Chapter 1 – Understanding Security Fundamentals
- The three components of the CIA triad are confidentiality (where the data is encrypted), integrity (where the data uses hashing), and availability (where the data is available, for example, by restoring data from a backup).
- An inactive CCTV camera could be used as a deterrent since criminals would not know that it is inactive.
- Confidentiality means preventing other people from viewing the data; the best way to keep data confidential is to encrypt it.
- The best way to control entry into a data center is to install a mantrap.
- The purpose of an air gap is to prevent data theft by removing physical connections between the device and network. The only way to insert or remove data from an air-gapped machine is with removable media like a USB drive.
- The three control categories are managerial, operational, and technical.
- Any three of the following physical controls will apply: Lighting, cameras, robot sentries...