SYO-701 Security Terminology and Standards Flashcards

1
Q

Confidentiality (CIA)

A

Only authorized persons can gain access to information and are able to read the information. A number of technologies, such as permissions (ACL) and encryption (at rest and in transit) , can be used to keep information confidential

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Integrity (CIA)

A

Ensure that when data is sent from a source to a destination, the information received at the destination has not been altered in transit. Data integrity also means that if you store a file on the drive open it later, you can be certain that the data has not been altered while in storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Integrity (CIA) concepts

A

Hashing:
Ensure data integrity when communicating over a network, the sending system runs the data through a mathematical algorithm, known as a hashing algorithm, which then generates an answer (known as the hash value). This
hash value is then sent with the data. On the receiving end of the
transmission, the destination system runs the data through the same mathematical algorithm to generate an answer (hash value).

Digital Signature:
created on a message in order to prove the integrity of the sender of the message.

Digital Certificate:
A digital certificate is an electronic file used to transport keys for encrypting or digitally signing messages

Nonrepudiation:
the concept of ensuring that someone cannot dispute that they sent a message or made a change.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Availability (CIA)

A

The concept of ensuring that the information is available when the
user wants it

Permissions - limits who can delete data and ensures availability to those who need it

Backups
Fault Tolerance:
Implement data redundancy solutions to ensure that if one of the hard drives fails, the other drives have a copy of the information. Having multiple drives work together this way is known as RAID, or Redundant Array of Independent Disk Clustering

Clustering:
Allows you to have multiple servers acting as one unit so that if one server fails, another server takes over the workload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Accountability (CIAA)

A

Accountability is ensuring that users are accountable for their
actions—if someone inappropriately deletes a file, for example, a record of that action exists to hold them accountable.

Log files
Audit files
Firewalls and proxy servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Identification and Authentication

A

Identification happens before authentication and is the process of having users identify themselves to the system. The most popular method companies use to identify individual users is to give each user a unique username. The users type their username into the system in order to identify themselves. After the user inputs the identifying information (the username), the user inputs the password for that account for purposes of authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Authorisation

A

Once authenticated, users are given access to different resources.

Permissions
Router ACLs
Proxy servers:
Can control what web sites can be visited or even what types of Internet applications can
be used by the internal users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Security principles (Least Privilege, Separation of Duties, and Rotation of Duties)

A

Least privilege means that you give a user only the minimum level of permissions needed to perform their tasks or duties

Separation of Duties means you ensure that all critical tasks are
broken down into different processes and that each process is performed by a different employee

Rotation of Duties s is the principle of rotating multiple employees through different job roles. Ensures accountability and redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Diversity of Defence

A

Concept that you should use different products to increase the level of security in your environment. Although all products have vulnerabilities, the vulnerabilities are different for each of the different products, and the
hacker will have to work extra hard to get through each different product.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Vulnerability and Exploit

A

Vulnerability is a weakness in a piece of software or hardware that was created by the manufacturer by accident. Once a vulnerability is found, hackers work on a way to exploit the weakness and compromise the system security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Types of vulnerabilities

A

Use of open-source intelligence
Improper input handling
Misconfiguration/weak configuration
Default configuration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Authorised, Unauthorised, and Semi-authorised Hackers

A

Authorised hackers
Also known as a white-hat hacker, an authorized hacker learns how to compromise system security for
defensive purposes, meaning they are doing it to better learn how to
protect the system or network

Unauthorized hacker:
Also known as a black-hat hacker, an unauthorized hacker compromises systems or networks for malicious reasons

Semi-authorized hacker:
Also known as a gray-hat hacker, a semi-authorized hacker is a person who hacks into systems for
non-malicious reasons

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Advanced persistent threat (APT)

A

Advanced persistent threat (APT) Advanced persistent threats
(APTs) are individuals or groups that perform highly comprehensive, well-planned attacks that give them long-term access to the target systems. Long-term access to a system is needed so that the attacker can collect sensitive information over a long
period of time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Structure of a policy

A

Overview
Scope
Policy
Enforcement
Definitions
Revision History

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Types of Policies

A

Standard:
A standard policy is a policy that needs to be followed and typically covers a specific area of security

Guidelines:
Recommendations on how to follow
security best practices

Procedure:
also known as a standard operating procedure (SOP). The SOP documents step-by-step procedures
showing how to configure a system or device, or step-by-step instructions on how to implement a specific security solution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Security control

A

are used to identify any mechanism used to protect an asset within the organization. Examples of security
controls are firewalls, antivirus software, and access control list

17
Q

Acceptable Use Policy (AUP)

A

AUP lets the users know what the company considers acceptable use of many topics, including:
Internet
e-mail
laptops
mobile devices
social media

18
Q

Password Policy

A

points to consider:

minimum password length
password history
maximum password age
minimum password age
password complexity

19
Q

Adverse Actions

A

each policy should specify adverse actions for anyone who does not follow the security policies.

20
Q

Change control/management policy

A

Specifies the process to follow when
implementing a change to the network. Specifies procedures to follow should reduce mistakes in configuration because a process can ensure that the change will be properly tested

21
Q

Security clearance and data labels

A

Classification labels (such as secret, top secret, or even unclassified) are assigned to the information, or assets. Once all of the assets have their classification labels assigned, you can then assign employees their security clearance levels that determine which assets they can access.

22
Q

Mandatory vacations

A

The importance of taking vacation time is that it helps detect fraudulent or suspicious activities within the organization because another employee will need to take over the job role while someone is on vacation. This will help keep employees honest in their job functions because they know they will be held accountable for irregular activities discovered during their absence

23
Q

Memorandum of Understanding

A

An MOU is a document that establishes an agreement between the two parties and specifies
their relationship to one another.

24
Q

Statement of Work

A

An SOW outlines the type of work a
company is being hired for, the timeline for that work, the cost of
the work performed, the payment schedule, and any conditions
related to the work.

25
Q

Measurement systems analysis

A

The MSA h is a mathematical operation used to determine variants within a measurement process.

26
Q

ISO/IEC 17799

A

The International Standards Organization (ISO) and the International Electrotechnical Commission (IEC) created the ISO/IEC 17799 standard, which specifies best practices for information security management.
ISO/IEC 17799 breaks the management of information security into different categories (typically known as domains).

27
Q

PHI and HIPAA

A

Protected health information (PHI)
is health information about a patient, their care, health status, and payment history that is protected by rules in the Health Insurance Portability and
Accountability Act (HIPAA). Organizations will typically anonymize this information from the patient to maintain their privacy.

28
Q

Personally Identifiable Information

A

PII is any information that can
uniquely identify a person. It should be protected at all times (examples include national identification number and driver’s licence number)

29
Q

General Data Protection Regulation (GDPR)

A

GDPR is a European regulation that is designed to protect private data of individuals. Organizations that process or handle personal data must have security controls in place to ensure unauthorized access to the private data does not occur

30
Q

Center for Internet Security (CIS)

A

CIS is a nonprofit organization formed in 2000 that creates and promotes cybersecurity
defense best practices to help safeguard systems

31
Q

National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)
Cybersecurity Framework (CSF)

A

The NIST Risk Management Framework (RMF) is a document that outlines the steps to integrate security risk management into the system development lifecycle. The framework is broken into seven phases to perform risk management.

The NIST Cybersecurity Framework is a resource from NIST
that is a set of strategies to help companies manage cybersecurity
risk

32
Q

NIST SP 800-171

A

NIST Special Publication 800-171 is a recommended standard for federal organizations to secure
information while it is being processed, stored, and used on
nonfederal systems. This framework defines a number of technical controls that can be used to safeguard the information

33
Q
A