CIA, AAA, and Zero Trust Principles

Questions and Answers

Which security principle ensures that data cannot be altered in transit or at rest by unauthorized individuals?

• Non-repudiation
• Availability
• Confidentiality
• Integrity (correct)

In the context of security, what does non-repudiation primarily ensure?

• That systems are always available and operational for users.
• That data remains confidential and protected from unauthorized access.
• That access to resources is strictly controlled based on user identity.
• That a sender cannot deny having sent a message or performed an action. (correct)

What is the purpose of an access control vestibule in physical security?

• To house security guards and video surveillance equipment.
• To improve the aesthetic appeal of the building entrance.
• To provide a secure area with multiple authentication checkpoints to prevent unauthorized entry. (correct)
• To serve as a waiting area for visitors before they are granted access.

Which of the following is NOT primarily a component of the AAA framework?

Auditing (A)

In the context of Zero Trust, what is the primary role of the Policy Enforcement Point (PEP) within the Data Plane?

To evaluate access requests against established policies and allow or deny access to resources. (B)

What is the role of 'adaptive identity' in a Zero Trust control plane?

To dynamically adjust access privileges based on real-time risk assessment and user behavior. (D)

If a company implements bollards, what threat are they MOST likely trying to mitigate?

Vehicle-based attacks causing damage to the building or its occupants (C)

Which security concept involves identifying the difference between an organization's desired security posture and its current security posture?

Gap analysis (D)

Which of the following is the BEST description of a 'honeytoken'?

A decoy piece of information (e.g., a password or credit card number) that appears legitimate but is not. (A)

What is the primary purpose of employing deception and disruption technologies like honeypots and honeynets?

To actively engage and distract attackers, diverting them from real targets and gathering intelligence on their methods. (D)

Flashcards

Confidentiality

Ensuring data is not disclosed to unauthorized individuals.

Integrity

Maintaining the accuracy and completeness of data.

Availability

Ensuring timely and reliable access to data for authorized users.

Non-repudiation

Guaranteeing that someone cannot deny that they took an action.

AAA

A security framework involving Authentication, Authorization, and Accounting.

Gap analysis

A method for evaluating the differences between security measures you have in place and security measures you should have in place.

Bollards

Physical barriers used to block vehicle access.

Access control vestibule

A controlled entry point with multiple doors to prevent tailgating.

Honeypot

A security measure involving setting up a decoy system to attract and detect attackers.

Honeynet

A collection of honeypots used to simulate a real network.

Study Notes

• CIA stands for Confidentiality, Integrity, and Availability.
• Non-repudiation is a key security principle.
• AAA stands for Authentication, Authorization, and Accounting.

Authenticating Systems and People

• Authentication involves verifying the identity of users and systems.
• Authorization models define what authenticated users or systems can access and do.
• Gap analysis identifies the differences between desired and actual security measures.

Zero Trust

• Zero Trust is a security framework based on the principle of "never trust, always verify."

Control Plane

• Adaptive identity ensures identities are continuously validated based on context and behavior.
• Threat scope reduction minimizes the impact of potential breaches.
• Policy-driven access control enforces granular access permissions based on predefined policies.
• The Policy Administrator is responsible for managing and defining security policies.
• The Policy Engine evaluates access requests against defined policies.

Data Plane

• Implicit trust zones are eliminated in a Zero Trust architecture.
• Subjects/Systems are entities requesting access to resources.
• The Policy Enforcement Point enforces access control policies for resource access.

Physical security

• Physical security involves measures to protect physical assets and facilities.
• Bollards are used to prevent vehicle-based attacks.
• Access control vestibules control entry and exit points.
• Fencing establishes a physical perimeter.
• Video surveillance monitors and records activities.
• Security guards provide on-site security presence.
• Access badges control entry to restricted areas.
• Lighting enhances visibility and deters intruders.

Sensors

• Infrared sensors detect heat signatures.
• Pressure sensors respond to physical force.
• Microwave sensors detect movement.
• Ultrasonic sensors use sound waves to detect objects.

Deception and disruption technology

• Deception technology aims to mislead and disrupt attackers.
• A honeypot is a decoy system designed to attract and trap attackers.
• A honeynet is a network of honeypots.
• A honeyfile is a fake file designed to lure attackers.
• A honeytoken is a decoy token or credential used to detect unauthorized access.

Description

Explore fundamental security principles: CIA (Confidentiality, Integrity, Availability), AAA (Authentication, Authorization, Accounting), and non-repudiation. Understand authentication, authorization models, and gap analysis. Learn about Zero Trust framework, adaptive identity, and policy-driven access control.