Modules 1 + 2 Term -> Def

Question 1

CIA Triad

Answer 1

A model for guiding security policies in an organization.

Question 2

Confidentiality

Answer 2

Ensuring that data is only accessible to authorized individuals.

Question 3

Integrity

Answer 3

Maintaining accuracy and consistency of data over its lifecycle.

Question 4

Availability

Answer 4

Ensuring that authorized users have reliable access to data and services.

Question 5

AAA

Answer 5

Authentication, Authorization, and Accounting framework.

Question 6

Identification

Answer 6

Claiming an identity in a system.

Question 7

Authentication

Answer 7

Proving identity using credentials.

Question 8

Authorization

Answer 8

Granting access to resources based on identity.

Question 9

Accounting

Answer 9

Tracking actions and accesses in a system.

Question 10

3 States of Data

Answer 10

Three conditionsff under which data exists. : at rest, in transit, in use

Question 11

In Transit

Answer 11

Data that is being transmitted across networks.

Question 12

At Rest

Answer 12

Data stored in a persistent storage medium.

Question 13

In Use

Answer 13

Data actively used by a process.

Question 14

Non-Repudiation

Answer 14

Ensuring that a sender cannot deny having sent a message.

Question 15

Gap Analysis

Answer 15

Comparison of security measures against requirements.

Question 16

Vulnerability

Answer 16

A weakness in a system or process.

Question 17

Threat

Answer 17

A vulnerability with a threat actor.

Question 18

Risk

Answer 18

The probability and impact of a threat.

Question 19

Data Sovereignty

Answer 19

Compliance with local data storage regulations. the country of the user about whom the data is stored governs that data.

Question 20

Security Controls

Answer 20

Methods for managing security risks.

Question 21

Categories of Security (STOMP)

Answer 21

Security control classifications.

Security is:

Technical
Operational
Managerial
Physical

Question 22

Deterrent

Answer 22

Discouraging unauthorized actions.

Question 23

Preventative

Answer 23

Preventing security incidents.

(eg lock on product case)

Question 24

Detective

Answer 24

Detecting security breaches.

Question 25

Corrective

Answer 25

Restoring system integrity after an attack.

Question 26

Compensating

Answer 26

Back up for another security control or weakness. For example, password strength requirements and two factor authentication.

Question 27

Directive

Answer 27

Enforces a rule or behavior, specifying how people should interact with a system For example, policies, and disciplinary procedures

Question 28

Physical Security Controls

Answer 28

Security measures in physical spaces.

Question 29

Lighting

Answer 29

Enhancing security with visibility.

Question 30

Fencing

Answer 30

Defining secure perimeters.

Question 31

Cameras

Answer 31

Monitoring areas for unauthorized activity.

Question 32

Bollards

Answer 32

Blocking unauthorized vehicular access.

Question 33

Access Control Vestibule

Answer 33

Two door enclosure with an entry and exit. Only one door can be opened at a time. Prevents 1) piggybacking, when you knowingly, let the person in using your credentials and 2) tailgating, which is when someone slips through the door after you unbeknownst to you.

Question 34

Sensors & Alarms

Answer 34

Detecting motion and other activities.

Question 35

DHKE

Answer 35

Diffie-Hellman Key Exchange, a method for securely exchanging cryptographic keys. Publicly Agreed Numbers • Alice and Bob agree on two public numbers: • A large prime number (let’s call it P) • A base/generator (let’s call it G) These numbers don’t need to be secret and can be known to everyone, including an attacker listening in. 2. Each Person Picks a Secret Number • Alice picks a private number (a) • Bob picks a private number (b) • These are never shared with anyone, not even each other. 3. Compute and Exchange Public Values Each person uses their private number to compute a public value: • Alice calculates: A = (G^a) mod P (She sends A to Bob) • Bob calculates: B = (G^b) mod P (He sends B to Alice) These public values (A and B) are exchanged openly, meaning even an attacker can see them. 4. Compute the Shared Secret Now, both Alice and Bob use the received value and their own private number to compute the same shared secret: • Alice computes: S = (B^a) mod P • Bob computes: S = (A^b) mod P Because of the way exponentiation works in modular math, both Alice and Bob end up with the same S, even though they never directly exchanged it!

Question 36

Code Signing

Answer 36

Ensuring software integrity via digital signatures.

Question 37

PKI

Answer 37

Public Key Infrastructure for managing digital certificates.

Question 38

Certificate

Answer 38

A digital document that binds an entity with a public key.

Question 39

Certificate Authority

Answer 39

An organization that issues digital certificates.

Question 40

Intermediate CA

Answer 40

A CA with authority delegated by a higher CA.

Question 41

OCSP

Answer 41

Online Certificate Status Protocol Allows a host to query the status of a certificate.

Question 42

Symmetric Encryption

Answer 42

Using the same key for both encryption and decryption.

Question 43

ROT13

Answer 43

A simple substitution cipher shifting letters by 13 places.

Question 44

Asymmetric Encryption

Answer 44

Using different keys for encryption and decryption.

Question 45

In-band Exchange

Answer 45

Key exchange occurring over the same communication channel.

Question 46

Out-of-band Exchange

Answer 46

Key exchange using a different communication channel.

Question 47

Key Length

Answer 47

Longer keys provide better security but require more processing power.

Question 48

Key Strength

Answer 48

Measure of encryption resistance to brute-force attacks.

Question 49

Levels of Encryption (6)

Answer 49

1. FDE, full disc encryption 2. Partition-level encryption 3. Volume level encryption 4. File-level encryption. 5. Database-level encryption. 6. Record-level encryption

Question 50

Hashing

Answer 50

One-way function ensuring data integrity.

Question 51

Encryption

Answer 51

Two-way function ensuring data confidentiality.

Question 52

Password Hashing

Answer 52

Securing stored passwords using hashing algorithms.

Question 53

Collision

Answer 53

When different inputs produce the same hashed output, indicating weakness.

Question 54

Hashing Algorithms

Answer 54

Common hashing functions. Produce a hash digest.

Question 55

MD5

Answer 55

An older hashing algorithm prone to collisions.

Question 56

SHA-256

Answer 56

A secure hashing function used widely in modern cryptography.

Question 57

SHA-512

Answer 57

An advanced secure hashing function for high-security needs.

Question 58

Salting

Answer 58

A way to add additional random characters to a password to make guessing it harder