Security Vocabulary and Acronyms

Questions and Answers

What does the 'C' in the CIA triad represent in the context of security?

• Compliance
• Control
• Clarity
• Confidentiality (correct)

Which protocol is recommended for secure data transmission over a network?

• Telnet
• HTTPS (correct)
• HTTP
• FTP

What can be considered a vulnerability in a security context?

• A well-trained employee
• A user with a strong password
• A routinely updated system
• An unencrypted protocol (correct)

In the context of data, what does 'data at rest' refer to?

Data stored on a device or cloud storage (D)

Which factor is NOT a typical example of a vulnerability?

Current operating system updates (B)

Which of the following is NOT a method to ensure confidentiality?

Using TFTP over a public network (A)

What is an exploit in the context of vulnerabilities?

A method that takes advantage of a vulnerability (D)

What is the purpose of using a secure flavor of FTP?

To ensure data confidentiality during transfer (B)

Which statement accurately describes 'data in motion'?

Data being sent from one device to another over a network (D)

What is the primary goal of implementing controls in a security framework?

To lower the risk of successful exploits (A)

Which of the following best describes a threat actor?

An entity leveraging an exploit (C)

Which of the following protocols is preferred for secure file transfer?

SCP (B)

Which of the following is NOT considered a type of control in a security strategy?

Preventative controls (B)

What role do simple passwords play in security vulnerabilities?

They increase the risk of unauthorized access (C)

What is a common characteristic of protocols that ensure confidentiality?

They encrypt the data during transfer (D)

In the AAA framework, what does the concept of accounting refer to?

Auditing actions and access within the system (B)

Which option is a consequence of using an older version of a protocol?

Increased vulnerability to eavesdropping (B)

What might an attacker use to exploit a vulnerability related to users?

A phishing email (B)

Which component of the AAA model determines what a user can do after authentication?

Authorization (D)

What is a critical advantage of identifying key assets within a security framework?

It allows focus on high-profile attack vectors (B)

How does weak password policy contribute to security breaches?

Promotes the use of simple, easily guessable passwords (B)

When calculating how much to spend on controls, what is a key consideration mentioned?

The potential cost of loss due to breaches (A)

In the security context, what does risk typically refer to?

The potential for assets to be compromised (A)

Which of the following exemplifies a user's vulnerability?

Falling for a social engineering attack (C)

What mindset is suggested as a good starting point for deploying a new network securely?

Zero trust (A)

What type of loss can result from a successful exploit besides monetary loss?

Reputational damage (C)

Which aspect of a vulnerability is considered when evaluating the likelihood of a successful exploit?

The sophistication of potential attacks (B)

What term is used to describe the process of confirming a person's identity before granting access to a network?

Authentication (D)

What is the primary function of encryption in a VPN tunnel?

Provide confidentiality for the data being sent. (A)

What does integrity imply in the context of cybersecurity?

Data has not been altered by unauthorized sources. (C)

Which method is commonly used to verify the integrity of a downloaded file?

Using a checksum or hash value comparison. (B)

What role does availability play in cybersecurity?

It ensures authorized users can access data when needed. (C)

Which of the following is NOT a method to improve availability?

Encrypting all data files. (D)

What does the acronym CIA stand for in cybersecurity?

Confidentiality, Integrity, Availability. (C)

Which setup design helps maintain availability by allowing backup devices to take over if one fails?

Active-Active configuration. (A)

What is a common result of an integrity failure in downloaded files?

Data contains unauthorized modifications or malware. (A)

What is a characteristic of fault tolerance in data management?

It allows systems to continue operating in the event of a failure. (A)

Which of the following is an example of a method to enhance data availability?

Deploying a first-hop redundancy protocol (FHRP). (A)

Study Notes

CIA Triad

• CIA stands for Confidentiality, Integrity, and Availability, essential goals in security.
• Confidentiality ensures data is visible only to authorized users; applies to data at rest, in motion, and in processing.
• Secure communication protocols enhance confidentiality:
  • Use SSH instead of Telnet,
  • HTTPS over HTTP, using SSL or TLS for encryption.
• Encrypting stored data, either files or entire drives, protects confidentiality.

Integrity

• Refers to the accuracy and trustworthiness of data.
• Data should remain unchanged unless authorized; modifications by unauthorized entities compromise integrity.
• Implemented through hashing, allowing verification of data authenticity (e.g., comparing hash values of downloaded files).

Availability

• Guarantees that data and systems are accessible when needed.

• Achieved through high availability setups, fault tolerance, and redundancy using techniques like:

  • NIC teaming and RAID configurations.

    NIC teaming, also known as network interface card teaming or network bonding, is a process that combines multiple network connections into a single logical interface. The main goal is to increase network bandwidth, provide redundancy, and improve network reliability. By teaming NICs, if one network connection fails, the others continue to operate, ensuring constant network availability. It also allows for load balancing, where incoming and outgoing network traffic is distributed across all available connections for more efficient data handling.

    Yes, NIC teaming can increase network speed by aggregating the bandwidth of multiple network connections into a single logical interface. This means that the combined connections can handle more data simultaneously, effectively increasing the overall network throughput. This is especially beneficial in environments that require high data transfer rates, such as data centers or servers handling large volumes of traffic. However, the actual increase in speed depends on the configuration of the network and the capability of the networking equipment and software to properly distribute the traffic across the teamed interfaces.

  • Load balancing and active-passive device configurations to ensure functionality during device failures.

Vulnerability

• Represents weaknesses in a system that can be exploited.
• Common vulnerabilities include:
  • User manipulation through social engineering,
  • Operating system or application flaws,
  • Weak or absent password policies,
  • Use of unencrypted or outdated protocols (e.g., using Telnet or SNMP).

Exploit and Threat Actors

• An exploit is the method by which a vulnerability is taken advantage of (e.g., brute-force password attacks or phishing).
• A threat actor is an individual or group utilizing exploits to compromise systems.

Risk Assessment

• Involves evaluating potential vulnerabilities and threats to organizational assets.
• Factors include the likelihood of exploits succeeding and the potential impact, including financial and reputational losses.
• Identifies the need for controls to mitigate risks; controls can be categorized as:
  • Administrative controls refer to policies, procedures, and practices designed to manage organizational behavior and ensure compliance with security protocols.
  • Technical controls involve the use of technology to protect systems, such as firewalls and encryption methods, to safeguard sensitive information.
  • Physical controls consist of tangible barriers, such as locks, surveillance cameras, and security personnel, aimed at safeguarding facilities and assets from unauthorized access.

AAA Framework

• Stands for Authentication, Authorization, and Accounting, crucial for network security.
• Authentication verifies user identity before access is granted.
• Authorization determines what authenticated users are allowed to do.
• Accounting tracks user activities and access for auditing purposes.

Zero Trust Model

• Emphasizes security posture that assumes every attempt to access the system could be a threat.
• Advocates for continuous verification of user credentials and access rights regardless of their location within the network.

Description

This quiz explores key vocabulary and acronyms used in the security field. Focus on understanding the significance of terms like CIA, which encapsulates core goals in security. Test your knowledge on these essential concepts and enhance your security literacy.