Fundamentals of Security

Question 1

What is the act of protecting data & information from unauthorized access, unlawful modification and disruption, disclosure, corruption, & destruction?

Answer 1

Information Security

Question 2

What is the act of protecting the systems that hold and process the critical data?

Answer 2

Information Systems Security

Question 3

What does C.I.A stand for?

Answer 3

Confidentiality, Integrity, Availability

Question 4

Confidentiality?

Answer 4

Ensures that information is only accessible to those with the appropriate authorization. Protection of information from unauthorized access & disclosure (Encryption).

Question 5

Integrity?

Answer 5

Ensures that data remains accurate & unaltered from its original state unless modification is required by an authorized individual (Hashing).

Question 6

Availability?

Answer 6

Ensures that information, systems, & resources are accessible & functional when needed by authorized users (Redundancy).

Question 7

Non-repudiation?

Answer 7

Guaranteeing that a specific action or event has taken place & can’t be denied by the parties involved. Provides undeniable proof in digital transactions (Digital Signatures).

Question 8

What are the Triple A’s of Security?

Answer 8

Authentication, Authorization, Accounting.

Question 9

Authentication?

Answer 9

The process of verifying the identity of a user or system. Ensures individuals or entities who claim to be during a communication or transaction.

Question 10

Authorization?

Answer 10

Defines what actions or resources a user can access. The permissions and privileges granted to users or entities after they have been authenticated (Rules & Policies).

Question 11

Accounting?

Answer 11

The act of tracking user activities & resource usage, typically for audit or billing purposes. A security measure that ensures all user activities are properly tracked & recorded.

Question 12

Security Controls?

Answer 12

Measures or mechanisms put in place to mitigate risks and protect the confidentiality, integrity, and availability of information Systems and data.

Question 13

Zero Trust?

Answer 13

A security model that operates on principle that no one, inside or outside the organization, should be trusted by default.

Question 14

Control Plane?

Answer 14

Consists of the adaptive identity, threat scope reduction, policy-driven access control, and secured zones.

Question 15

Data Plane?

Answer 15

Focuses on the subject/system, policy engine, policy administrator, and establishing policy enforcement points.

Question 16

Threat?

Answer 16

Anything that could cause harm, loss, damage, or compromise to information technology systems.

Question 17

Vulnerability?

Answer 17

Any weakness in the system design or implementation.

Question 18

Risk Management?

Answer 18

Finding ways to minimize the likelihood of an outcome occurring & achieving the desired outcomes.

Question 19

Why is Confidentiality important?

Answer 19

1. Protect personal Privacy
2. Maintain a business advantage
3. Achieve regulatory compliance (PII, PHI, Financial Data)

Question 20

What are 5 methods to maintain Confidentiality?

Answer 20

1. Encryption
2. Access Controls
3. Data Masking
4. Physical Security Measures
5. Training & Awareness

Question 21

Encryption?

Answer 21

The Process of converting data into code to prevent unauthorized access.

Question 22

Access Controls?

Answer 22

Ensures only authorized personnel can access or modify certain types of data, reducing the risk of unintentional or malicious alterations.

Question 23

Data Masking?

Answer 23

Obscuring data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users.

Question 24

Physical Security Measures?

Answer 24

Ensures confidentiality for physical types of data and for digital information contained on servers and workstations.

Question 25

Training & Awareness?

Answer 25

Regular training on security awareness best practices that employees can use to protect the organization's sensitive data.

Question 26

Why is Integrity important?

Answer 26

1. To ensure Data Accuracy 2. Maintain Trust 3. Ensures System Operability

Question 27

Hashing?

Answer 27

The process of converting data into a fixed-size value.

Question 28

Hash Digest?

Answer 28

A digital fingerprint for any given piece of data to prove its integrity.

Question 29

Digital Signatures?

Answer 29

Use encryption to ensure integrity & Authenticity.

Question 30

Checksums?

Answer 30

Method to verify the integrity of data during transmission.

Question 31

Regular Audits?

Answer 31

Involve reviewing logs & operations to ensure that only authorized changes have been made & any discrepancies are addressed.

