30 Questions
What are the primary goals and objectives of a security infrastructure?
Confidentiality, integrity, and availability
Which principle of the CIA Triad focuses on the protection of the secrecy of data?
Confidentiality
How are security controls typically evaluated?
Based on how well they address the CIA Triad principles
What is the main goal of confidentiality protection?
Prevent unauthorized access to data
What are some common causes of unauthorized disclosure of sensitive information?
Human error, oversight, or ineptitude
In the CIA Triad, which principle focuses on ensuring authorized access to data?
Availability
What is one of the main aspects of availability mentioned in the text?
Ensuring authorized access and acceptable performance
Which of the following is NOT listed as a threat to availability in the text?
Sophisticated hacking attacks
What is a crucial control measure needed to maintain availability on a system?
Ensuring redundancy for critical systems
What type of attacks focus on violating availability, as mentioned in the text?
Denial-of-Service (DoS) attacks
Which of the following is NOT a recommended countermeasure to ensure availability according to the text?
Disabling access controls for easier user access
What can cause many availability breaches according to the text?
Human error, oversight, or ineptitude
What does nonrepudiation prevent a subject from claiming?
All of the above
Which of the following is not one of the three As in AAA services?
Accountability
What is a core security mechanism of all security environments?
Authentication
What process involves proving that you are the claimed identity?
Authentication
Which element of nonrepudiation is essential for holding a suspect accountable?
Auditing
How many elements are actually represented by the three As in AAA services?
5
What is the most secure form of authentication?
Multifactor authentication
Which concept involves using multiple security controls in a series?
Defense in depth
What is the primary advantage of using defense in depth for security?
Protection against various threats
Which mechanism involves performing security controls one after the other in a linear fashion?
Defense in depth
What does the use of multifactor authentication aim to prevent?
Compromise of authentication process
Which aspect ensures that a single failed control doesn't expose systems or data?
Defense in depth
What are the key aspects of availability?
Usability, accessibility, and timeliness
Which feature is essential for maintaining the availability of critical systems?
Fault tolerance
What does the DAD Triad consist of?
Disclosure, alteration, and destruction
What does the opposite of the CIA Triad represent?
DAD Triad
Which factor is crucial in ensuring that the widest range of subjects can interact with a resource?
Accessibility
Which concept is vital when designing a security policy alongside the CIA Triad?
DAD Triad
Learn about security management concepts and principles that are crucial for a secure environment. Explore the fundamental parameters, goals, and objectives needed to create a secure solution, including the CIA Triad (Confidentiality, Integrity, Availability).
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free