Unit 7: Security 6.1.3 – Availability Concerns
Call Kai
Learn
Practice Test
Spaced Repetition
Match
Flashcards
Knowt Play1/22
Earn XP
Description and Tags
This flashcard set covers the availability component of the CIA Triad, threats to availability including malicious and unexpected issues, and strategies for maintaining availability such as fallback systems and active mitigation.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
23 Terms
CIA Triad
A foundational cybersecurity model focused on confidentiality, integrity, and availability.
Confidentiality
The component of the CIA Triad focused on keeping data private.
Integrity
The component of the CIA Triad focused on keeping data accurate and trustworthy.
Availability
Ensuring that data is accessible to authorized users when needed while excluding unauthorized users.
Financial Loss
A consequence of data unavailability where a business loses sales, misses transactions, or pays for recovery efforts.
Reputation Damage
The result of repeated downtime causing customers to lose trust in a company's reliability.
Operational Disruption
Consequences of system downtime such as hospitals losing access to patient records or banks halting transactions.
Legal and Compliance Risks
Fines or penalties faced by industries like healthcare and finance for failing to maintain system availability.
Hardware Issues
Availability concerns involving server crashes or the failure of power supplies, hard drives, and network devices due to age, heat, or defects.
Natural Disasters
Events like fires, floods, earthquakes, or hurricanes that can damage physical buildings and network infrastructure.
Software Issues
Problems stemming from misconfigurations, poor coding practices, or lack of technical specifications that prevent user access to data.
Maintenance
A controlled circumstance used to update or change equipment which can result in unexpected downtime if it takes longer than planned.
Denial of Service (DoS)
A malicious attack originating from a single source that aims to flood a server or website with requests to overwhelm or crash it.
Distributed Denial of Service (DDoS)
An attack that uses multiple sources, often compromised devices turned into automated bots, to flood a target.
Ransomware
A type of crypto malware that encrypts files or systems, essentially locking users out until the data is decrypted.
Fallback Systems
Secondary sources, such as backups or redundant equipment, meant to replace a system should the primary source go down.
Backups
Copies of data used for recovery purposes; the method and storage location are typically detailed in recovery plans.
Redundancy
The practice of having a backup server or system available to mitigate hardware issues or malicious attacks.
Failover Systems
Systems that automatically activate when a primary source goes down, such as backup generators or Uninterruptible Power Supplies (UPS).
Uninterruptible Power Supply (UPS)
A type of failover system that provides emergency power when a loss of principal power occurs.
Active Mitigation
The planning, design, and configuration of networks to actively reduce or eliminate threats to availability.
Load Balancing
A strategy that spreads network traffic across multiple servers to prevent one from being overloaded or targeted by DoS/DDoS attacks.
Cloud Services
Offsite storage facilities that provide multiple failsafes, redundancies, and the ability to scale to handle heavy traffic volumes.