What is Information Security Flashcards
What are the three elements of the CIA Triad?
Confidentiality, Integrity, and Availability
Define “Information Security”.
Information security is the protection of information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
What is the primary goal of Information Security?
The primary goal of information security is to ensure the confidentiality, integrity, and availability of information.
What is a threat in Information Security?
A threat is any potential danger that can exploit a vulnerability to breach security and cause harm.
Define a vulnerability in the context of Information Security.
A vulnerability is a weakness in a system that can be exploited by a threat to gain unauthorized access or cause harm.
What is Confidentiality in the CIA Triad?
Ensures that only authorized users can access sensitive data.
What is Integrity in the CIA Triad?
Ensures that data is accurate and unaltered unless changed by authorized users
What is availability in the CIA Triad?
Ensures that data and systems are accessible when needed by authorized users.
What Are the six elements of the Parkerian Hexad?
Confidentiality, Integrity, Availability, Possession/Control, Authenticity, Utility
What is Possession/Control in the Parkerian Hexad?
Ensures that an entity physically or digitally controls data, even if confidentiality is maintained.
What is Authenticity in the Parkerian Hexad?
Ensures that data and identities are genuine and not forged.
What is Utility in the Parkerian Hexad?
Ensures that data is useful and in a readable format when accessed.
What are the four types of attacks?
Interception, Interruption, Modification, Fabrication,
What is a risk in Information Security?
The likelihood and impact of a threat exploiting a vulnerability.
What is an impact in Information security
The consequence or damage if a threat successfully exploits a vulnerability.
What are the steps of the Risk Management process?
Identify assets
Identify threats
Assess vulnerabilities
Assess risk
Mitigate risk
Monitor and Review
What are the six steps of the Incident Response Process?
Preparation
Detection & Analysis
Containment
Eradication
Recovery
Post-Incident Activity
What is the goal of Risk Management?
To identify, assess, and mitigate risks to minimize potential security threats.
What is a risk assessment?
A detailed evaluation of threats, vulnerabilities, and impacts to determine risk levels.
What is a Business Impact Analysis (BIA)?
A process to determine how risks affect business operations.
What is the difference between qualitative and quantitative risk analysis?
Qualitative = Subjective ranking of risks (e.g., low, medium, high).
Quantitative = Numerical risk measurement (e.g., financial loss in dollars).
What is the goal of the Incident Response Process?
To detect, contain, and recover from security incidents efficiently to minimize damage.
What are the three main types of security controls?
Administrative Controls – Policies and procedures.
Technical Controls – Security technologies (firewalls, encryption).
Physical Controls – Security measures for physical assets (locks, cameras).
What is Defense in Depth (DiD)?
A layered security approach that uses multiple security controls to protect systems so that if one control fails, others remain in place.
What are the layers of the Defense in Depth?
Data Layer – Protects sensitive data itself.
Application Layer – Secures software applications.
Host Layer – Protects endpoints like servers and workstations.
Internal Network Layer – Monitors and controls internal network traffic.
Perimeter Layer – Secures the boundary between internal and external networks.
External Network Layer – Protects against external threats (internet-facing defenses).
Which type of attack only affects Confidentiality?
Interception.
What type of attack affects Integrity and Availbility?
Interruption
Modification
Fabrication
What is a Fabrication attack? Give some examples
An attack where false or counterfeit data is inserted into a system.
Example: Email spoofing, generating fake log entries.
What is a Modification attack? Give some examples.
A: An attack where data is altered, tampered with, or changed without authorization.
Example: Unauthorized file editing, SQL injection.
What is an Interruption attack? Give some examples.
An attack that makes assets unavailable or unusable.
Example: Denial-of-Service (DoS) attack, ransomware.
What is an Interception attack? Give some examples
an attack where an unauthorized party gains access to data, applications, or systems.
Example: Eavesdropping on network traffic, Man-in-the-Middle (MitM) attack.
