Finals Flashcards
(28 cards)
What is Information Security?
Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
What are Information Assets
Information assets are valuable data in various forms, including physical and digital
items.
What are Information Assets Examples
Paper documents
digital files
databases
passwords
encryption keys
software
source code
What is the 2 Levels of Security
Balance: Security implementation should balance protection with productivity.
Considerations: Evaluate security level based on asset value and acceptable performance.
What is the CIA Triad
Confidentiality: Protecting data from unauthorized access
Integrity: Preventing unauthorized or undesirable changes to data.
Availability: Ensuring access to data when needed.
What is International Information Security Standard: ISO/IEC 27001
Definition: International standard for information security management systems (ISMS).
Objective: Manage information security by addressing people, processes, and technology.
List the 3 types of Security Controls
Preventive
Detective
Corrective
Definition: Measures to mitigate risk and protect against threats.
What are the 3 types of Security Threats?
Abusers and Misusers: Unauthorized use or misuse of privileges.
- Accidental Occurrences: Employee actions causing damage or data loss.
- Natural Physical Forces: Environmental threats like earthquakes, floods, and fire.
What is the Parkerian Hexad
Confidentiality
Possession: Physical control of data medium
Integrity
Authenticity: Proper attribution of data ownership.
Availability
Utility: How useful the data is to the owner.
Organizations must adhere to industry-specific regulations such as these 3:
PCI-DSS
HIPAA
FERPA
What is Social Engineering
Social engineering involves manipulating individuals to divulge confidential information, often
targeting passwords, and bank details, or attempting to install malicious software.
How to prevent Social Engineering
Awareness Training:
Regularly educate users about social engineering tactics and how to recognize and resist
such attempts.
Acceptable Use Threshold:
Define clear boundaries for the use of personal equipment, typically restricted to the
organization’s guest network rather than the production network.
Security Measures:
Communicate the importance of maintaining security when using personal devices, including
adherence to organizational policies.
Clean Desk Policy:
Emphasize the importance of not leaving sensitive information on desks when unattended for
extended periods.
Data Handling in All Forms:
Reinforce the message that data security extends beyond electronic files and should be
considered for physical documents as well.
Recurring Training:
Regular, ongoing training sessions to reinforce security principles and keep users informed
about evolving threats.
User Accountability:
Encourage a sense of accountability among users for safeguarding information and following
security protocols.
What is
Identification
Authentication
Authorization
Verification
in Information Security
Identification: a means of proving a person’s identity, especially in the form of official papers.
Authentication: Authentication is the process of verifying a claim of identity as true.
Authorization: The process of giving someone the ability to access a resource
Verification: Confirming the identity claim.
List the 5 Authentication Factors: (something…)
- Something You Know:
Definition: Uses information that a person can remember.
Examples:
- Passwords
- PINs
- Passphrases
- Strength: Relatively common but can be weak if exposed. - Something You Are:
Definition: Relies on unique physical attributes, often referred to as biometrics.
Examples:
- Fingerprints
- Iris
- Retina patterns
- Facial Characteristics
- Strength: Stronger due to the uniqueness of physical attributes. - Something You Have:
Definition: Based on physical possession of an item or device.
- Examples:
-Key
- Cards
- Phones
- Strength: Physical possession provides a level of security. - Something You Do:
Definition: Based on the actions or behaviors of an individual.
- Examples:
- Individual’s manner of walking.
- Individual’s handwriting
-Signature
- Delay between keystrokes when typing a phrase
- Strength: Offers strong authentication but may lead to false negatives. - Where You Are Located:
Definition: A geographically based authentication factor.
Method: Authentication depends on the person being physically present at specific locations.
Example: Servers accessible only from the server room.
Strength: Difficult to counter without subverting the authentication system or gaining physical
access.
List the 10 Network Security Devices and Tools
- Access Control:
Definition: Regulates who or what can view or use resources in a computer system.
Tools: Firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS),
Identity and Access Management (IAM) systems. - Antivirus and Anti-Malware Software:
Definition: Detects and removes malicious software, preventing it from compromising
systems.
Tools: ESET, BitDefender, Windows Defender. - Application Security:
Definition: Focuses on securing software applications from threats during development and
runtime.
