Security Concepts & Controls
This triad consists of Confidentiality, Integrity and Availability
What is the CIA triad?
This (usually email based) social engineering attack targets a specific high-valie individual, such as a CEO or CFO, often called 'whaling' when aimed at executives.
What is spear phishing?
This network security architecture model assumes no implicit trust for any user device, requireing continuous verification.
what is Zero Trust?
This authentication factor category includes things like passwords and PINs.
What is 'somethig you know'?
This phase of the incident reponse lifecycle incolves establishing roles, writing playbooks, and training the team before any accident occurs.
What is the Preparation phase?
This type of control is designed to discourage an attacker before an attack occures, such as warning signs or visible cameras.
What is a deterrent control?
This attack occurs when an attacker injects malicious data to overwrite a memory buffer and poentially execute arbitrary code.
What is a buffer overflow attack?
This type of disaster recovery site has hardware and software pre-installed but requires data restoration and is cheaper than a hot site.
What is a warm site?
This access control model assigns permissions based on a users job functions within an organization.
What is Role-Based Access Control (RBAC)?
This document explicitly defines vendor's guaranteed uptime, reponse times and service quality metrics.
What is a Service Level Agreement (SLA)?
This security concept ensures a sender cannot deny having sent a message, often achieved with digital signatures.
What is non-repudiation?
This malware type encrypts a victimes files and demands payment for the decryption key.
What is ransomware?
This cloud services model gives the customer the most control and responsibility, including the OS and applications, while the provider manages the physical infrastructure.
What is infrastructure as a service (IaaS)?
This protocol allows a user to log in once and gain access to multiple independant systems without re-authenticating
What is single sign-on (SSO)?
This type of exercise is a discussion-based simulation where a team walks through a hypotheical incident scenario to test their response plan.
what is a tabletop exercise?
This risk response strategy involves purchasing a cyber insurance policy to offset financial impact?
This attack compromises a website that a target group is known to frequent, rather than attacking a target directly.
What is a watering hole attack?
This network design practice divides a network into smaller isolated zones to limity the blast radius of a breach
What is network segmentation?
This security practice requires combining two or more independant authentication factors such as a password and a one time code or PIN.
what is Multifactor authentication (MFA)
This legal directive requires an organization to preserve all data and communications relevant to a pending or anticipated lawsuit.
What is a legal hold?
This security principle states that users and systems should be granted only the minimum access necessary to perform their job functions.
What is least privilege?
This vulnerability class allows attackers to inject malicious SQL statements into input fields to manipulate or extract database data.
What is SQL injection?
This isolated, offline architecture physically prevents a system from connecting to the internet or corporate network.
what is an air gap?
This automated process immediately revokes a former employees system access the moment they leave the organization.
What is deprovisioning?
This formal document specifies the exact scope of work, deliverables, timeline, and cost for a project performed by a vendor.
What is a Statement of Work (SOW)?