Question 32

3 Nines (99.9%)?

Answer 32

8,760 hours are available & can only be down for a maximum of 8.76 hours.

Question 33

5 Nines (99.999%)

Answer 33

The gold standard. System guarantees a downtime of no more than 5.26 minutes in a year.

Question 34

99% Up time?

Answer 34

3.5 Days of downtime per year.

Question 35

Why is Availability important?

Answer 35

1. Ensures Business Continuity 2. Maintains Customer Trust 3. Upholds Organization's Reputation

Question 36

Redundancy?

Answer 36

The duplication of critical components or functions of a system with the intention of enhancing its reliability.

Question 37

What are the 4 types of Redundancy?

Answer 37

1. Server 2. Data 3. Network 4. Power

Question 38

Server Redundancy?

Answer 38

Using multiple servers in a load balance so if one is overloaded or fails, the other servers can take over the load to continue supporting end users.

Question 39

Data Redundancy?

Answer 39

Involves storing data in multiple places.

Question 40

Network Redundancy?

Answer 40

If one network path fails, the data can travel through another route.

Question 41

Power Redundancy?

Answer 41

Using backup power sources to ensure an organization's systems remain operational during periods of power disruption or outages within a local service area.

Question 42

How is a Digital Signature created?

Answer 42

By first hashing a particular message or communication to be digitally signed & encrypting the hash Digest with the user's private key using asymmetric encryption.

Question 43

Why is non-repudiation important?

Answer 43

1. Confirms the Authenticity of Digital Transactions 2. Ensures the Integrity of Communications 3. Provides accountability in digital processes.

Question 44

What are the 5 Authentication methods?

Answer 44

1. Something you know 2. Something you have 3. Something you are 4. Something you do 5. Somewhere you are (K.P.I.A.L)

Question 45

What is Two-factor Authentication (2FA)?

Answer 45

Combining two Authentication methods for verification & security access.

Question 46

What is Multi-factor Authentication (MFA)?

Answer 46

Security process that requires users to provide multiple methods of identification to verify their identity (two or more methods).

Question 47

Why is Authentication important?

Answer 47

1. Prevents Unauthorized Access 2. Protects User data & Privacy 3. Ensures resource validity

Question 48

Why is Authorization important?

Answer 48

1. It protects sensitive data 2. Maintains system integrity in organizations 3. Creates more streamlined user experiences.

Question 49

Audit Trail?

Answer 49

Provides chronological record of all user activities that can be used to trace changes, unauthorized access, or anomalies back to a specific user or point in time.

Question 50

Regulatory Compliance?

Answer 50

Maintains a comprehensive record of all the users' activities.

Question 51

Forensic Analysis?

Answer 51

Uses detailed accounting and event logs that can help cyber security experts understand what happened, how it happened, & how to prevent similar incidents from occurring again in the future.

Question 52

Resource Optimization?

Answer 52

Organizations can optimize system performance & minimize costs by tracking resource utilization & allocation decisions.

Question 53

User Accountability?

Answer 53

Ensures users' actions are monitored and logged, deterring potential misuse & promoting adherence to organization's policies.

Question 54

Syslog Servers?

Answer 54

Used to aggregate logs from various network devices & systems so that system administrators can analyze them to detect patterns or anomalies in the organization's systems.

Question 55

Network Analyzers?

Answer 55

Used to capture & analyze network traffic to gain detailed insights into all the data moving within a network.

Question 56

S.I.E.M (Security Information & Event Management)?

Answer 56

Provides real-time analysis of security alerts generated by various hardware & software infrastructures in an organization.

Question 57

What are the 4 categories of Security Control?

Answer 57

1. Technical 2. Managerial 3. Operational 4. Physical

Question 58

Technical Controls?

Answer 58

The technologies, hardware, & software mechanisms that are implemented to manage & reduce risks.

Question 59

What are examples of Technical Controls?

Answer 59

1. Antivirus Software 2. Firewalls 3. Encryption Processes 4. Intrusion Detection Systems

Question 60

Managerial Controls?

