Cybersecurity Flashcards

(20 cards)

1
Q

What does the CIA Triad stand for?

A

Confidentiality, Integrity, Availability

The CIA Triad is a foundational concept in cybersecurity that emphasizes the importance of protecting data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the purpose of encryption in cybersecurity?

A

Prevent unauthorized data access

Encryption is a method of securing data by converting it into a coded format.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How does hashing contribute to data integrity?

A

Ensures data remains unaltered

Hashing creates a unique fixed-size string from data, allowing verification of its integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is redundancy in the context of availability protection?

A

Keep systems accessible when needed

Redundancy involves having backup systems or components to ensure continuous availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are strong password characteristics?

A

12+ characters, mixed case, numbers, symbols

Strong passwords help protect against unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the maximum password expiration policy recommended?

A

90-day maximum, 1-day minimum age

Regularly changing passwords reduces the risk of unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does multi-factor authentication involve?

A

Something you know + have + are

Multi-factor authentication enhances security by requiring multiple forms of verification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the principle of least privilege?

A

Minimum permissions needed for job function

This principle limits access rights for users to the bare minimum required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe role-based access control (RBAC).

A

Permissions assigned by job role

RBAC restricts system access based on the roles of individual users within an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is mandatory access control (MAC)?

A

System-enforced by data classification

MAC restricts access to resources based on the classification of the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does a clean desk policy entail?

A

Secure documents when away from desk

This policy helps protect sensitive information and reduce risks of data breaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the purpose of a firewall?

A

Control inbound/outbound network traffic

Firewalls act as a barrier between trusted and untrusted networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does VPN stand for and its function?

A

Virtual Private Network; secure tunnel over untrusted networks

VPNs encrypt internet traffic to protect user privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the function of antivirus software?

A

Detect and remove malware threats

Antivirus software is essential for protecting systems from malicious software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is data loss prevention (DLP)?

A

Monitor and control data movement

DLP solutions help prevent sensitive data from being lost or misused.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the key components of incident response?

A
  • Incident identification
  • Containment procedures
  • Evidence preservation
  • Communication plan
  • Recovery procedures
  • Lessons learned

A structured approach to managing and mitigating security incidents.

17
Q

What does the 3-2-1 backup rule entail?

A

3 copies, 2 media types, 1 offsite

This rule is a best practice for ensuring data redundancy and recovery.

18
Q

What is the purpose of behavioral analysis in malware prevention?

A

Detect suspicious program behavior

Behavioral analysis helps identify malware based on its actions rather than signatures.

19
Q

What is single sign-on (SSO)?

A

Reduce password fatigue securely

SSO allows users to access multiple applications with one set of credentials.

20
Q

What does the shared responsibility model refer to in cloud security?

A

Understand provider vs customer duties

This model clarifies the security responsibilities of both cloud service providers and customers.