Tools: Static Application Security Testing (SAST), Dynamic Application Security Testing
(DAST), Web Application Firewalls (WAF). - Data Loss Prevention (DLP):
Definition: Monitors, detects, and prevents unauthorized data exfiltration. (Data Theft)
Tools: Symantec Data Loss Prevention, McAfee Total Protection for Data Loss Prevention,
Digital Guardian. - Distributed Denial of Service (DDoS) Prevention:
Definition: Mitigates DDoS attacks by protecting against overwhelming traffic.
Tools: Cloudflare, Akamai, Arbor Networks. - Email Security:
Definition: Protects against email-borne threats, including phishing and malware.
Tools: Cisco Email Security, Proofpoint, Microsoft 365 Defender. - Firewalls:
Definition: Controls and monitors incoming and outgoing network traffic based on
predetermined security rules.
Tools: Cisco ASA, Palo Alto Networks, Check Point, pfSense (open-source firewall). - Mobile Device Security:
Definition: Secures mobile devices and the data they contain from various threats.
Tools: Mobile Device Management (MDM) solutions, Mobile Threat Defense (MTD)
solutions. - Web Security:
Definition: Protects against web-based threats, including malicious websites and attacks
targeting web applications.
Tools: Secure Web Gateways (SWG), Web Application Firewalls (WAF), Cisco Umbrella. - Virtual Private Networks (VPNs):
Definition: Provides secure and encrypted communication over a public network.
Tools: OpenVPN, Cisco AnyConnect, NordVPN, ExpressVPN.
What is the Biometrics Enrollment Process
Record chosen biometric characteristics (e.g., fingerprint).
Process the characteristic, noting specific parts for matching.
What are the 7 Characteristics of Biometrics
- Universality: The chosen characteristic should be present in the majority of enrolled
individuals. - Uniqueness: Measures how unique a characteristic is among individuals.
- Permanence: Examines how well a characteristic resists change over time.
- Collectability: Determines how easy it is to acquire a characteristic for authentication.
- Performance: Metrics assessing system speed, accuracy, and error rate.
- Acceptability: Measures how acceptable a characteristic is to system users.
- Circumvention: Examines the ease with which a system can be tricked by a falsified
biometric identifier.
What are the 2 Measuring Performance methods:
(passwords)
False Acceptance Rate (FAR): Accepting a user whom the system should have rejected (false
positive).
False Rejection Rate (FRR): Rejecting a legitimate user whom the system should have
accepted (false negative).
What is Operational Security?
Operational Security is a comprehensive process aimed at preserving the confidentiality,
integrity, and availability of sensitive information.
Protecting info assets.
What are the 5 Operational Security steps:
- Identification of Critical Information:
Recognizing pivotal information that is central to the functioning of an entity, such as trade
secrets, source code, or strategic plans. (Info Assets)
- Analysis of Threats:
Evaluating potential harm or financial consequences arising from the exposure of critical
information, considering threats from competitors or malicious actors.
- Analysis of Vulnerabilities:
Identifying weaknesses in the protective measures for information assets, such as
inadequate controls on access or handling procedures.
- Assessment of Risks:
Determining the actual concerns during the OpSec process by assessing the alignment of
identified threats with vulnerabilities. Risk is recognized when a matching threat and
vulnerability are present.
- Application of Counter-Measures:
Implementing measures to mitigate identified risks. For instance, strengthening controls on
access and introducing policies for the proper handling of critical information, as seen in the
example of securing source code from unauthorized exposure.
What is Defense in Depth
Definition:
Multilayered defense strategy to ensure protection even if one layer fails.
Layers: Varied based on the situation, and may include physical, logical, and administrative
controls.
What are the 3 Defense in Depth Controls
Physical Controls
Administrative Controls:
Technical (Logical) Controls:
Definition: Protect systems, networks, and environments logically.
- Examples: Passwords, encryption, access controls, firewalls, intrusion detection systems.
What is Physical Controls
Definition: Protect the physical environment and control access.
What is Physical Controls examples
Examples: Fences, locks, guards, heating/air conditioning systems.
