Podcast
Questions and Answers
What type of security control is concerned with protecting against logical attacks and exploits?
What type of security control is concerned with protecting against logical attacks and exploits?
- Technical (correct)
- Operational
- Managerial
- Physical
Which of the following is a characteristic of corrective security controls?
Which of the following is a characteristic of corrective security controls?
- Discourages policy violations.
- Returns systems to normal after an incident. (correct)
- Detects unauthorized activity.
- Thwarts unwanted activity from occurring.
What is the primary purpose of physical security controls?
What is the primary purpose of physical security controls?
- To establish policies.
- To prevent physical attacks on facilities and devices. (correct)
- To discourage logical intrusions.
- To manage personnel activities.
Which of the following best describes the role of managerial security controls?
Which of the following best describes the role of managerial security controls?
What are countermeasures primarily designed to achieve?
What are countermeasures primarily designed to achieve?
Which control type is primarily aimed at finding and revealing unauthorized activities?
Which control type is primarily aimed at finding and revealing unauthorized activities?
What is the primary purpose of auditing logs?
What is the primary purpose of auditing logs?
Which of the following options is an example of an operational control?
Which of the following options is an example of an operational control?
In which access control model do owners grant or deny access to their objects?
In which access control model do owners grant or deny access to their objects?
What is the function of deterrent controls?
What is the function of deterrent controls?
Which access control model is known for enforcing system-wide restrictions?
Which access control model is known for enforcing system-wide restrictions?
What is a key characteristic of Mandatory Access Control (MAC)?
What is a key characteristic of Mandatory Access Control (MAC)?
How does Role Based Access Control (RBAC) manage user permissions?
How does Role Based Access Control (RBAC) manage user permissions?
What does Attribute-Based Access Control rely on for restricting access?
What does Attribute-Based Access Control rely on for restricting access?
What benefit do auditing logs provide in terms of organizational policy?
What benefit do auditing logs provide in terms of organizational policy?
Which of the following is NOT a characteristic of Role Based Access Control (RBAC)?
Which of the following is NOT a characteristic of Role Based Access Control (RBAC)?
What is the primary purpose of change management processes in security operations?
What is the primary purpose of change management processes in security operations?
Which of the following is NOT a component of the change management process?
Which of the following is NOT a component of the change management process?
What role does change control play in the change management process?
What role does change control play in the change management process?
How does configuration management benefit security operations?
How does configuration management benefit security operations?
What is the significance of an approval process in change management?
What is the significance of an approval process in change management?
What is a common method for establishing a baseline in configuration management?
What is a common method for establishing a baseline in configuration management?
Which aspect is essential for minimizing downtime during the change management process?
Which aspect is essential for minimizing downtime during the change management process?
What is the importance of having a documented backout plan in the change management process?
What is the importance of having a documented backout plan in the change management process?
What is the primary purpose of defining a backout plan in change management?
What is the primary purpose of defining a backout plan in change management?
Why is it important to conduct an impact analysis before implementing a change?
Why is it important to conduct an impact analysis before implementing a change?
What is a maintenance window in the context of change management?
What is a maintenance window in the context of change management?
Which of the following best describes the role of stakeholder analysis in change management?
Which of the following best describes the role of stakeholder analysis in change management?
What are allow lists and deny lists primarily used for in change management?
What are allow lists and deny lists primarily used for in change management?
Which aspect of technical implications is crucial in change management to prevent service disruptions?
Which aspect of technical implications is crucial in change management to prevent service disruptions?
What should teams do if a change causes service interruption?
What should teams do if a change causes service interruption?
How can legacy applications affect the change management process?
How can legacy applications affect the change management process?
What is a key feature of blockchain data once it is added to the chain?
What is a key feature of blockchain data once it is added to the chain?
Which consensus mechanism can be used in blockchain to validate new data?
Which consensus mechanism can be used in blockchain to validate new data?
In cryptographic terms, which strategy is preferred for low power devices for encryption?
In cryptographic terms, which strategy is preferred for low power devices for encryption?
What is a common use of file hashing in cryptography?
What is a common use of file hashing in cryptography?
Which method enhances the security of user authentication in a system?
Which method enhances the security of user authentication in a system?
What does support for non-repudiation in digital communications imply?
What does support for non-repudiation in digital communications imply?
What is commonly used in cryptography to prevent sensitive data from being read by unauthorized parties?
What is commonly used in cryptography to prevent sensitive data from being read by unauthorized parties?
