Fundamentals of Security Flashcards
What is CIA triad
Confidentiality - Ensures information is accessible only to authorized personnel
Integrity - Ensures data remains accurate and unaltered
Availability - Ensures information and resources are available when needed.
What is CIANA Pentagon
Same as CIA but add:
Non-repudiation - Guarantees that an action or event cannot be denied by the involved parties
Authentication - verifying the identity of a user or system ( e.g. password checks )
Triple A’s of Security
Authentication - verifying the identity of a user or system ( e.g. password checks )
Authorization - Determining actions or resources an authenticated user can access ( e.g. permissions)
Accounting - Tracking user activities and resource usage for audit or billing purposes
Where threats and vulnerabilities intersect:
- If you have a threat but there is no matching vulnerability to it then you have no risk
- If you have a vulnerability but there’s no threat against it, there would be no risk
Technical
Managerial
Operational
Physical, are known as:
Security Control Categories
Preventive
Deterrent
Detective
Corrective
Compensating
Directive, are known as:
Security Control Types
Control Plane - Adaptive identity, threat scope reduction, policy-driven access control, and secured zones
Data Plane - Subject/System, policy engine, policy administrator, and establishing policy enforcement points
Zero Trust model
- Refers to the protection of information from unauthorized access and disclosure.
- Ensure that that private or sensitive information is not available or disclosed to unauthorized individuals, entities, or processes
Confidentiality
What is finding different ways to minimize the likelihood of an outcome and achieve the desired outcome?
Risk Management
3 main reasons to ensure Confidentiality
To protect personal privacy
To maintain a business advantage
To achieve regulatory compliance
5 methods to ensure confidentiality
- Encryption - Process of converting data into a code to prevent unauthorized access
- Access Controls - By setting up strong user permissions, you ensure that only
authorized personnel can access certain types of data. - Data Masking - Method that involves obscuring specific data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users.
- Physical Security Measures - Ensure confidentiality for both physical types of data, such as paper records stored in a filing cabinet, and for digital information contained on servers and workstations.
- Training and Awareness - conduct regular training on the security awareness best practices that employees can use to protect their organizations sensitive data.
■ Helps ensure that information and data remain accurate and unchanged from its
original state unless intentionally modified by an authorized individual
■ Verifies the accuracy and trustworthiness of data over the entire lifecycle
Integrity
Integrity is important for three main reasons?
■ To ensure data accuracy
■ To maintain trust
■ To ensure system operability
5 Methods To help us maintain the integrity of our data, systems, and networks, we usually utilize are?
■ Hashing - Process of converting data into a fixed-size value
■ Digital Signatures - Ensure both integrity and authenticity
■ Checksums - Method to verify the integrity of data during transmission
■ Access Controls - Ensure that only authorized individuals can modify data and this reduces the risk of unintentional or malicious alterations
■ Regular Audits - Involve systematically reviewing logs and operations to ensure that onlyauthorized changes have been made, and any discrepancies are immediately addressed.
As cybersecurity professionals, we value availability since it can help us with the
following :
■ Ensuring Business Continuity
■ Maintaining Customer Trust
■ Upholding an Organization’s Reputation
To overcome the challenges associated with maintaining availability, the best strategy is to use ______________ in your systems and network designs
■ Redundancy - Duplication of critical components or functions of a system with the intention of enhancing its reliability.
Various Types of Redundancy you might want to consider are:
■ Server Redundancy - Involves using multiple servers in a load balanced or failover configuration so that if one is overloaded or fails, the other servers can take over the
load to continue supporting your end users
■ Data Redundancy - Involves storing data in multiple places
■ Network Redundancy - Ensures that if one network path fails, the data can travel through another route
■ Power Redundancy - Involves using backup power sources, like generators and UPS system
■ Considered to be unique to each user who is operating within the digital domain
■ Created by first hashing a particular message or communication that you want to
digitally sign, and then it encrypts that hash digest with the user’s private key
using asymmetric encryption
Digital Signatures
Non-repudiation is important for three main reasons are?
