CIA
Who
Continuity
Access
BC
100

This describes the practice of controlling access to a resource

Security  p426

100

This is any attempt to gain access to information or Host you are NOT authorized to view

Snooping  p426

100

This availability concern can be addressed with Redundant Power Supplies

Power Outage  p428

100

This Access Control proves a User is who they say and links them to their User Account

Authentication  p429

100

This organizational Policy addresses how they deal with potential system or network outages

Business Continuity Policy  p433

200

Security must be balanced against this, or the resource is unusable

Accessibility  p426

200

This confidentiality concern relates to intercepting or listening to voice/data conversations

Eavesdropping or Wiretapping  p427

200

This availability concern is addressed by Fault Tolerant design

Hardware Failure  p428

200

This Access Control creates barriers around resources such that only authenticated Users gain access (Permissions)

Authorization  p429

200

These terms describe how multiple Network Adapters can work together, and Share Bandwidth

TEAMING and Load Balancing  p434

300

These Properties comprise the CIA Triad of IT Security

Confidentiality, Integrity & Accessibility  p426

300

This describes the threat of someone transparently monitoring traffic between nodes

Man in the Middle (MitM)  p427

300

This availability concern can occur through environmental or malicious actions, could be addressed using Continuity of Operations plan

Destruction  p428

300

This Access Control records a LOG of who and when they accessed a resource for later review and validation

Accounting  p429

300

These Systems often supplement UPS due to their limited power storage

Backup Generators  p434

400

This term means that information should only be known to authorized users

Confidentiality   p426

400

This is when someone captures your authentication credentials so as to gain access to a resource

Replay  p427

400

This availability concern typically relates to an ISP failure

Service Outage  p428

400

These 3 elements typically comprise a Access Control System

Authentication, Authorization & Accounting (Triple A)  p429

400

This Business Continuity Policy addresses what to do after a Site Failure/Destruction

Disaster Recovery  p435

500

This term means that information is stored and transferred without unauthorized modification

Integrity  p426

500

Falsely claiming to be from tech support to gain system access is an example of this threat

Impersonation  p427

500

This feature of computing and network systems addresses their potential lack of availability due to component failure

Fault Tolerance  p433

500

This refers to someone "stealing" your logon credentials  by watching you enter them

Shoulder Surfing  p431

500

This is important First Step to address in Disaster Recover

Prioritization  p435

600

This term means the information is accessible to those authorized to view or modify it

Accessibility  p426

600

This describes coordinated attack against Host to prevent others from gaining access

Denial of Service (DoS or DDoS)  p427

600

This computer or device feature allows them to operate if a single component is a set does fail

Redundancy  p433

600

This term describes how some social engineering attackers simply look through your trash to find useful data

Dumpster Diving  p430

600

This is the final step when performing Disaster Recovery

Restore Access for Users  p435

M
e
n
u