Info Security Review: Lectures 1-9

Questions and Answers

Which security principle involves granting users only the necessary permissions to perform their tasks?

• Multi-factor authentication
• Defense in depth
• Fail-safe defaults
• Least privilege (correct)

What is the primary goal of ensuring 'availability' within the CIA Triad?

• Preventing unauthorized data disclosure
• Maintaining data accuracy and completeness
• Ensuring timely and reliable access to data (correct)
• Verifying user identities

Implementing which of the following helps to ensure non-repudiation?

• Audit logging (correct)
• Encryption
• Multi-factor authentication
• Access Control Lists

Which of the following is the MOST accurate description of 'due diligence' in the context of information security?

The ongoing effort to maintain security and compliance (C)

Which of the following BEST describes the purpose of Security Education, Training, and Awareness (SETA) programs?

To inform employees about security risks and policies (C)

Which of the following risk mitigation strategies involves purchasing insurance to cover potential losses?

Transference (B)

Which activity is the MOST representative of penetration testing?

Attempting to exploit vulnerabilities to assess security defenses (A)

Which of the following is the MOST important reason for performing code reviews during secure software development?

To identify security flaws and vulnerabilities (C)

What is the purpose of input validation in secure coding practices?

To ensure user inputs are checked and sanitized (C)

Which of the following is the PRIMARY goal of system hardening?

Reducing the attack surface (B)

Disabling unnecessary services on a server is an example of what security concept?

Least functionality (C)

Which of the following is MOST crucial when implementing information security within an organization?

Following a standardized security framework (D)

Which of the following activities is part of the incident response process?

Threat detection and eradication (B)

Regularly assessing threats, vulnerabilities, and security posture is an example of:

Continuous monitoring (A)

What is the purpose of security auditing?

To evaluate an organization's security posture (A)

Flashcards

Information Security

Protection of information and systems from unauthorized access.

CIA Triad

Core principles of information security: Confidentiality, Integrity, Availability.

Confidentiality

Ensuring that only authorized users access sensitive data.

Integrity

Maintaining data accuracy and reliability.

Availability

Ensuring that authorized users have access to data when needed.

Authentication

Ensuring users are who they claim to be.

Non-repudiation

Assurance that someone cannot deny the validity of a transaction.

Access Control

Mechanisms that restrict access to resources.

Encryption

Encoding data to prevent unauthorized access.

GDPR

A European privacy law that regulates data protection.

Due Diligence

The ongoing efforts to maintain security and compliance.

Security Education, Training, and Awareness (SETA)

Security policies, standards, and best practices for employee awareness.

Risk Management

Identifying and mitigating security risks.

Business Continuity Planning (BCP)

Strategies to maintain business functions in the event of a disaster.

Risk Assessment

The process of identifying vulnerabilities and threats.

Study Notes

• Comprehensive Exam Reviewer: Information Assurance and Security (Lectures 1-9)

Lecture 1: Introduction to Information Security

• Information Security defined as protecting information and systems from unauthorized access.
• CIA Triad is comprised of Confidentiality, Integrity, and Availability, these being the core principles of information security.
• Authentication ensures users are who they claim to be.
• Non-repudiation is assurance that someone cannot deny the validity of a transaction.
• Access Control restricts access to resources.
• Encryption encodes data to prevent unauthorized access.
• Confidentiality ensures that only authorized users access sensitive data.
• Integrity maintains data accuracy and reliability.
• Availability ensures that authorized users have access to data when needed.
• Security attack types include passive, active, insider, and outsider threats.
• Security principles include least privilege, defense in depth, and fail-safe defaults.
• Best practices include using multi-factor authentication, implementing access controls, regular security training, strong password policies, and continuous monitoring/auditing.

Lecture 2: Legal, Ethical, and Professional Issues in Information Security

• GDPR (General Data Protection Regulation) is a European privacy law that regulates data protection.
• Due Diligence is the ongoing effort to maintain security and compliance.
• Code of Ethics are professional standards for security practitioners.
• Intellectual Property Rights refers to legal protections for digital assets.
• Ethical Hacking vs. Cybercrime involves understanding the distinction between legal and illegal hacking.
• Privacy and Data Protection Laws involves how laws regulate the collection and use of personal data.
• Jurisdiction in Cyber Law - how international cyber laws impact enforcement.
• Best practices involve adhering to ethical guidelines/professional codes, ensuring compliance with data protection regulations, and educating employees on legal/ethical responsibilities.

