Chapter 1: Mastering Security Basics

Question 1

What are the three core goals of Cybersecurity?

Answer 1

Maintaining confidentiality, integrity, and availability. AKA CIA.

Question 2

What is confidentiality?

Answer 2

The ability to prevent the unauthorized disclosure of information.

Question 3

What is encryption?

Answer 3

Any number of methods that scramble data to make it unreadable to unauthorized personnel.

Question 4

What are the three core identity and access control management activities of access controls?

Answer 4

Identification, Authentication, and Authorization.

Question 5

What is Identification?

Answer 5

When a user claims an identity (e.g. userID, username, email).

Question 6

What is Authentication?

Answer 6

When a user proves their identity (through something they know, something they have, something they are, or somewhere they are).

Question 7

What is Authorization?

Answer 7

Determines what resources to grant or restrict access to based on some rules.

Question 8

What is Integrity?

Answer 8

The various methods that prevent the unauthorized alteration of information or systems. It keeps info safe from intentional or accidental changes.

Question 9

What is Hashing?

Answer 9

An integrity method that converts data into a fixed-size hash value to ensure data integrity, prevent tampering, and verify authenticity.

Question 10

What is Availability?

Answer 10

The various methods that ensures authorized users are able to access information and systems when they need them.

Question 11

What is Redundancy?

Answer 11

Adds duplicates of critical systems to provide FAULT TOLERANCE.

Question 12

What is Fault Tolerance?

Answer 12

The ability for a system to continue functioning despite the failure of one or more components.

Question 13

What are Disk Redundancies?

Answer 13

A method of storing the same data in multiple locations to ensure data availability and fault tolerance in case of hardware failure.

Question 14

What are Server Redundancies?

Answer 14

Additional standby/backup servers can continue to make services available when the operating server fails.

Question 15

What are Network Redundancies?

Answer 15

Adding additional bandwidth support in case any network path fails.

Question 16

What are Power Redundancies?

Answer 16

Adding backup power sources in case commercial power fails (e.g. uninterruptible power supplies aka UPSs).

Question 17

What is Scalability?

Answer 17

The ability to increase the capacity of your system/service in the face of increasing demand.

Question 18

What is Horizontal Scalability?

Answer 18

Increasing the capacity of system/services by adding more servers to existing infrastructure.

Question 19

What is Vertical Scalability?

Answer 19

Increasing the capacity of system/services by adding more resources to pre-existing servers (e.g. such as RAM, CPU power, storage, etc).

Question 20

What is Elasticity?

Answer 20

The automation of scalability by having systems add/remove resources as needed.

Question 21

What is Patching?

Answer 21

A process that ensures that systems stay available by keeping them up-to-date with patches that resolve bugs that can compromise CIA.

Question 22

What is Resiliency?

Answer 22

The ability for a system to heal itself/recover from faults with minimal downtime.

Question 23

What is the difference between high availability and resiliency?

Answer 23

High availability is proactive by keeping services alive continuously whilst resiliency is reactive by accepting failure might happen but prepares itself to recover quickly from them.

Question 24

What is Risk?

Answer 24

The possibility of a threat exploiting a vulnerability resulting in a loss.

Question 25

What is a Threat?

Answer 25

Any circumstance/event that has the potential to compromise CIA.

Question 26

What is a Security Incident?

Answer 26

An adverse event/series of events that can negatively affect the CIA of an organization's IT.

Question 27

What is Risk Mitigation?

Answer 27

The methods used to reduce the chances that a threat will exploit a vulnerability or the impact that the risk will have on the organization if it does occur.

Question 28

What are Control Categories?

Answer 28

They describe how particular controls work.

Question 29

What are Technical Controls?

Answer 29

They use technology (e.g. hardware, software, and firmware) to reduce risk.

Question 30

What are Managerial Controls?

Answer 30

They are primarily administrative in function. They are typically documented in an organization's security policy and focus on managing risk.

Question 31

What are Operational Controls?

Answer 31

They help ensure that the day-to-day operations of an organization comply with security policy. People implement them.

Question 32

What are Physical Controls?

Answer 32

They impact the physical world (e.g locks on doors, fences, security guards).

Question 33

What are Control Types?

Answer 33

They describe the goal the control is meant to achieve.

Question 34

What are Preventive Controls?

Answer 34

These controls attempt to prevent an incident from occurring.

Question 35

What are Detective Controls?

Answer 35

These controls attempt to detect incidents after they have occurred.

Question 36

What are Corrective Controls?

Answer 36

These controls attempt to restore normal operations after an incident occurs.

Question 37

What are Deterrent Controls?

Answer 37

These controls attempt to discourage individuals from causing an incident.

Question 38

What are Compensating Controls?

Answer 38

These are alternative controls used when primary controls are not feasible (e.g. using a tmp account for new hires).

Question 39

What are Directive Controls?

Answer 39

These are controls that provide instruction to individuals on how they should handle security related situations that arise.

Question 40

What are some examples of Technical Controls?

Answer 40

Encryption, Antivirus software, IDSs & IPSs, Firewalls, and the least privilege principle.

Question 41

What are examples of Managerial Controls?

Answer 41

Risk assessments and vulnerability assessments.

Question 42

What are examples of Operational Controls?

Answer 42

Awareness and training, configuration management, and media protection.

Question 43

What are examples of Physical Controls?

Answer 43

Any control that can be physically touched such as locks, fences, vestibules, etc.

Question 44

What are some examples of Preventive Controls?

Answer 44

Hardening, training, security guards, account disablement process, or IPSs.

Question 45

What are examples of Deterrent Controls?

Answer 45

Warnings signs and login banners.

Question 46

What are examples of Detective Controls?

Answer 46

Log monitoring, Security Information and Event Management (SIEM) systems. security audits, video surveillance, motion detection, or IDSs.

Question 47

What are examples of Corrective Controls?

Answer 47

Backups & system recovery and incident handling processes.

Question 48

What are examples of Compensating Controls?

Answer 48

A new hire cannot use the primary method of authentication, so they need to use a TOTP in the meantime.

Question 49

What are examples of Directive Controls?

Answer 49

Policies, standards, guidelines, and change management.

Question 50

What are Logs?

Answer 50

Logs are entries that help identify what happened, when it happened, where it happened, and who/what did it.

Question 51

What is a Security Information and Event Management (SIEM) system?

Answer 51

SIEM provides a centralized solution for collecting, analyzing, and managing data from systems, applications, and infrastructure devices.

Question 52

What is Security and Event Management (SEM)?

Answer 52

SEMs provide real-time monitoring, analysis, and notification of security events.

Question 53

What is Security Information Management (SIM)?

Answer 53

SIMs provide long-term storage of data, along with methods of analyzing the data for trends or creating reports needed to verify compliance with laws and regulations.

Question 54

What is Syslog?

Answer 54

A syslog protocol specifies a general log entry format and details how to transport log entries.

Question 55

What is an Originator? (in the context of Syslog)

Answer 55

Any system sending syslog messages.

Question 56

What is a Collector? (in the context of Syslog)

Answer 56

Any device that receives syslog messages.