Briefly define each of the three members of the information security triad.
- Confidentiality: Confidentiality refers to the protection of information from unauthorized access, disclosure, or use. Confidentiality measures include access controls, encryption, and physical security.
- Integrity: Integrity refers to the assurance that information is accurate, complete, and reliable. Integrity measures include data backups, version controls, and error checking.
- Availability: Availability refers to the assurance that information and systems are accessible and usable when needed. Availability measures include redundancy, fault tolerance, and disaster recovery planning.
- What does the term authentication mean?
Authentication is the process of verifying the identity of a person, device, or system. In the context of information security, authentication is used to ensure that only authorized users, devices, or systems can access sensitive information, systems, or resources.
What is multi-factor authentication?
Multi-factor authentication (MFA) is a security system that requires users to provide multiple forms of identification before granting access to a system, application or online account.
What is role-based access control?
Role-based access control (RBAC) is a security model used to restrict access to resources such as files, folders, applications, or other system resources. RBAC allows access to be granted based on a user’s job function within an organization or system.
What is the purpose of encryption, and fundamentally how does it work?
The purpose of encryption is to secure sensitive information by transforming it into a form that is unintelligible to unauthorized users. Encryption uses a mathematical algorithm to convert plaintext (the original message or data) into ciphertext (the encrypted message or data).
What is pretexting and how does it represent a threat in the Cybersecurity landscape?
Pretexting is a form of social engineering in which an attacker creates a false pretext or story to trick a victim into divulging sensitive information or performing an action that is against their interests. The attacker may pose as someone with authority or a legitimate reason to request the information or action, such as a bank representative, IT support technician, or law enforcement officer.
What’s the point in backups & what are the components of a good backup plan?
The point of backups is to protect data from loss or damage due to various reasons such as hardware failures, natural disasters, cyber attacks, human error, or theft. Backups provide a way to restore data to its previous state in the event of a data loss or corruption, minimizing the impact on business operations or personal data.
What is a firewall?
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Its primary function is to act as a barrier between a trusted, secure internal network and an untrusted, public network such as the internet.
Discuss various types of Firewalls.
Packet filtering firewall: A packet filtering firewall examines the header of each packet of data passing through the network and compares it to a set of predefined rules. If the packet matches the rules, it is allowed to pass through, otherwise, it is dropped. Packet filtering firewalls are simple and fast but can be vulnerable to certain types of attacks, such as IP spoofing.
Stateful inspection firewall: A stateful inspection firewall, also known as a dynamic packet filtering firewall, goes beyond the header of each packet and examines the contents of the packet to ensure that it is part of a valid connection. The firewall keeps track of the state of each connection and only allows traffic that is part of an established connection.
Application-level gateway firewall: An application-level gateway firewall, also known as a proxy firewall, operates at the application layer of the network stack and filters traffic based on the specific application protocol, such as HTTP or FTP. The firewall acts as an intermediary between the client and the server, inspecting and filtering traffic before allowing it to pass through.
What does the term physical security mean and how does it apply to Cybersecurity?
Physical security refers to the measures taken to protect physical assets, such as buildings, equipment, and people, from unauthorized access, theft, damage, or destruction. It includes a range of physical measures, such as access controls, surveillance cameras, security guards, alarms, and fences, as well as policies and procedures for protecting physical assets.
Leave a Reply