SSCP Flashcards
Referred to as the AIC Security triad:
- Availability
- Integrity
- Confidentiality
What are the three primary goals of information security are:
- Preventing the loss of availability
- The lost of integrity
- The loss of confidentiality
Organizations protect against loss of availability by using:
- Backups
- Redundant disks
- Redundant servers
- Redundant connections
- Redundant sites
Backup
- Capture a copy of the data
- A copy of backup data is kept in an offsite location
Redundant disks
Redundant Array of independent disks (RAID) systems can automatically switch over to the drive holding the mirrored add without user intervention.
Redundant Server
Failover clustering uses multiple servers and ensures that a service is still provided even if a server fails.
Redundant connections
Two or more connections are used so that even if one fails, the organization still has connectivity.
Redundant sites
Redundant sites are known as hot sites (ready at a moment’s notice), cold sites (an empty building with electricity and running water), and warm sites (a cross between a hot site and a cold site).
Availability
Ensures that authorized users can access any resource when it’s needed.
Fault-tolerant and redundant technologies
Ensure that availability is not lost even if a system suffers a failure.
Integrity
Prevents any unauthorized or unwanted modification of data. It ensures that data is correct and current.
hash
Is simply a number created by performing a mathematical algorithm against a file or message. As long as the file or message stays the same, the hash (the number) will always be the same.