Defense in Depth Flashcards Preview

UCT - Phase 2, Block 2 (DCO) > Defense in Depth > Flashcards

Flashcards in Defense in Depth Deck (11)
Loading flashcards...
1

Which component of the CIA triad refers to assurance that information can be read and interpreted only by persons and processes explicitly authorized to do so.

Confidentiality

2

Which component of the CIA triad refers to the assurance that information remains intact, correct, and authentic.

Integrity

3

Which component of the CIA triad refers to assurance that authorized users can access and work with information
assets, resources, and systems when needed, with sufficient response and performance.

Availability

4

____________ * _______________ = Risk

Threat * Vulnerability = Risk

5

What are the different threat categories?

Environmental: fire, flood, power outage
External: terrorists, organized crime, hackers, etc.
Internal: disgruntled employees, agents, errors
Structured: well organized planned, methodical attacks
Unstructured: random attacks with limited resources

6

Potential for threat-source to exploit vulnerability

Threat

7

Flaw that can present a security breach

Vulnerability

8

Which Defense-in-Depth approach treats all systems as equally important?

Uniform Protection

9

Which Defense-in-Depth approach subdivides and separates networks using VLANs, VPNs, Host-Based Firewalls and Internal Network Firewalls?

Protected Enclaves

10

Which Defense-in-Depth approach prioritizes protection of information over systems and creates successive layers of protection between the information and the attacker

Information Centric

11

Which Defense-in-Depth approach IDs various vectors of threats and provides security mechanisms to prevent the use of the vector? This requires figuring out how to place controls on the vectors to prevent the threat from crossing the vulnerability.

Vector Oriented