Lesson 1: Fundamental Security Concepts and Frameworks Flashcards
(46 cards)
What is information security?
The practice of protecting data resources from unauthorized access, attacks, theft, or damage, ensuring confidentiality, integrity, and availability of information.
Why is information security important?
It is crucial for maintaining trust and compliance with legal and regulatory requirements, safeguarding sensitive data from breaches.
What does the CIA Triad stand for?
Confidentiality, Integrity, Availability
What is the purpose of Confidentiality in information security?
Ensures that only authorized individuals can access sensitive information, often implemented through encryption and access controls.
What is the purpose of Integrity in information security?
Guarantees that data is accurate and unaltered during storage and transmission, using techniques like checksums and hashing.
What is the goal of Availability in information security?
Ensures that information is accessible to authorized users when needed, often supported by redundancy and failover systems.
What is Non-Repudiation?
A principle that ensures individuals cannot deny their actions, such as creating or modifying data, often implemented through digital signatures and logging.
What is the purpose of a cybersecurity framework?
Provides guidelines for securing processing hardware and software, ensuring a structured approach to managing cybersecurity risks.
It helps organizations establish a baseline for security practices and compliance with industry standards.
What are the five functions of the NIST Cybersecurity Framework?
- Identify
- Protect
- Detect
- Respond
- Recover
In the NIST Cybersecurity Framework, what is the purpose of Identify?
Develop security policies and evaluate risks to understand the organization’s security posture.
In the NIST Cybersecurity Framework, what is the purpose of Protect?
Implement measures to secure IT hardware and software throughout their lifecycle, including access controls and encryption.
In the NIST Cybersecurity Framework, what is the purpose of Detect?
Monitor systems and controls to identify potential threats and vulnerabilities in real-time.
In the NIST Cybersecurity Framework, what is the purpose of Respond?
Develop and implement response plans to analyze and eradicate threats effectively.
In the NIST Cybersecurity Framework, what is the purpose of Recover?
Restore systems and data after an attack, ensuring business continuity and minimal downtime.
What is gap analysis in the context of cybersecurity?
Identifies deviations between an organization’s current security systems and required framework standards, highlighting areas for improvement.
What is the purpose for doing a gap analysis?
It serves as a tool for organizations to objectively evaluate their cybersecurity capabilities and prioritize investments in security measures.
What processes are involved in gap analysis?
Assessing existing controls against best practices and regulatory requirements, resulting in a report of deficiencies.
What is the expected outcome from a gap analysis?
The expected outcome is that recommendations for remediation are provided which will guide the organization on how to enhance their security posture effectively.
What is Access Control?
Ensures that information systems align with the goals of the CIA triad, protecting sensitive data from unauthorized access.
What are the key processes involved in Access Control?
- Identification
- Authentication
- Authorization
- Accounting
In Access Control, what is the purpose of Identification?
Involves creating unique identifiers for users, devices, or processes to establish a baseline for access.
In Access Control, what is the purpose of Authentication?
Verifies the identity of users through credentials such as passwords or digital certificates.
In Access Control, what is the purpose of Authorization?
Determines and enforces access rights based on established models. (ex. Discretionary, Mandatory)
In Access Control, what is the purpose of Accounting?
Involves tracking and monitoring authorized usage, alerting on any unauthorized access attempts.
