Public

    PDF Notes: Information Security 1

    Master this deck with 25 terms through effective study methods.

    Generated from uploaded pdf

    Created by @memory

    What is confidentiality in information security?

    Restricts access to authorized users only.

    What does integrity ensure in information security?

    Maintains accuracy and completeness of data.

    What is availability in information security?

    Ensures authorized users can access information when needed.

    What are the immediate actions taken during incident response?

    Contain and mitigate the effects of a security breach.

    What is the purpose of detection in incident response?

    Identify potential security incidents.

    How does containment differ from eradication in incident response?

    Containment limits damage, while eradication removes the threat.

    What happens during the recovery phase of incident response?

    Affected systems and services are restored.

    What is the goal of learning in incident response?

    Improve future security posture and response procedures.

    What are proactive measures in incident response?

    Actions taken before an incident to prevent it.

    What distinguishes reactive measures from proactive measures?

    Reactive measures address incidents after they occur.

    What is the purpose of an Acceptable Use Policy (AUP)?

    Defines how employees should use company systems.

    What is the role of continuous network monitoring?

    Detect unusual activity in real-time.

    What does digital forensics focus on?

    Uncovering and preserving digital evidence.

    What is the first step in digital forensics?

    Identifying potential sources of digital evidence.

    What is the significance of validation in digital evidence collection?

    Ensures evidence has not been altered.

    What is the difference between volatile and non-volatile data?

    Volatile data is lost when powered off; non-volatile remains.

    What type of evidence directly links a suspect to a crime?

    Direct evidence provides clear proof without inference.

    What is circumstantial evidence?

    Indirect evidence suggesting involvement through inference.

    What challenges arise from encryption in digital evidence collection?

    Accessing data becomes difficult without decryption keys.

    What is the purpose of hashing in preserving digital evidence?

    Proves the integrity of the evidence collected.

    What does maintaining the chain of custody ensure?

    Legal admissibility of evidence in court.

    What is live acquisition in digital forensics?

    Collecting data from a running system.

    What is the best acquisition method based on?

    Data type, device state, and urgency of the situation.

    What is the focus of forensic data analysis?

    Identifying specific data patterns to detect anomalies.

    How does digital forensics differ from forensic data analysis?

    Digital forensics investigates cybercrimes, while data analysis focuses on patterns.