Fundamentals of Security

Question 1

Protecting data and information from unauthorized access, modification, disruption, disclosure, and destruction

Answer 1

Information Security

Question 2

Protecting the systems (e.g., computers, servers, network devices) that hold and process critical data

Answer 2

Information Systems Security

Question 3

CIA Triad

Answer 3

Confidentiality
Integrity
Availability

Question 4

Ensures information is accessible only to authorized personnel (e.g.,
encryption)

Answer 4

Confidentiality

Question 5

Ensures data remains accurate and unaltered (e.g., checksums)

Answer 5

Integrity

Question 6

Ensures information and resources are accessible when needed (e.g.,
redundancy measures)

Answer 6

Availability

Question 7

Guarantees that an action or event cannot be denied by the involved parties
(e.g., digital signatures

Answer 7

Non-Repudiation

Question 8

An extension of the CIA triad with the addition of non-repudiation and
authentication

Answer 8

CIANA Pentagon

Question 9

Triple A’s of Security

Answer 9

Authentication
Authorization
Accounting

Question 10

Verifying the identity of a user or system (e.g., password checks)

Answer 10

Authentication

Question 11

Determining actions or resources an authenticated user can access (e.g.,
permissions)

Answer 11

Authorization

Question 12

Tracking user activities and resource usage for audit or billing purposes

Answer 12

Accounting

Question 13

Security Control Categories

Answer 13

■ Technical
■ Managerial
■ Operational
■ Physical

Question 14

Security Control Types

Answer 14

■ Preventative
■ Deterrent
■ Detective
■ Corrective
■ Compensating
■ Directive

Question 15

Operates on the principle that no one should be trusted by default. To achieve zero trust, we use the control plane and the data plane.

Answer 15

Zero Trust Model

Question 16

Adaptive identity, threat scope reduction, policy-driven access
control, and secured zones

Answer 16

Control Plane

Question 17

Subject/system, policy engine, policy administrator, and
establishing policy enforcement points

Answer 17

Data Plane

Question 18

Anything that could cause harm, loss, damage, or compromise to our information
technology systems. Can come from the following:
● Natural disasters
● Cyber-attacks
● Data integrity breaches
● Disclosure of confidential information

Answer 18

Threat

Question 19

Any weakness in the system design or implementation. Come from internal factors like the following:
● Software bugs
● Misconfigured software
● Improperly protected network devices
● Missing security patches
● Lack of physical security

Answer 19

Vulnerability

Question 20

Finding different ways to minimize the likelihood of an outcome and achieve the
desired outcome.

Answer 20

Risk Management

Question 21

Refers to the protection of information from unauthorized access and disclosure. Ensure that private or sensitive information is not available or disclosed to
unauthorized individuals, entities, or processes.

Answer 21

Confidentiality

Question 22

Confidentiality is important for 3 main reasons

Answer 22

■ To protect personal privacy
■ To maintain a business advantage
■ To achieve regulatory compliance

Question 23

To ensure confidentiality, we use five basic methods

Answer 23

Encryption
Access Controls
Data Masking
Physical Security Measures
Training and Awareness

Question 24

Process of converting data into a code to prevent unauthorized access

Answer 24

Encryption

Question 25

By setting up strong user permissions, you ensure that only authorized personnel can access certain types data

Answer 25

Access Controls

Question 26

Method that involves obscuring specific data within a database to make it inaccessible for unauthorized users while retaining the real data's authenticity and use for authorized users

Answer 26

Data Masking

Question 27

Ensure confidentiality for both physical types of data, such as paper records stored in a filing cabinet, and for digital information contained on servers and workstations

Answer 27

Physical Security Measures

Question 28

Conduct regular training on the security awareness best practices that employees can use to protect their organization’s sensitive data

Answer 28

Training and Awareness

Question 29

Helps ensure that information and data remain accurate and unchanged from its original state unless intentionally modified by an authorized individual. Verifies the accuracy and trustworthiness of data over the entire lifecycle

Answer 29

Integrity

Question 30

Integrity is important for three main reasons

Answer 30

■ To ensure data accuracy ■ To maintain trust ■ To ensure system operability

Question 31

To help us maintain the integrity of our data, systems, and networks, we usually utilize five methods

Answer 31

Hashing Digital Signatures Checksums Access Controls Regular Audits

Question 32

Process of converting data into a fixed-size value

Answer 32

Hashing

Question 33

Ensure both integrity and authenticity

Answer 33

Digital Signatures

Question 34

Method to verify the integrity of data during transmission

Answer 34

Checksums

Question 35

Ensure that only authorized individuals can modify data and this reduces the risk of unintentional or malicious alterations

Answer 35

Access Controls

Question 36

Involve systematically reviewing logs and operations to ensure that only authorized changes have been made, and any discrepancies are immediately addressed

Answer 36

Regular Audits

Question 37

Ensure that information, systems, and resources are accessible and operational when needed by authorized users

Answer 37

Availability

Question 38

As cybersecurity professionals, we value availability since it can help us with the following:

Answer 38

■ Ensuring Business Continuity ■ Maintaining Customer Trust ■ Upholding an Organization's Reputation

Question 39

To overcome the challenges associated with maintaining availability, the best strategy is to us ____________ in your systems and network designs

Answer 39

Redundancy

Question 40

Duplication of critical components or functions of a system with the intention of enhancing its reliability.

