Cybersecurity Essentials Chapter 2
What are the methods help to ensure data integrity?
-hashing -data consistency checks -access controls -data validation checks
What two methods help to ensure system availability? (Choose two.)
-
What service determines which resources a user can access along with the operations that a user can perform?
- Authorization
What name is given to any changes to the original data such as users manually modifying data, programs processing and changing data, and equipment failures?
- Data modification
What is identified by the first dimension of the cybersecurity cube?
- Goals The goals identified in the first dimension are the foundational principles. These three principles are confidentiality, integrity and availability. The principles provide focus and enable the cybersecurity expert to prioritize actions when protecting any networked system.
What are two common hash functions? (Choose two.)
- MD5 - SHA
What type of cybersecurity laws protect you from an organization that might want to share your sensitive data?
- Privacy
What mechanism can organizations use to prevent accidental changes by authorized users?
- Version control Two users cannot update the same object. Objects can be files, database records, or transactions. For example, the first user to open a document has the permission to change that document; the second person has a read-only version.
What are three access control security services? (Choose three.)
- accounting - authorization - authentication
What are two methods that ensure confidentiality? (Choose two.)
- authentication - encryption - access control
What three tasks are accomplished by a comprehensive security policy? (Choose three.)
- defines legal consequences of violations - sets rules for expected behavior - gives security staff the backing of management
What are the three states of data? (Choose three.) The second dimension of the Cybersecurity Cube focuses on the problems of protecting all of the states of data in cyberspace.
- in-transit - at rest - in-process
What are the three foundational principles of the cybersecurity world? (Choose three.)
- integrity - availability - confidentiality
What principle prevents the disclosure of information to unauthorized people, resources, and processes?
-Confidentiality
Accounting - Controlling Access
Accounting keeps track of what users do, including what they access, the amount of time they access resources, and any changes made. For example, a bank keeps track of each customer account. An audit of that system can reveal the time and amount of all transactions and the employee or system that executed the transactions. Cybersecurity accounting services work the same way. The system tracks each data transaction and provides auditing results.
What does ACL ( Access Control List) determine?
An ACL determines whether a user has certain access privileges once the user authenticates. Just because you can log onto the corporate network does not mean that you have permission to use the high-speed color printer.
Examples of data corruption?
An example of data corruption during the input process includes data entry errors or disconnected, malfunctioning, or inoperable system sensors. Other examples can include mislabeling and incorrect or mismatched data formats.
Authentication - controlling access
Authentication verifies the identity of a user to prevent unauthorized access. Users prove their identity with a username or ID. In addition, users need to verify their identity by providing one of the following: -Something they know (such as a password) -Something they have (such as a token or card) -Something they are (such a fingerprint)
Authorization - Controling Access
Authorization services determine which resources users can access, along with the operations that users can perform, as shown in Figure 2. Some systems accomplish this by using an access control list, or an ACL. Authorization can also control when a user has access to a specific resource. For example, employees may have access to a sales database during work hours, but the system locks them out after hours.
What is Cloud Storagetorage?
Cloud storagetorage is a remote storagetorage option that uses space on a data center provider and is accessible from any computer with Internet access. Google Drive, iCloud, and Dropbox are all examples of cloud storagetorage providers.
How doe Cybersecurity accounting track and monitor?
Cybersecurity accounting tracks and monitors in real time. Websites, like Norse, show attacks in real-time based on data collected as part of an accounting or tracking system.
What is Direct-attached storagetorage (DAS)
Direct-attached storagetorage (DAS) is storagetorage connected to a computer. A hard drive or USB flash drive is an example of direct-attached storagetorage. By default, systems are not set up to share direct-attached storagetorage.
What is a five nines?
One of the most popular high availability practices is five nines. The five nines refer to 99.999%. This means that downtime is less than 5.26 minutes per year.
Components of Acceptable Use Policy (AUP)
components is an acceptable use policy (AUP). This component defines what users can and cannot do on the various system components. The AUP should be as explicit as possible to avoid misunderstanding. For example, an AUP lists specific websites, newsgroups, or bandwidth intensive applications that users cannot access using company computers or the company network.
What name is given to a storage device connected to a network?
-NAS
What are three types of sensitive information? (Choose three.)
-Personal information: is personally identifiable information (PII) that traces back to an individual -Business information: is information that includes anything that poses a risk to the organization if discovered by the public or a competitor. -Classified information: is information belonging to a government body classified by its level of sensitivity
What is a method of sending information from one device to another using removable media?
-Sneaker net
What is a secure virtual network called that uses the public network?
-VPN
What three design principles help to ensure high availability? (Choose three.)
-eliminate single points of failure -provide for reliable crossover - detect failures as they occur
What is a NAS device?
A network attached storagetorage (NAS) device is a storagetorage device connected to a network that allows storagetorage and retrieval of data from a centralized location by authorized network users. NAS devices are flexible and scalable, meaning administrators can increase the capacity as needed.
What is SAN network?
A storagetorage area network (SAN) architecture is a network based storagetorage system. SAN systems connect to the network using high-speed interfaces allowing improved performance and the ability to connect multiple servers to a centralized disk storagetorage repository.
What is Access Control?
Access control defines a number of protection schemes that prevent unauthorized access to a computer, network, database, or other data resources. The concepts of AAA involve three security services: Authentication, Authorization and Accounting. These services provide the primary framework to control access.
What is Redundant Array of Independent Disks (RAID)?
Redundant array of independent disks (RAID) uses multiple hard drives in an array, which is a method of combining multiple disks so that the operating system sees them as a single disk. RAID provides improved performance and fault tolerance.
Data transmission involves sending information from one device to another. There are numerous methods to transmit information between devices including?
Sneaker net - uses removable media to physically move data from one computer to another Wired networks - uses cables to transmit data Wireless networks - uses radio waves to transmit data
What is stored data?
Stored data refers to data at rest. Data at rest means that a type of storagetorage device retains the data when no user or process is using it. A storagetorage device can be local (on a computing device) or centralized (on the network). A number of options exist for storing data
What is the third state of data?
The third state of data is data in process. This refers to data during initial input, modification, computation, or output.
What is a VPN Network?
Virtual Private Network (VPN) is a secure virtual network that uses the public network (i.e., the Internet). The security of a VPN lies in the encryption of packet content between the endpoints that define the VPN.