1.0 General Security Concepts Flashcards
(44 cards)
What do technical controls entail?
File storage policies, Block instead of patch, backup recovery, system logs, splash screen (login page), firewall
What do Managerial controls entail?
People policies like on-boarding, threat of demotion, Login reports, reporting issues, seperation of duties, compliance politices
What do Operational controls entail?
Awareness programs for IT security, using people to set controls, guard shack, security policy training, require multiple security staff, contact authorities, property patrols, reception desk, guard shack
PEOPLE
What do Physical controls entail?
Locks, warning signs, Fire extinguishers, power generators authorized personel signs, badge readers
PHYSICAL THINGS
What is the CIA traid?
Availability, Integrity, Confidentiality
What does non-repudiation mean?
Way to prove that the person who sent a piece of data says who they are
What is proof of integrity and how to validate this?
Prove that the data is the same from when its sent. No tampering involved.
- Hashing algoirhtms
What is proof of origin and how to validate this?
Proof that the person who sent it is actually them
- Private public keys
- Certificates
What is a CA? and what does it do?
CA is a certificate authority that give sout certificates. They do the signing
How is a CA verified?
By a root CA that allows these CAs to create tickets
Best model for allowing multiple people to access certain files/data?
Role based access
What is Gap Analysis?
Comparing where you are now to where you want to be
What are the two planes for zero trust?
Data Plane and Control Plane
How does data plane differ from control plane?
Data plane is the one actually moving the data while the control plane focuses on rules/policies for how that data is transferred
What are two frameworks for gap analysis and what is the goal of frameworks here?
ISO/IEC 27001 and NIST special publication 800-171 revision
Goal is to establish a baseline of where your company is at for different levels of security, CIA traid etc…
How does ISO/IEC 270001 and NIST differ?
ISO/IEC 270001 focuses on information security management systems while NIST special publication 800-171 revision focus on protecting controlled unclassified information in nonfederal systems and organization
What are Honeypots, honeynets, honey files, honey tokens
Honeypots - Delicious files or data for attackers
Honeynets - Bunch of honeypots that look like an actual system or as real as we can get
Honeyfiles - files that contain fake information
Honeytokens - ways to track this piece of data if a hacker gets it
In change management such as patching or updating, what are some key ideas to think about before updating?
Only the owner can update and must make sure everything/everyone is on the same page and working
- Have a backout plan
- Maybe first test in a sandbox
- make sure a approval for all changes is given prior
In technical change management, what are some key ideas here?
Allow and deny lists
- Downtime annoucement
- Restart annoucement
- Legacy Applications
- Dependices - what depends on what if you do update
- Documentation of policies
What is symmetric encryption and what is it good for?
A single shared key, you decrypt and encrypt with it.
Good for small limited uses
What is asymmetric encryption and what is it good for?
A public-private key system where the public key is seen by everyone while the private key is only available for one person.
Encrypt with public keys but only the private key can decrypt it
Key escrow
Someone else holds your decryption keys, third trusted parties
If you wanted to transport data through the internet safely, what would you use?
HTTPS, VPN
What do client based VPNs use?
SSL/TLS
