1.1 General Security Concepts Flashcards
Core Security Concepts
CIA Triad:
Confidentiality, Integrity, Availability
Non-Repudiation:
Ensuring that a sender cannot deny sending a message.
Zero Trust Architecture
Never Trust, Always Verify: A security model that assumes no implicit trust.
Least Privilege Principle: Granting users only the necessary permissions.
Zero Trust Control Plane: Manages security policies and enforces access controls.
Zero Trust Data Plane: Network infrastructure that transmits data.
Deception Technologies
Honeypots:
Decoy systems to attract and distract attackers.
Honeynets:
Networks of honeypots.
Honeyfiles and Honeytokens:
False data or credentials to identify attackers.
Physical Security Controls
Preventative Controls:
Fences, gates, access controls, security guards.
Detective Controls:
Surveillance cameras, intrusion detection systems, sensors.
Change Management
Business Processes: Change request, approval, impact analysis, testing, deployment, review.
Technical Implications: Configuration management, version control, downtime, service restarts.
Documentation and Version Control
Importance of Documentation:
Clear and accurate documentation for security operations
Version Control Systems:
Manage changes to code and configurations.
Configuration Management Database (CMDB):
Repository for IT asset information.