1.1 Flashcards
CIA Triad
-confidentiality
-availability
-integrity
confidentiality
Involves using techniques to allow only approved subjects with the ability to view information
what technique does confidentiality generally use?
cryptography
what does confidentiality measure?
Measures an attacker’s ability to get unauthorized access to data or information from an application or
system
confidentiality info includes:
-passwords
-cryptographic keys
-personally identifiable (PII)
-personal health info (PHI)
-intellectual property (IP)
examples of confidentiality:
- Using an IPsec virtual private network (VPN)
- Leveraging mutual Transport Layer Security (TLS) between a web browser and web server or controller
- Storing sensitive data or credentials in a mobile device partition or secure enclave
- Implementing Advanced Encryption Standard (AES) encryption on data at rest
in storage (file, block, object, databases, etc.)
integrity
Involves safeguarding against improper information
modification or destruction
Is a property that data or information have not been
altered or damaged in an unauthorized way
examples of integrity:
- An operating system that performs a mathematical checksum when a file is moved or copied from one volume to another
- A frame check sequence conducted on an Ethernet frame when sent from one MAC address to another
- A hashed message authentication code applied to advertisements sent between neighbor systems such as routers or gateways
- Implementation of a mandatory access model technique such as Biba or ClarkWilson
Availability
the process of ensuring timely
and reliable access to and use of information
availability is a property of:
data, information, applications, systems, or services that are accessible and usable upon demand by an authorized subject
high availability
a failover feature to
ensure availability during device or
component interruptions both, planned and unplanned
examples of availability:
Implementing security controls that protect systems and services from spoofing, flooding, denial-of service (DDoS), poisoning, and other attacks that negatively affect the ability to deliver data, content,
or services
non-repudiation
refers to enforcing the
inability of a subject to deny that they participated in a digital transaction, agreement, contract, or communication such as an email
non-repudiation example:
if you take a pen and sign a
(legal) contract, your signature is a nonrepudiation device
what is the 3 components of AAA?
-Authentication
-Authorization
-Accounting
Authentication
the process of validating that an
entity (user, application, or system) is who or what they claim to be
-mandatory
Authorization
the process of granting an
authenticated entity permission to access a resource or perform a specific function
-optional
Accounting
– basically, when did the entity begin, when did it end, and how long did they do it?
Character mode
sends keystrokes
and commands (characters) to a
network admission device for the
purpose of configuration or
administration on THAT same device
Packet (or network) mode
occurs when the network admission device serves as an authentication proxy on behalf of services in other networks such as the web, File Transfer Protocol (FTP), domain name system (DNS), etc.
Transmission Control Protocol (TCP)
three-way communication handshake before the
authentication process
Accounting is generally implemented for two use cases:
- Monitoring, visibility, and reporting
- Billing, chargeback, and reporting
Remote Authentication Dial-in User Service (RADIUS)
one of the most popular Internet Engineering Task Force (IETF)-based AAA services, and it is known for exceptional accounting capabilities
authenticating people
confirming that they are who they claim to be
This confirms only those with authorized credentials
gain access to secure systems