Lecture 3: Planning for Security

• Information Security Policy: A documented set of security guidelines.
• Risk Management involves identifying and mitigating security risks.
• SETA Program are security training and awareness initiatives for employees.
• Business Continuity Planning (BCP) covers strategies to maintain business functions in the event of a disaster.
• Understanding how structured security policies contribute to risk mitigation is the Importance of Security Policies.
• Management's involvement is crucial for policy enforcement: Role of Management in Security.

Lecture 4: Risk Management

• Risk Assessment is the process of identifying vulnerabilities and threats.
• Quantitative Risk Analysis assigns numerical values to risks.
• Qualitative Risk Analysis references subjective evaluation of risks.

Lecture 5: Overview of Vulnerability Assessment

• Vulnerability Assessment identifies and measures security weaknesses in a system.
• Penetration Testing simulates cyber-attacks to test security defenses.
• OWASP Top 10 is a list of the most critical web application security risks.
• Risk Rating is evaluating vulnerabilities based on likelihood and impact.
• Vulnerability assessment identifies weaknesses, while penetration testing exploits them to measure risk: Difference Between Vulnerability Assessment and Penetration Testing
• SQL Injection, Cross-Site Scripting (XSS), Insecure Authentication are all common vulnerabilities.
• Vulnerability Remediation consists of applying patches, updating software, and strengthening configurations.

Lecture 6: Secure Software Development

• Secure Software Development involves incorporating security measures into the software development process.
• Threat Modeling identifies potential security threats in software.
• Code Review examines source code for security flaws.
• Secure SDLC ensures security is addressed at every phase of software development.
• Input validation, secure authentication, and least privilege access make up Principles of Secure Coding
• Buffer overflows, SQL injection, and cross-site scripting (XSS) are all Common Software Vulnerabilities.
• Preventing security flaws at the architectural level of software is the Importance of Secure Design

Lecture 7: Secure Coding Practices

• Secure Coding develops software in a way that guards against security vulnerabilities.
• Input Validation ensures that user inputs are checked and sanitized before processing.
• Defensive Programming writes code that anticipates and mitigates potential security issues.
• Code Injection is when a type of attack where malicious code is inserted into a program.
• Ensuring that applications are resistant to common exploits is the importance of Secure Coding
• SQL injection, buffer overflows, and improper authentication handling are Common Vulnerabilities in Coding
• Parameterized queries, proper error handling, and principle of least privilege are Best Practices in Secure Coding.

Lecture 8: System Hardening

• System Hardening strengthens the security of a system by reducing its vulnerabilities.
• Patch Management updates software to fix security vulnerabilities.
• Least Functionality configures systems to only include necessary services and features.
• Access Control restricts access to systems based on defined security policies.
• Reduces the attack surface and minimizes potential vulnerabilities: Importance of System Hardening
• Disabling unnecessary services, applying security patches, and enforcing strong access controls: Hardening Operating Systems
• Configuring security settings, using secure authentication, and applying updates: Hardening Applications
• Using firewalls, intrusion detection/prevention systems, and securing network protocols: Hardening Networks

Lecture 9: Implementing Information Security

• Information Security Implementation applies security measures to protect assets.
• Security Frameworks comprises standardized guidelines for managing security risks (e.g., NIST, ISO 27001).
• Incident Response lays out procedures for handling security breaches and threats.
• Security Auditing evaluates an organization's security posture.
• Continuous Monitoring is the assessment of security controls and vulnerabilities.
• Firewalls, encryption, and access control protect systems: Security Controls
• Preparation, detection, containment, eradication, recovery, and lessons learned make up the Incident Response Process
• Ensuring that security policies align with industry standards and regulations refers to Auditing and Compliance
• Regularly assessing threats, vulnerabilities, and security posture defines Continuous Monitoring