Fundamentals of Security

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/40

flashcard set

Earn XP

Description and Tags

Vocabulary flashcards for the Fundamentals of Security lecture.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

41 Terms

1
New cards

Information Security

The act of protecting data and info from unauthorized access, unlawful modification and disruption, disclosure , corruption, and destruction (protect the data rather than the system)

2
New cards

Information system security

The act of protecting the system that hold and process the critical data

3
New cards

C.I.A.N.A

Consist of Confidentiality, Integrity, Availability, Non-Repudiation, Authentication, and Authorization

4
New cards

Confidentiality

Ensures that info is only accessible to those with the appropriate authorization

5
New cards

Integrity

Ensures data remains accurate and unaltered unless modification is required (tools like checkup)

6
New cards

availability

Ensures information and resources are accessible when needed

7
New cards

non-repudiation

Guaranteeing that a specific action or event has taken place and cannot be denied by the parties involved

8
New cards

Authentication

the process of verifying the identify of a user or system

9
New cards

Authorization

Determining actions or resources an authenticated user can access (permission based access to a specific part of the database)

10
New cards

Security Control categories

Consist of technical, managerial, operational, and physical

11
New cards

Security Control Types

Preventive, Deterrent, Detective, Corrective, Compensating and Directive

12
New cards

Zero Trust Model

The principle that no one, outsides or inside, of your organization is to be trusted by default. Can be achieved through understanding both the Control and Data Planes

13
New cards

Zero Trust Model: Control Plane

Encompass the whole network and is responsible for managing, enforcing, along with defining policies related to users/systems. Within this plane of control, there exist adaptive identity, threat scope reduction, policy-driven access control and secured zone.

14
New cards

Adaptive Identity

using real-time validation that takes into account the user’s behavior, devices, and locations.

15
New cards

Threat Scope Reduction

Limit user’s access to only what they need for their work tasks which also limit the surface of an attacker.

16
New cards
17
New cards
18
New cards
19
New cards
20
New cards
21
New cards
22
New cards
23
New cards
24
New cards
25
New cards
26
New cards
27
New cards
28
New cards
29
New cards
30
New cards
31
New cards
32
New cards
33
New cards
34
New cards
35
New cards
36
New cards
37
New cards
38
New cards
39
New cards
40
New cards
41
New cards