Answer 40

Redundancy

Question 41

There are various types of redundancy you need to consider when designing your systems and networks

Answer 41

Server Redundancy Data Redundancy Network Redundancy Power Redundancy

Question 42

Involves using multiple servers in a load balanced or failover configuration so that if one is overloaded or fails, the other servers can take over the load to continue supporting your end users

Answer 42

Server Redundancy

Question 43

Involves storing data in multiple places

Answer 43

Data Redundancy

Question 44

Ensures that if one network path fails, the data can travel through another route

Answer 44

Network Redundancy

Question 45

Involves using backup power sources, like generators and UPS systems

Answer 45

Power Redundancy

Question 46

■ Focused on providing undeniable proof in the world of digital transactions ■ Security measure that ensures individuals or entities involved in a communication or transaction cannot deny their participation or the authenticity of their actions

Answer 46

Non-repudiation

Question 47

■ Considered to be unique to each user who is operating within the digital domain ■ Created by first hashing a particular message or communication that you want to digitally sign, and then it encrypts that hash digest with the user’s private key using asymmetric encryption

Answer 47

Digital Signatures

Question 48

Non-repudiation is important for three main reasons

Answer 48

■ To confirm the authenticity of digital transactions ■ To ensure the integrity of critical communications ■ To provide accountability in digital processes

Question 49

Security measure that ensures individuals or entities are who they claim to be during a communication or transaction

Answer 49

Authentication

Question 50

5 commonly used authentication methods

Answer 50

Something you know (Knowledge Factor) Something you have (Possession Factor) Something you are (Inherence Factor) Something you do (Action Factor) Somewhere you are (Location Factor)

Question 51

Relies on information that a user can recall

Answer 51

Something you know (Knowledge Factor)

Question 52

Relies on the user presenting a physical item to authenticate themselves

Answer 52

Something you have (Possession Factor)

Question 53

Relies on the user providing a unique physical or behavioral characteristic of the person to validate that they are who they claim to be

Answer 53

Something you are (Inherence Factor)

Question 54

Relies on the user conducting a unique action to prove who they are

Answer 54

Something you do (Action Factor)

Question 55

Relies on the user being in a certain geographic location before access is granted

Answer 55

Somewhere you are (Location Factor)

Question 56

Security process that requires users to provide multiple methods of identification to verify their identity

Answer 56

Multi-Factor Authentication System (MFA)

Question 57

Authentication is critical to understand because of the following

Answer 57

■ To prevent unauthorized access ■ To protect user data and privacy ■ To ensure that resources are accessed by valid users only

Question 58

Pertains to the permissions and privileges granted to users or entities after they have been authenticated

Answer 58

Authorization

Question 59

Authorization mechanisms are important to help us with the following

Answer 59

■ To protect sensitive data ■ To maintain the system integrity in our organizations ■ To create a more streamlined user experience

Question 60

Security measure that ensures all user activities during a communication or transaction are properly tracked and recorded

Answer 60

Accounting

Question 61

Your organization should use a robust accounting system so that you can create the following

Answer 61

Create an audit trail Maintain regulatory compliance Conduct forensic analysis Perform resource optimization Achieve user accountability

Question 62

Provides a chronological record of all user activities that can be used to trace changes, unauthorized access, or anomalies back to a source or point in time

Answer 62

Create an audit trail

Question 63

Maintains a comprehensive record of all users’ activities

Answer 63

Maintain regulatory compliance

Question 64

Uses detailed accounting and event logs that can help cybersecurity experts understand what happened, how it happened, and how to prevent similar incidents from occurring again

Answer 64

Conduct forensic analysis

Question 65

Organizations can optimize system performance and minimize costs by tracking resource utilization and allocation decisions

Answer 65

Perform resource optimization

Question 66

Thorough accounting system ensures users’ actions are monitored and logged , deterring potential misuse and promoting adherence to the organization’s policies

Answer 66

Achieve user accountability

Question 67

To perform accounting, we usually use different technologies like the following

Answer 67

Syslog Servers Network Analysis Tools Security Information and Event Management (SIEM) Systems