What is a primary limitation of using encryption algorithms?
What is a primary limitation of using encryption algorithms?
Study Notes
Security Controls
- Security controls are safeguards or countermeasures that address and minimize the loss or unavailability of services, apps, or data due to security vulnerabilities.
- Safeguards are proactive and aim to reduce the likelihood of security incidents.
- Countermeasures are reactive and are deployed to reduce the impact of a security incident after it occurs.
- Control Types include:
- Deterrent: Discourages violation of security policies.
- Preventive: Thwarts or stops unauthorized activities.
- Detective: Discovers or detects unwanted or unauthorized activity.
- Compensating: Aids in enforcing security policies when other controls are not sufficient.
- Corrective: Modifies the environment to return systems to normal after an incident.
- Directive: Imposes a specific action after authentication.
- Accountability establishes proof of action, including the identity of the user who performed it. This is achieved through authentication, identification, and auditing.
- Auditing Logs and Audit Trails record events and user activities.
Authorization Models
- Non-Discretionary Access Control: Enforces system-wide restrictions, overriding object-specific access control. An example is Role-Based Access Control (RBAC).
- Discretionary Access Control (DAC): Grants or denies access based on the owner of an object. The owner can grant access to any other subject. An example is New Technology File System (NTFS).
- Role-Based Access Control (RBAC): Assigns privileges to roles instead of users, associating user accounts with specific roles. This is typically map to job roles.
- Rule Based Access Control (RBAC): Applies global rules to all subjects. Examples include firewall rules that allow or block traffic equally to all users.
- Mandatory Access Control (MAC): Defines access based on predefined labels assigned to objects and subjects. The system determines access based on these labels. This model commonly seen in military security.
- Attribute-Based Access Control: Restricts access based on attributes associated with the account, such as department, location, or functional designation.
Change Management
- Change Management Processes are critical for ensuring system security and stability. They address business processes and technical implications, and require detailed documentation.
- Change Management addresses:
- Approval Process: Ensures that proposed changes are reviewed and approved by management.
- Ownership: Clearly defines responsibility for each change, designating a primary owner.
- Stakeholder Analysis: Identifies and coordinates with all individuals and groups affected by the change.
- Impact Analysis: Evaluates potential impacts, including side effects.
- Testing: Validates the change in a test environment before production rollout.
- Backout Plan: Outlines the process for reversing a change if it fails.
- Maintenance Windows: Defines specific times for implementing changes, minimizing impact to the business.
- Technical Implications of change management include:
- Allow Lists/Deny Lists: Firewall rules, application access lists, and Access Control Lists (ACLs) may need to be updated.
- Restricted Activities: Certain activities, such as data updates during database replication, may need to be restricted.
- Downtime: Changes may disrupt services, requiring careful planning to minimize impact.
Cryptographic Concepts
- Cryptographic Choices depend on specific use cases, such as:
- Low-Power Devices: Frequently use ECC for encryption due to its small key size.
- Low Latency: Employs specialized encryption hardware or accelerators for efficient encryption and decryption.
- High Resiliency: Uses the most secure algorithms to prevent key compromise by attackers.
- Cryptography is used to support various security objectives:
- Confidentiality: Encryption protects sensitive data, ensuring only authorized parties can access it.
- Integrity: Ensures data has not been tampered with and communications are not altered in transit.
- Obfuscation: Obscures data, making it unintelligible to unauthorized individuals.
- Authentication: Verifies user identities and device authenticity.
- Non-Repudiation: Prevents parties from denying their involvement in a transaction.
Cryptographic Concepts: Limitations
-
Speed: Cryptography can impact system performance and resources.
-
Key Management: Managing cryptographic keys is crucial for security.
-
Algorithm Development: New cryptographic algorithms are constantly being developed.
-
Hardware & Software Support: Compatibility between cryptographic algorithms, hardware, and software is essential.
-
Blockchains:
- Public vs. Private Ledgers: Public ledgers allow for more easily changing data, whereas data on a blockchain is immutable and cryptographically secured.
- Validation: Blockchains uses consensus mechanisms (e.g., Proof-of-Work, Proof-of-Stake) to validate new data. Public ledgers rely on the integrity of a central authority.
- Transparency: Blockchain transactions are typically pseudonymous for privacy, while public ledger transactions are fully transparent.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
This quiz covers the fundamental concepts of security controls, including their types and purposes. Learn about safeguards, countermeasures, and the different control types used to enhance security. Test your knowledge on how these elements work together to protect systems and data.