Flashcards in Defense in Depth Deck (11)
Which component of the CIA triad refers to assurance that information can be read and interpreted only by persons and processes explicitly authorized to do so.
Which component of the CIA triad refers to the assurance that information remains intact, correct, and authentic.
Which component of the CIA triad refers to assurance that authorized users can access and work with information
assets, resources, and systems when needed, with sufficient response and performance.
____________ * _______________ = Risk
Threat * Vulnerability = Risk
What are the different threat categories?
Environmental: fire, flood, power outage
External: terrorists, organized crime, hackers, etc.
Internal: disgruntled employees, agents, errors
Structured: well organized planned, methodical attacks
Unstructured: random attacks with limited resources
Potential for threat-source to exploit vulnerability
Flaw that can present a security breach
Which Defense-in-Depth approach treats all systems as equally important?
Which Defense-in-Depth approach subdivides and separates networks using VLANs, VPNs, Host-Based Firewalls and Internal Network Firewalls?
Which Defense-in-Depth approach prioritizes protection of information over systems and creates successive layers of protection between the information and the attacker