Life Cycle — process of planning, creating, testing, and deploying software.
What is input validation?
Ensuring user input is safe and expected to prevent attacks.
What is buffer overflow?
Anomaly where a program writes data beyond buffer memory.
What is threat modeling?
Identifying and evaluating potential security threats to a system.
What is the STRIDE model?
Threat model: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege.