■ To confirm the authenticity of digital transactions
■ To ensure the integrity of critical communications
■ To provide accountability in digital processes
■ Security measure that ensures individuals or entities are who they claim to be
during a communication or transaction?
Authentication
5 commonly used authentication methods are?
■ Something you know (Knowledge Factor) - Relies on information that a user can Recall
■ Something you have (Possession Factor) - Relies on the user presenting a physical item to authenticate themselves
■ Something you are (Inherence Factor) - Relies on the user providing a unique physical or behavioral characteristic of the person to validate that they are who they claim to be
■ Something you do (Action Factor) - Relies on the user conducting a unique action to prove who they are
■ Somewhere you are (Location Factor) - Relies on the user being in a certain geographic location before access is granted
Authentication is critical to understand because of the following:
■ To prevent unauthorized access
■ To protect user data and privacy
■ To ensure that resources are accessed by valid users only
Your organization should use a robust accounting system so that you can create the
following :
■ Create an audit trail
■ Maintain regulatory compliance
■ Conduct forensic analysis
■ Perform resource optimization
■ Achieve user accountability
To perform accounting, we usually use different technologies like the following:
■ Syslog Servers - Used to aggregate logs from various network devices and systems so that system administrators can analyze them to detect patterns or anomalies
in the organization’s systems
■ Network Analysis Tools - Used to capture and analyze network traffic so that network administrators can gain detailed insights into all the data moving within a
network
■ Security Information and Event Management (SIEM) Systems - Provides us with a real-time analysis of security alerts generated by various hardware and software infrastructure in an organization
What are 4 Broad Categories of Security Controls?
■ Technical Controls - Technologies, hardware, and software mechanisms that are implemented to manage and reduce risks
■ Managerial Controls - Sometimes also referred to as administrative controls
and Involve the strategic planning and governance side of security
■ Operational Controls - Procedures and measures that are designed to protect data on a day-to-day basis and are mainly governed by internal processes and human actions
■ Physical Controls - Tangible, real-world measures taken to protect asset
6 basic Types of Security Controls are:
Preventive - Firewalls
Deterrent - Signs or banners
Detective - Cameras or IDS ( Intrusion Detection System )
Corrective - Malware
Compensating - Alternative measures like on legacy systems: use WPA2 and a VPN together
Directive
● Guide, inform, or mandate actions
● Often rooted in policy or documentation and set the standards for behavior within an organization
Process of evaluating the differences between an organization’s current
performance and its desired performance?
Gap Analysis
Basic Types of Gap Analysis are:
■ Technical Gap Analysis
■ Business Gap Analysis
■ Plan of Action and Milestones (POA&M) -
● Outlines the specific measures to address each vulnerability
● Allocate resources
● Set up timelines for each remediation task that is needed
● Refers to the overarching framework and set of components responsible
for defining, managing, and enforcing the policies related to user and
system access within an organization
● typically encompasses several key elements
○ Adaptive Identity
■ Relies on real-time validation that takes into account the
user’s behavior, device, location, and more
○ Threat Scope Reduction
■ Limits the users’ access to only what they need for their
work tasks because this reduces the network’s potential
attack surface
■ Focused on minimizing the “blast radius” that could occur
in the event of a breach
○ Policy-Driven Access Control
■ Entails developing, managing, and enforcing user access
policies based on their roles and responsibilities
○ Secured Zones
■ Isolated environments within a network that are designed
to house sensitive data
Control Plane ( Zero Trust )
● Ensures the policies are properly executed
● Consists of the following
○ Subject/System
■ Refers to the individual or entity attempting to gain access
○ Policy Engine
■ Cross-references the access request with its predefined
policies
○ Policy Administrator
■ Used to establish and manage the access policies
○ Policy Enforcement Point
■ Where the decision to grant or deny access is actually
execute
Data Plane ( Zero Trust )`