Answer 60

Involve the strategic planning & governance side of security. It encompasses security policies, training programs, & incident response strategies.

Question 61

Operational Controls?

Answer 61

Procedures & measures that are designed to protect data on a day-to-day basis & are mainly governed by internal processes & human actions.

Question 62

What are examples of Operational control?

Answer 62

1. Backup Procedures 2. Account Reviews 3. User Training Programs

Question 63

Physical Controls?

Answer 63

Tangible, real-world measures taken to protect assets.

Question 64

What are the 6 types of Security Control?

Answer 64

1. Preventative 2. Deterrent 3. Detective 4. Corrective 5. Compensating 6. Directive

Question 65

Preventative Controls?

Answer 65

Proactive measures implemented to thwart potential security threats or breaches.

Question 66

Deterrent Controls?

Answer 66

Aim to discourage potential attackers by making the effort seem less appealing or more challenging.

Question 67

Detective Controls?

Answer 67

Monitor & alert organizations to malicious activities as they occur or shortly thereafter.

Question 68

Corrective Controls?

Answer 68

Mitigate any potential damage & restore the systems to their normal state.

Question 69

Compensating Controls?

Answer 69

Alternative measures that are implemented when primary security controls are not feasible or effective.

Question 70

Directive Controls?

Answer 70

Rooted in policy or documentation & sets the standards for behavior within an organization.

Question 71

Zero Trust?

Answer 71

Demands verification for every device, user, & transaction within the network, regardless of origin. "Trust nothing, verify everything."

Question 72

What are the two things needed to create a Zero Trust architecture?

Answer 72

1. Control Plane 2. Data Plane

Question 73

Control Plane?

Answer 73

The framework & set of components responsible for defining, managing, & enforcing the policies related to user & system access within an organization.

Question 74

What are the key elements of the Control Plane?

Answer 74

1. Adaptive Identity 2. Threat Scope Reduction 3. Policy-driven Access Control 4. Secured Zones

Question 75

Adaptive Identity?

Answer 75

Rely on real-time validation that takes into account the user's behavior, device, location, and more.

Question 76

Threat Scope Reduction?

Answer 76

Limit the users' access to only what they need for their work tasks because this drastically reduces the network's potential attack surface.

Question 77

Policy-Driven Access Control

Answer 77

Developing, managing, & enforcing user access policies based on their roles & responsibilities.

Question 78

Secured Zones?

Answer 78

Isolated environments within a network that are designed to house sensitive data.

Question 79

What does the Control Plane use to make decisions about (policy-driven) access?

Answer 79

1. Policy Engine 2. Policy Administrator

Question 80

Policy Engine?

Answer 80

Cross-references the access request with its predefined policies.

Question 81

Policy Administrator?

Answer 81

Used to establish & manage the access policies.

Question 82

What does the Data Plane consist of?

Answer 82

1. Subject/System 2. Policy Enforcement Point

Question 83

Subject/System?

Answer 83

Refers to the individual or entity attempting to gain access.

Question 84

Policy Enforcement Point

Answer 84

Allow or restrict access, & it will effectively act as a gatekeeper to the sensitive areas of the systems or networks.

Question 85

Gap Analysis?

Answer 85

The process of evaluating the differences between an organization's current performance & its desired performance.

Question 86

What are the steps to Gap Analysis?

Answer 86

1. Define the Scope of Analysis 2. Gather data on the current state of the organization 3. Analyze the data to identify the gaps 4. Develop a plan to bridge the gap(s)

Question 87

What are the two types of Gap Analysis?

Answer 87

1. Technical Gap Analysis 2. Business Gap Analysis

Question 88

Technical Gap Analysis?

Answer 88

Evaluating an organization's current technical infrastructure & identifying any areas where it falls short of the technical capabilities required to fully utilize their security solutions.

Question 89

Business Gap Analysis?

Answer 89

Evaluating an organization's current business processes & identifying any areas where they fall short of the capabilities required to fully utilize cloud-based solutions.

Question 90

Plan of Action & Milestones (POA&M)?