GCGA Ch. 1 Understanding Core Security Goals (ST)

Question 1

Confidentiality

Answer 1

ensures that data is only viewable by authorized users. Encryption is the best choice to provide confidentiality. Access controls also protect the confidentiality of data.

Question 2

Integrity

Answer 2

provides assurances that data has not been modified, tampered with, or corrupted through unauthorized or unintended changes. Data can be a message, a file, or data within a database. Hashing is a common method of ensuring integrity.

Question 3

Availability

Answer 3

ensures that data and services are available when needed. A common goal is to remove single points of failure. Fault tolerance methods and redundancies are commonly added to support high availability.

Question 4

Scale up vs scale out

Answer 4

Systems scale up by adding additional hardware resources such as memory, processing power, bandwidth capability, and/or drive space. Systems scale out by adding additional nodes or servers. They can scale down or scale in by removing these resources.

Question 5

Scalability

Answer 5

the ability of a system to handle increased workload either by scaling up or by scaling out. This is done manually by administrators.

Question 6

Elasticity

Answer 6

the ability of a system to handle the increased workload by dynamically adding or removing resources as the need arises. Cloud resources typically have elasticity capabilities allowing them to adapt to this increased and decreased demand automatically.

Question 7

Resiliency methods

Answer 7

help systems heal themselves or recover from faults with minimal downtime.

Question 8

Balancing resource availability with security constraints

Answer 8

Organizations balance resource availability with security constraints. Security professionals may want to apply security controls everywhere without considering the cost. However, executives have a responsibility to minimize costs without sacrificing security.