1 Overview of Security Flashcards
(32 cards)
What is confidentiality
Information has not been disclosed to unauthorized people
What is integrity
Information has not been modified or altered without proper authorization
What is availability
Information is able to be stored, accessed, or protected at all times
What is the AAA of security
Authentication, Authorization, and Accounting
What is Authentication
When a person’s identity is established with proof and confirmed by a system
What is an example of something you know
A password or pin
What is an example of something you are
A fingerprint, retina scan, or voice
What is an example of something you have
when you get a one-time passcode from your phone
What is an example of something you do
Check in sheet
What is an example of somewhere you are
log in through a vpn
What is Authorization
Occurs when a user is given access to a certain piece of data or certain areas of a building
What is Accounting
Tracking of data, computer usage, and network resources. Non-repudiation occurs when you have proof that someone has taken an action
What are the different ways to mitigate threats
Physical Controls, Technical Controls, and Administrative Controls
What are some examples of Physical Controls
Alarm systems, locks, surveillance cameras, identification cards, and security guards
What are some examples of Technical Controls
Smart cards, encryption, access control lists (ACLs), intrusion detection systems, and network authentication
What are some examples of Administrative Controls
Policies, procedures, security awareness training, contingency planning, and disaster recovery plans. User training is the most cost-effective security control to use
What are the seven sections of the killchain
Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command & Control (C2), and Actions on Objectives
What is Reconnaissance
The attacker determines what methods to use to complete the phases of the attack
What is Weaponization
The attacker couples payload code that will enable access with exploit code that will use a vulnerability to execute on the target system
What is Delivery
The attacker identifies a vector by which to transmit the weaponized code to the target environment
What is Exploitation
The weaponized code is executed on the target system by this mechanism
What is Installation
This mechanism enables the weaponized code to run a remote access tool and achieve persistence on the target system
What is Command & Control (C2)
The weaponized code establishes an outbound channel to a remote server that can then be used to control the remote access tool and possibly download additional tools to progress the attack
What are Actions on Objectives
The attacker typically uses the access he has achieved to covertly collect information from target systems and transfer it to a remote system (data exfiltration) or achieve other goals and motives