Question 68

Used to aggregate logs from various network devices and systems so that system administrators can analyze them to detect patterns or anomalies in the organization’s systems

Answer 68

Syslog Servers

Question 69

Used to capture and analyze network traffic so that network administrators can gain detailed insights into all the data moving within a network

Answer 69

Network Analysis Tools

Question 70

Provides us with a real-time analysis of security alerts generated by various hardware and software infrastructure in an organization

Answer 70

Security Information and Event Management (SIEM) Systems

Question 71

4 Broad Categories of Security Controls

Answer 71

Technical Controls Managerial Controls Operational Controls Physical Controls

Question 72

Technologies, hardware, and software mechanisms that are implemented to manage and reduce risks

Answer 72

Technical Controls

Question 73

● Sometimes also referred to as administrative controls ● Involve the strategic planning and governance side of security

Answer 73

Managerial Controls

Question 74

● Procedures and measures that are designed to protect data on a day-to-day basis ● Are mainly governed by internal processes and human actions

Answer 74

Operational Controls

Question 75

Tangible, real-world measures taken to protect assets

Answer 75

Physical Controls

Question 76

6 Basic Types of Security Controls

Answer 76

Preventive Controls Deterrent Controls Detective Controls Corrective Controls Compensating Controls Directive Controls

Question 77

Proactive measures implemented to thwart potential security threats or breaches

Answer 77

Preventive Controls

Question 78

Discourage potential attackers by making the effort seem less appealing or more challenging

Answer 78

Deterrent Controls

Question 79

Monitor and alert organizations to malicious activities as they occur or shortly thereafter

Answer 79

Detective Controls

Question 80

Mitigate any potential damage and restore our systems to their normal state

Answer 80

Corrective Controls

Question 81

Alternative measures that are implemented when primary security controls are not feasible or effective

Answer 81

Compensating Controls

Question 82

● Guide, inform, or mandate actions ● Often rooted in policy or documentation and set the standards for behavior within an organization

Answer 82

Directive Controls

Question 83

Process of evaluating the differences between an organization's current performance and its desired performance

Answer 83

Gap Analysis

Question 84

There are several steps involved in conducting a gap analysis

Answer 84

■ Define the scope of the analysis ■ Gather data on the current state of the organization ■ Analyze the data to identify any areas where the organization's current performance falls short of its desired performance ■ Develop a plan to bridge the gap

Question 85

2 Basic Types of Gap Analysis

Answer 85

Technical Gap Analysis Business Gap Analysis

Question 86

● Involves evaluating an organization's current technical infrastructure ● identifying any areas where it falls short of the technical capabilities required to fully utilize their security solutions

Answer 86

Technical Gap Analysis

Question 87

● Involves evaluating an organization's current business processes ● Identifying any areas where they fall short of the capabilities required to fully utilize cloud-based solutions

Answer 87

Business Gap Analysis

Question 88

● Outlines the specific measures to address each vulnerability ● Allocate resources ● Set up timelines for each remediation task that is needed

Answer 88

Plan of Action and Milestones (POA&M)

Question 89

_____________demands verification for every device, user, and transaction within the network, regardless of its origin

Answer 89

Zero Trust

Question 90

Refers to the overarching framework and set of components responsible for defining, managing, and enforcing the policies related to user and system access within an organization

Answer 90

Control Plane

Question 91

Control Plane typically encompasses 4 key elements

Answer 91

Adaptive Identity Threat Scope Reduction Policy-Driven Access Control Secured Zones

Question 92

Relies on real-time validation that takes into account the user's behavior, device, location, and more

Answer 92

Adaptive Identity

Question 93

Entails developing, managing, and enforcing user access policies based on their roles and responsibilities

Answer 93

Policy-Driven Access Control

Question 93

Limits the users’ access to only what they need for their work tasks because this reduces the network’s potential attack surface. Focused on minimizing the "blast radius" that could occur in the event of a breach

Answer 93

Threat Scope Reduction

Question 94

Isolated environments within a network that are designed to house sensitive data

Answer 94

Secured Zones

Question 95

Ensures the policies are properly executed

Answer 95

Data Plane

Question 96

Data plane consists of the following

Answer 96

Subject/System Policy Engine Policy Administrator Policy Enforcement Point

Question 97

Refers to the individual or entity attempting to gain access

Answer 97

Subject/System

Question 98

Cross-references the access request with its predefined policies

Answer 98

Policy Engine

Question 99

Used to establish and manage the access policies

Answer 99

Policy Administrator

Question 99

Where the decision to grant or deny access is actually execute

Answer 99

Policy Enforcement Point