Chapter 1 - Networking Security Concepts Flashcards
Network security objectives involve what 3 basic concepts?
Confidentiality, integrity, and availability. CIA
When it comes to users, what is a key part of a comprehensive security policy?
Training users and remembering that users themselves represent a security risk.
What are 2 types of data?
1) Data in motion as it moves across the network
2) Data at rest, when data is sitting on storage media
What does confidentiality mean?
Only the authorized persons or systems can view sensitive or classified information. It also implies that unauthorized individuals should not have any type of access to the data.
What is the primary way to protect data in motion?
Encrypting the data.
What does integrity mean?
Changes made to the data are only done by authorized individuals or systems.
What is corruption of data?
Failure to maintain data integrity.
What is availability?
Applies to system and data - if a system is not available to end users this may have a significant impact on a business whose users rely on it. This can equate to loss of revenue.
What is risk management?
Based on specific principles and concepts related to both asset protection and security management.
What is an asset?
An item that is to be protected. It can include property, people, and information. Also, intangible items such as proprietary info or trade secrets.
What is a vulnerability?
An exploitable weakness of some type. This can be from a malicious attack or accidentally triggered by because of a failure or weakness in the policy, implementation, or software running on the network.
What is a threat?
This is what you are protecting against. It’s anything that attempts to to gain unauthorized access to, compromise, destroy, or damage an asset.
Why must you be ever diligent to keep up with threats?
Threats can morph and be modified over time.
What is risk?
The potential for unauthorized access to, compromise, destruction, or damage to an asset.
How do you reduce the potential for a threat to be successful and reduce overall risk?
Ensuring that proper countermeasures and protections are in place.