1.0 - Essential Security Principles Flashcards
(15 cards)
What are the three main principles of authorization?
1) least-privilege
2) need-to-know
3) implicit-deny
What is SIEM?
Security Information and Event Management - part of accounting - collects logs, detects incidents
What is SOAR?
Security Orchestration, Automation, and Response - part of accounting - automates responses to threats
What is Cisco ISE?
Identity Services Engine - a Cisco server that runs RADIUS
What are the “old” and “new” RADIUS ports?
old = UDP 1645-6
new = UDP 1812-3
If I encrypt a message using the receiver’s public key, and the receiver decrypts it using their private key, which CIA goal have we achieved?
Confidentiality
If I encrypt a message with a private key, and the recipient decrypts it with a public key, which goal have we achieved?
Authentication
What asymmetric encryption method results in both confidentiality and authentication at the same time?
Encrypting a message with the recipient’s public key, then encrypting it again with the sender’s private key.
Which is faster, symmetric or asymmetric ciphers?
symmetric, which is therefore less resource-intensive when sending large amounts of data
AES is (symmetric/asymmetric)
symmetric
RSA, DSA, DH, and ECC are all ______
asymmetric algorithms:
RSA - authentication
DSA - generate digital signatures
DH - key exchange
ECC - cryptography
What is SCEP?
Simple Certificate Enrollment Protocol, which is a way to automate requesting and installing root and identity certificates
What is OCSP?
Online Certificate Status Protocol, a way to verify the validity of a certificate
What is a CRL?
Certificate Revocation List, a list of revoked certs from a CA
What are the three commonly-used SHA hashing algorithms?
256, 384, and 512
