.png){kind=logo}
1
DETAILED ANSWERS|LATEST
PASS CIA Triad - ANSWER Confidential - allowing only those authorized to access the data requested Integrity - keeping data unaltered in an unauthorized manner and reliable Availability - the ability for those authorized to access data when needed
Parkerian Hexad - ANSWER Confidentiality Integrity Availability Possession - physical deposition of the media on which the data is stored Authenticity - allows us to talk about the proper attribution as to the owner or creator of the data in question Utility - how useful the data is to us
Attack Types - ANSWER Interception Interruption Modification Fabrication
Interception - ANSWER an attacker has access to data , applications or environment
Interruption - ANSWER attacks cause our assets to become unusable or unavailable
Modification - ANSWER attacks involve tampering with our asset
- / 2
2
Fabrication - ANSWER attacks that create false information
Threat - ANSWER something that has potential to cause harm
Vulnerability - ANSWER weaknesses that can be used to harm us
Something you know - ANSWER username , password , PIN
Something you have - ANSWER ID badge , swipe card , OTP
Something you are - ANSWER fingerprint, Iris Retina scan
Somewhere you are - ANSWER geolocation
Something you do - ANSWER handwriting , typing , walking
Authentication - ANSWER verifying that a person is who they claim to be
Mutual authentication - ANSWER Both parties in a transaction to authenticate each other
- Has digital certificates
- Prevents man in the middle attacks
- The man in the middle is where the attacker inserts themselves into the traffic flow
- Ex . Both the PC and server authenticate each other before data is sent in either direction
Risk management process - ANSWER 1. Identify Asset - identifying and categorizing assets that we're protecting
- / 2
.png)