Test 1 Flashcards

1
Q

Technical Security Controls aka Logical Security Controls
(give examples)

A

Controls handled by computer systems, like software, hardware or firmware, made to automate security functions and enforce security policies:

Examples:
Encryption,
firewalls,
IDSs(intrusion Detection Systems,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Managerial security controls aka Administrative Security Controls

A

Policies, procedures, and guidelines set by management focussed on reducing the risk of security incidents.

Examples:
Organizational security policy ,
Risk assessments,
Security awareness training,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Operational Security Controls
(give examples)

A

Focused on day-to-day procedures, primarily handled by people. Used to ensure that the equipment continues to work and operations continue as normal

Examples:
Configuration Management,
Patch Management,
System backups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Physical security controls

A

Controls designed to deter, detect, and prevent unauthorized access, theft, damage, or destruction of material assets.

Examples:
Security guards,
Access control vestibules,
Lighting,
Fencing/Barricades

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Preventive Security Controls

A

Proactively prevent security incidents from occurring or reduce the likelihood of security threats before they cause harm.

Examples:
AV software ,
Firewalls,
Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Deterrent security controls

A

Designed to discourage potential attackers by increasing the perceived difficulty, risk, or consequences of their actions.

Examples:
Lights,
Fences,
Warning Signs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Detective security controls

A

measures implemented to detect and identify security incidents or unauthorized activities that have already occurred within an organization’s systems, networks, or facilities.

Examples:
IDS,
Log monitoring,
Security audits,
CCTV,
Vulnerability scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Corrective security controls

A

Designed to mitigate the impact of security incidents after they occur.
2 Goals:
1) restore affected systems
2) implementing measures to prevent it from happening again

Examples:
IRPs (Incident Response Plan),
Backups and System Recovery,
Forensic Analysis and Investigation,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Compensating security controls

A

Alternative ways to address security requirements when primary controls cannot be used. These controls aim to achieve equivalent or comparable levels of security by mitigating risks in alternative ways. Here are some

Examples:
Temporary service disablement,
MFA,
Backup power systems,
Sandboxing,
Temporary port blocking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Directive security controls

A

Security controls that are implemented through policies and procedures.

Examples:
IRP,
AUP “acceptable use policy”,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CIA Triad

A

Basic principles of information security.
It stands for Confidentiality, Integrity, and Availability, representing the three core objectives for protecting information systems and data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Non-Repudiation

A

Refers to the ability to prove that a specific action or communication originated from a particular party and cannot be denied by them later.
Ensures:

proof of origin - digital signatures or message authentication codes (MACs), which verify the identity of the sender and ensure that the message has not been altered in transit.

proof of delivery - such as acknowledgment receipts or timestamps, provide evidence that the message was successfully delivered to the intended recipient

proof of integrity - accomplished through cryptographic techniques such as hashing or digital signatures, which generate unique identifiers (hashes) that can be used to verify the integrity of the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which type of user account violates the concept of non-repudiation?

A

A shared user account violates the concept of non-repudiation. Shared user accounts are accounts that multiple individuals use to access systems, applications, or resources. Because multiple users have access to the same account credentials (such as username and password), it becomes difficult to attribute specific actions or transactions to a particular individual.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The AAA security architecture/ AAA security framework/AAA model

A

stands for Authentication, Authorization, and Accounting. It is a comprehensive framework used in network and information security to control access to resources, verify the identity of users, and track their activities. Let’s break down each component

Authentication: the process of verifying the identity of users or entities attempting to access systems, applications, or resources. (people auth: usernames/passwords, MFA, biometrics).

Authorization: what actions or operations authenticated users are allowed to perform after they have been successfully authenticated. It specifies the access rights, privileges, and permissions granted to users based on their identity, roles, or attributes. (Role-based access control (RBAC), Attribute-based access control (ABAC), Mandatory access control (MAC))

Accounting: Accounting involves tracking and logging users’ activities, actions, and resource usage for auditing, monitoring, and billing purposes. (logging, reporting, auditing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

examples of solutions that provide AAA functionality:

A

1) RADIUS (Remote Authentication Dial-In User Service)

2) TACACS+ (Terminal Access Controller Access-Control System Plus)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Common methods of device authentication used within the AAA framework?

A

Digital certificates, IP addresses , MAC addresses