Chapter 2 Security+ (Intro to security terminology)
Terms in this set (49)
What are the fundamental goals for a security professional?
Confidential, Integrity, and availability.
What does encryption do to data?
Encryption will convert the information from plain text to an unreadable format until an authorized person decrypts the information.
What are the two encryption levels?
Encrypt the file in storage or encrypt the file while its in transit from one location to another.
What is the benefit of encrypting the file in storage?
If the hacker obtains physical access to the system, they can normally bypass the permissions set by the system. The data that is encrypted in storage will be in an unreadable format.
What is the disadvantage of encrypting a file thats in transit?
It will secure the communication channel and the data will be readable once it gets tot he destination.
What is the advantage of encrypting a file thats in transit?
It will be hard for the hacker to tap into the communication and obtain readable information.
What is Steganography?
a method of hiding information, such as a text file, in a graphic file.
How does Steganography work?
The information is placed in the graphic file using a program , and a password is placed on the file. After sending the graphic to the intended receiver, the intended receiver would use the steganography application to read the text information out of the file.
how can an administrator keep information confidential?
Implement encryption of data and communications, and by implementing access control concepts such as permissions.
What does integrity mean?
ensure that when data is sent from a source to a destination, the information received at the destination has not been altered in transit.
What is hashing algorithm?
Data is passed through a a mathematical algorithm to ensure data integrity when communicating over a network.
After data passed through a mathematical algorithm, what is created?
A hash Value
How does a system make sure that the data hasn't been altered?
After the hash value has been created, it will be sent with the data. On the receiving end of the transmission, the destination system runs the data through the same mathematical algorithm to generate an answer. Once the destination system has its own calculated hash value , it then compares that to the hash value sent with the message. If they are the same, then it is assumed the data has not been altered.
How can you verify the integrity of a file?
Use a File Integrity program that caculates the hash values on the file when the file is saved and then compares the stored hash value with the caculated hash value when the file is opened again.
Where is hashing used?
Downloading files and Law enforcement
How does an administrator ensure data integrity?
Hashing and placing permissions on files
What are the integrity concepts?
What is a digital signature?
It's a signature that is created on a message in order to prove the integrity of the sender of the message.
What is certificate?
A digital ertificate is a electronic file used to transport keys used to encrypt or digitally sign messages.
What is Non-repudiation?
the concept of ensuring that someone cannot dispute that they sent a message or made a change, which adds to the integrity of the system.
What is availability?
the last fundamental goal of information security, and it is the concept of ensuring that the information is available when the user wants it.
How can you implement and maintain availability?
Permissions, Backups, Fault Tolerance, clustering, and Patching.
What are three popular techniques of maintaining availability?
Data Backups , RAID (Fault tolerance), and Clustering.
What is accountability?
ensuring that employees are accountable for their actions.
How can you implement accountability?
Auditing and logging features on the systems, routers, firewalls, and in the applications.
What are some of the popular methods to implement accountability?
Log files, Audit Files, firewalls and proxy servers, and application logging.
Why should an administrator Identify and verify individuals within the organization and then control what resources, web sites, and areas of facility they have access to?
It's a huge part of securing the environment.
When does Identification occur?
It occurs before authentication.
What is identification?
the process of having users identify themselves to the system.
What are some methods used for identification and authentication?
Username, Token card, smart card, and bio-metrics.
What occurs after authentication?
The user is authorized.
What are some authorization methods?
Permissions, Router ACL's, Proxy Servers, and Facility.
What are some required security principles to implement in an organization?
Physical Security, Communication security, Computer Security, and Network Security.
What is Least Privilege?
ensures that you always give a user the minimal permissions needed.
What is Separation of duties?
ensure that all critical tasks are broken down into different processes and that each process is performed by a different employee.
What is Collusion?
Multiple people involved in a task get together and take part in fraudulent activity.
What is rotation of duties?
the principle that you will have multiple employees rotate through different job roles.
What are two benefits of seperation of duties compared to rotation of duties?
Separation of duties ensures accountability for employee actions and the business does not depend on one person being the only person able to perform a job role.
What is Layered security?
the concept of not putting all of your eggs in one basket by relying on one type of security solution to create a secure environment.
What is Diversity of defense?
the concept that you should use different products to increase the level of security in your environment.
What is Due Care?
the concept of doing the right thing.
What is Due Diligence?
identifying your risk so that you know what security controls to put in place.
What is Vulnerability?
a weakness in a piece of software or hardware that was created by the manufacturer by accident.
What are the three types of hackers?
White Hat, Grey Hat, and Black Hat.
What are the different identification roles individuals will take in an organization?
Owner, custodian, user, and security officer.
Who is considered an owner?
the person who decides how valuable the asset is and what types of security controls should be put in place to protect the asset.
What is considered a custodian?
the person who implements the security control based on the value of the asset determined by the owner. (IT administrator)
Who is considered a user?
The person who accesses the resources withing the business and is considered a user of the asset.
What is considered a security officer?
the liaison between management and the IT staff. The security officer is responsible for making sure that policies are being followed by educating everyone on their role within the organization.