Fundamentals of Security Flashcards

Question

# Define / Explain Encryption ## Footnote Obj. 1.2 - Summarize fundamental security concepts | Confidentiality

Answer 1

Process of converting data into a code to prevent unauthorized access ## Footnote (5) Basic methods of confidentiality

Answer 2

By setting up strong user permissions, you ensure that only authorized personnel can access certain types of data ## Footnote (5) Basic methods of confidentiality

Answer 3

Method that involves obscuring specific data within a database to make it inaccessible for unauthorized users while retaining the real data's authenticity and use for authorized users ## Footnote (5) Basic methods of confidentiality

Answer 4

Ensure confidentiality for both physical types of data, such as paper records stored in a filing cabinet, and for digital information contained on servers and workstations ## Footnote (5) Basic methods of confidentiality

Answer 5

Conduct regular training on the security awareness best practices that employees can use to protect their organization's sensitive data ## Footnote (5) Basic methods of confidentiality

Answer 6

* Helps ensure that information and data remain accurate and unchanged from its original state unless intentionally modified by an authorized individual * Verifies the accuracy and trustworthiness of data over the entire lifecycle ## Footnote *Informational*

Answer 7

* To ensure data accuracy * To maintain trust * To ensure system operability ## Footnote *Informational*

Answer 8

* Hashing * Digital Signatures * Checksums * Access Controls * Regular Audits ## Footnote *Informational*

Answer 9

Process of converting data into a fixed-size value ## Footnote (5) Methods of integrity

Answer 10

Ensures both integrity and authenticity ## Footnote (5) Methods of integrity

Answer 11

Method to verify the integrity of data during transmission ## Footnote (5) Methods of integrity

Answer 12

Ensure that only authorized individuals can modify data and this reduces the risk of unintentional or malicious alterations ## Footnote (5) Methods of integrity

Answer 13

Involve systematically reviewing logs and operations to ensure that only authorized changes have been made, and any discrepancies are immediately addressed ## Footnote (5) Methods of integrity

Answer 14

Ensures that information, systems, and resources are accessible and operational when needed by authorized users

Answer 15

* Ensuring Business Continuity * Maintaining Customer Trust * Upholding an Organization's Repudiation ## Footnote *Informational*

Answer 16

To overcome the challenges associated with maintaining availability, the best strategy is to use redundancy in your systems and network designs ## Footnote *Informational, both sides*

Answer 17

Duplication of critical components or functions of a system with the intention of enhancing its reliability

Answer 18

* Server Redundancy * Data Redundancy * Network Redundancy * Power Redundancy ## Footnote *Informational*

Answer 19

Involves using multiple servers in a load balanced or failover configuration so that if one is overloaded or fails, the other servers can take over the load to continue supporting your end users

Answer 20

Involves storing data in multiple places

Answer 21

Ensures that if one network path fails, the data can travel through another route

Answer 22

Involes using backup power sources, like generators and UPS systems ## Footnote UPS = Uninterruptable Power Supply

Answer 23

* Focused on providing undeniable proof in the world of digital transactions * Security measure that ensures individuals or entities involved in a communication or transaction cannot deny their participation or the authenticity of their actions ## Footnote *Informational*

Answer 24

* Considered to be unique to each user who is operating within the digital domain * Created by first hashing a particular message or communication that you want to digitally sign, and then it encrypts that hash digest with the user's private key using asymmetric encryption ## Footnote *Informational*

Answer 25

* To confirm the authenticity of digital transactions * To ensure the integrity of critical communications * To provide accountability in digital processes ## Footnote *Informational*

Answer 26

Security measure that ensures invidivuals or entities are who they claim to be during a communication or transaction

Answer 27

* Something you know (Knowledge Factor) * Something you have (Possession Factor) * Something you are (Inherence Factor) * Something you do (Action Factor) * Somewhere you are (Location Factor) ## Footnote *Informational*

Answer 28

Relies on information that a user can recall | Knowledge Factor ## Footnote (5) commonly used authentication methods

Answer 29

Relies on the user presenting a physical item to authenticate themselves | Possession Factor ## Footnote (5) commonly used authentication methods

Answer 30

Relies on the user providing a unique physical or behavioral characteristic of the person to validate that they are who they claim to be | Inherence Factor ## Footnote (5) commonly used authentication methods

Answer 31

Relies on the user conducting a unique action to prove who they are | Action Factor ## Footnote (5) commonly used authentication methods

Answer 32

Relies on the user being in a certain geographic location before access is granted | Location Factor ## Footnote (5) commonly used authentication methods

Answer 33

Security process that requires users to provide multiple methods of identification to verify their identity ## Footnote MFA = Multifactor Authentication

Answer 34

* To prevent unauthorized access * To protect user data and privacy * To ensure that resources are accessed by valid users only ## Footnote *Informational*

Answer 35

Pertains to the permissions and privileges granted to users or entities after they have been authenticated

Answer 36

* To protect sensitive data * To maintain the system integrity in our organizations * To create a more streamlined user experience ## Footnote *Informational*

