2.0a Security Principles Flashcards
Basic Security Principles
Confidentiality
Ensuring sensitive data is only accessible to authorized individuals or entities and protected from unauthorized disclosure.
Integrity
Maintaining the accuracy, consistency, and trustworthiness of data and information throughout it’s lifecycle.
Availability
Ensuring information and resources are accessible and usable by authorized users when needed.
Authentication
Verifying the identity of users, systems, or divices to ensure they are who they claim to be.
Authorization
Granting appropriate access rights and privileges to authorized users based on their roles and responsibilities.
Non-Repudiation
Ensuring the origin and receipt of information or transactions can be verified and parties cannot deny their involvement.
Defense in Depth
Implementing multiple layers of security controls to protect against various types of cyber threats and attacks.
Least Privilege
Providing users with the minimum level of access necessary to perform their tasks, reducing the risk of unauthorized access or misuse.
Separation of Duties
Assigning different tasks and responsibilities to different individuals to prevent any single person from having complete control over critical processes.
Auditability and Accountability
Keeping track of security events and actions, enabling traceability and accountability in case of security incidents.
Defense in Breadth
Extending security controls across various layers and components of an IT system to provide comprehensive protection against diverse cyber threats.
Privacy
Ensuring the protection of individuals’ personal and sensitive information from unauthorized access or disclosure.
Security by Design
Integrating security measures and considerations from the early stages of system design and development.
Incident Response
Having a well-designed and practiced plan to respond to security incidents promptly and effectively.
Patch Management
Regularly applying security patches and updates to software and systems to address known vulnerabilities
Encryption
Using Cryptographic techniques to protect data from unauthorized access or tampering.
Physical Security
Implementing measures to safeguard physical assets, such as servers, data centers, and devices, from theft or damage.
Monitoring and Logging
Collecting and analyzing security logs and events to detect and respond to suspicious activities or breaches.
Redundancy and Resilience
Building redundancy and resilience into critical systems to ensure continuity of operations in the face of disruptions
User Education
Conducting cybersecurity awareness training for employees and users to promote safe online practices and reduce human-related security risks.
Secure Software Development
Integrating secure coding practices and conduction regular security assessments during software development to minimize vulnerabilities
Insider Threat Mitigation
Implementing measures to detect and prevent malicious activities from insiders, such as employees, contractors, or partners.
Least Common Mechanism
Reducing the shared access to resources or data among users and applications to limit the potential impact of security breaches.
Mobile Device Security
Implementing security measures to protect mobile devices such as smartphones and tablets, and the sensitive data they store or access.
Clout Security
Applying security controls and best practices to secure data and applications hosted in cloud environments.
Secure Remote Access
Implementing secure remote access solutions for employees and authorized users to connect to internal resources securely.
Identity and Access Management (IAM)
Controlling and managing user access to systems and resources bases on their roles and permissions.
Cyber Threat Hunting
Proactively searching for signs of cyber threats and intrusions within an organization’s network and systems.
Disaster Recovery Planning (DRP)
Developing plans and procedures to recover IT systems and operations in case of a significant cybersecurity incident or disaster.
Social Media Security
Education users about safe practices on social media platforms to prevent information leaks and social engineering attacks.
