Class three Flashcards
Identify
First step of security framework, identification of your valuable assets - consider all locations in digital landscape, all potential vectors of attack, inherent value of each location. Not necessarily within a network perimeter due to mobile, cloud, and supplier systems.
Protect
Second step of security framework, protect with appropriate security using various control types. Categories of control: physical, technical, procedural, legal.
Detect
Third step of security framework, detect compromised accounts and devices
Respond
Fourth step of security framework, quarantine the problem and identify countermeasures
Recover
Last step of security framework, replace, restore, or otherwise fix compromised assets
Cyber defense points
Determine where important info is located and where it passes through. Data, devices, applications, systems, networks, communication channels.
Control types
Physical, procedural, technical, and legal security controls.
Control modes
proactive/preventative, reactive/detective, corrective cyber defenses.
Information classification
assignment of one or more values to a collection of knowledge to help us understand how alike it is to other sets of knowledge and know the comparative security requirements and priority. CIA for infosec. Sometimes also consent for info on private individuals.
consent
Legal considerations are involved in how personal electronic information can be used and where it can be viewed, stored, transmitted, or otherwise processed. As such, permission is required to specify what info can be collected, where processed, how long retained.
Confidentiality
assignment of a value to a set of info to indicate level of secrecy and access restrictions required to prevent unauthorized people from viewing it.
Integrity
value assigned to a set of information to indicate how sensitive it is to degradation of accuracy or data loss (loss of access, not theft). Typically how often to back it up or if it needs a permanent failover system.
Availability
value assigned to a set of information to indicate how much disruption or outage the owner considers acceptable. Often a time scale. If needs to always be available, redundant failsafe.
Data as defense point
info in digital or electronic format, some security controls can be applied directly to this.
Devices as defense point
hardware used to create, modify, process, store, or transmit data: computers, smartphones, USB.
Applications as defense point
software on any device. Usually used to create, modify, process, store, inspect, or transmit info.
Systems as defense point
groups of applications for a complex purpose
Networks as defense point
group of devices, wiring, and applications that connect, carry, broadcast, monitor, or safeguard data. Can be physical or virtual.
Security architect benefits
Can help reorganize infosec landscape to make it easier to defend.
Physical security
Measures designed to deter, prevent, detect, or alert unauthorized real-world access to a site or material item.
Technical control
use of electronic or digital method to influence or command how something like a digital device can or cannot be used. Eg removing ability to cut and paste on smartphone.
Procedural control
instruction during a sequence of required steps to limit how something is or is not permitted to be used. Eg: minimum of 2 authorized persons to approve access request.
Legal control
legislation to promote and invest in positive security methods and deter, punish, and correct infringements.
Advanced persistent threats (APTs)
term used to describe tenacious and highly evolved set of tactics used by threat actors to infiltrate networks through digital devices and leave malicious software in place for as long as possible.