Answer 37

Security measure that ensures all user activities during a communication or transaction are properly tracked and recorded

Answer 38

* Create an audit trail * Maintain regulatory compliance * Conduct forensic analysis * Perform resource optimization * Achieve user accountability ## Footnote *Informational*

Answer 39

Provides a chronological record of all user activities that can be used to trace changes, unauthorized access, or anomalies back to a source or point in time

Answer 40

Maintains a comprehensive record of all users' activities

Answer 41

Uses detailed accounting and event logs that can help cybersecurity experts understand what happened, how it happened, and how to prevent similar incidents from occurring again

Answer 42

Organizations can optimize system performance and minimize costs by tracking resource utilization and allocation decisions

Answer 43

Thorough accounting system ensures users' actions are monitored and logged, deterring potential misuse and promoting adherence to the organization's policies

Answer 44

* Syslog Servers * Network Analysis Tools * SIEM Systems | SIEM = Security Information and Event Management ## Footnote *Informational*

Answer 45

Used to aggregate logs from various network devices and systems so that system administrators can analyze them to detect patterns or anomalies in the organization's systems ## Footnote Example: Kiwi Syslog Server NG by SolarWinds

Answer 46

Used to capture and analyze network traffic so that network administrators can gain detailed insights into all the data moving within a network ## Footnote Example: Wireshark

Answer 47

Provides us with real-time analysis of security alerts generated by various hardware and software infrastructure in an organization ## Footnote Example: Splunk

Answer 48

* Technical Controls * Managerial Controls * Operational Controls * Physical Controls ## Footnote *Informational*

Answer 49

Technologies, hardware, and software mechanisms that are implemented to manage and reduce risks

Answer 50

* Sometimes also referred to as administrative controls * Involves the strategic planning and governance side of security

Answer 51

* Procedures and measures that are designed to protect data on a day-to-day basis * Are mainly governed by internal processes and human actions

Answer 52

Tangible, real-world measures taken to protect assets

Answer 53

* Preventic Controls * Deterrent Controls * Detective Controls * Corrective Controls * Compensating Controls * Directive Controls ## Footnote *Informational*

Answer 54

Proactive measures implemented to thwart potential security threats or breaches

Answer 55

Discourage potential attackers by making the effort seem less appealing or more challenging

Answer 56

Monitor and alert organizations to malicious activities as they occur or shortly thereafter

Answer 57

Mitigate any potential damage and restore our systems to their normal state

Answer 58

Alternative measures that are implemented when primary security controls are not feasible or effective

Answer 59

* Guide, inform, or mandate actions * Often rooted in policy or documentation and set the standards for behavior within an organization

Answer 60

Process of evaluating the differences between an organization's current performance and its desired performance

Answer 61

Conducting a gap analysis can be a valuable tool for organizations looking to improve their operations, processes, performance, or overall security posture ## Footnote *Informational, both sides*

Answer 62

* Define the scope of the analysis * Gather data on the current state of the organization * Analyze the data to identify any areas where the organization's current performance falls short of its desired performance * Develop a plan to bridge the gap ## Footnote *Informational*

Answer 63

* Technical Gap Analysis * Business Gap Analysis ## Footnote *Informational*

Answer 64

* Involves evaluating an organization's current technical infrastructure * Identifying any areas where it falls short of the technical capabilities required to fully utilize their security solutions

Answer 65

* Involves evaluating an organization's current business processes * Identifying any areas where they fall short of the capabilities required to fully utilize cloud-based solutions

Answer 66

* Outlines the specific measures to address each vulnerability * Allocate resources * Set up timelines for each remediation task that is needed ## Footnote POA&M = Plan of Action & Milestones

Answer 67

Zero Trust demands verification for every device, user, and transaction within the network, regardless of its origin ## Footnote *Informational, both sides*

Answer 68

* Control Plane * Data Plane ## Footnote *Informational*

Answer 69

Refers to the overarching framework and set of components responsible for defining, managing, and enforcing the policies related to user and system access within an organization

Answer 70

* Adaptive Identity * Threat Scope Reduction * Policy-Driven Access Control * Secured Zones ## Footnote *informational*

Answer 71

Relies on real-time validation that takes into account the user's behavior, device, location, and more

Answer 72

* Limits the users' access to only what they need for their work tasks because this reduces the network's potential attack surface * Focused on minimizing the "blast radius" that could occur in the event of a breach

Answer 73

Entails developing, managing, and enforcing user access policies based on their roles and responsibilities

Answer 74

Isolated environments within a network that are designed to house sensitive data

Answer 75

Control Plane uses a Policy Engine and a Policy Administrator to make decions about access ## Footnote *Informational, both sides*

Answer 76

Cross-references the access request with its predefined policies

Answer 77

Used to establish and manage the access policies

Answer 78

* Subject / System * Policy Enforcement Point ## Footnote *Informational*

Answer 79

Refers to the individual or entity attempting to gain access

Answer 80

Where the decision to grant or deny access is actually executed

Fundamentals of Security Flashcards

Objectives 1.1 and 1.2 (104 cards)