Explaining Common Security Concepts Flashcards
Three principles of security control and management. Also know. As the information security triad. Also referred to in reverse order as the AIC triad
CIA triad
Weakness that could be triggered accidentally or exploited intentionally to cause a security breach
Vulnerability
Potential for an entity to except use a vulnerability that is to breach security.
Threat
Likelihood and impact (or consequence) of a threat actor exercising a vulnerability
Risk
Process for verifying compliance with a health policy by using host health checks.
Posture assessment
Business or organizational activity that is too critical to be deferred for anything more than a few hours if at all
Mission essential function (MEF)
Systematic activity that identifies organizational risks and determines their effect on ongoing, mission critical operations. Also called process assessment.
Business Impact Analysis (BIA)
Specific method by which malware code infects a target host, often via some vulnerability in a software process.
Exploit
Vulnerability in software that is unpatched by the developer or an attack that exploits such a vulnerability
Zero-day
Evaluation of a systems security and ability to meet compliance requirements based on the configuration state of the system, as represented by information collected from the system. Also called vulnerability testing.
Vulnerability assessment
Scheme for identifying vulnerabilities developed by MITRE and adopted by NIST
Common vulnerabilities and exposures (CVE)
Solution that provides real-time or near-real-time analysis or security alerts generated by network hardware and applications
Security Information and Event Management (SIEM)
Test that uses active memory oils and security utilities to evaluate security by simulating an attack on a system. A pen test will verify that a threat exists then will actively test and bypass security controls and will finally exploit vulnerabilities on the system.
Penetration testing
Basic principle of security stating that something should be allocated the minimum necessary rights, privileges or information to perform its role.
Least privilege
Access control model where resources are protected by ACLs that are managed by administrators and that provide user permissions based on job functions
Role based access
Security design paradigm where any request (host to host or container to container) must be authenticated before being allowed.
Zero trust
Policies and procedures to identify vulnerabilities and ensure security of the supply chain.
Vendor management
Collection of access control entries (ACEs) for hat determines which subjects (user accounts, host IPs, and so on) are allowed or denied access to the object and the privileges given (read only, read/write, and so on)
Access control list (ACL)
Security process that provides identification, authentication and authorization mechanisms for users, computers, and other entities to work with organizational assets like networks, operating systems and applications.
Identity and access management (IAM)
Authentication scheme that requires the user to present at least two different factors as credentials from: something you know, something you have, something you are, something you do and somewhere you are. Specifying two factors is known as 2FA.
Multifactor
OS subsystem that authenticates users when they attempt to start a shell on the host.
Local authentication
Function that converts an arbitrary length string input to a fixed length string output. A cryptographic hash function does this in a way that reduces the chance of collisions where two different inputs produce the same output. Also called message digest or cryptographic hash.
Hashing
Authentication technology that enables a user to authenticate once and receive authorizations for multiple services.
Single sign on (SSO)
Single sign on authentication and authorization service that is based on a time sensitive ticket granting system.
Kerberos
