Fundamentals Of Security Flashcards
Information Security
The act of protecting the data from unauthorized access, modification, corruption and desctruction
Information Systems Security
The act of protecting the systems that hold the data we want to protect
CIA triad
The three pillars of security
- Confidentiality
- Integrity
- Availability
CIANA Pentagon
Modern, expanded version of the CIA Triad
-Confidentiality
- Integrity
- Availability
- Non Repudiation
- Authentication
Threat
Anything that negatively impact our information technology systems
Vulnerability
Any weakness in the system design or implementation
Risk Management
Finding ways to minimize the likelihood of a negative outcome and achieve a positive outcome
Confidentiality
Protecting information from unauthorized access and disclosure
Why is Confidentiality Important?
- To protect personal privacy
- To maintain business advantage
- To achieve regulatory compliance
What are the basic methods of maintaining Confidentiality?
- Encryption
- Access Controls
- Data Masking
- Physical Security Measures
- Training & Awareness
Integrity
Ensures that that information and data remain accurate and unaltered unless intentionally modified
Why is Integrity important?
- To ensure data accuracy
- To maintain trust
- To ensure system operability
What are the methods of maintaining Integrity?
- Hashing
- Digital Signatures
- Checksums
- Access Controls
- Regular Audits
Availability
Ensuring that information, systems and resources are accessible and operational when needed
Why is Availability important?
- Ensuring business continuity
- Maintaining customer trust
- Upholding an Organization’s reputation
What are the basic methods of maintaining Availability?
- Redundancy
Non-repudiation
Ensuring that individuals and entities involved in a transaction cannot deny their participation or authenticity of their actions
What are the basic methods of achieving Non-repudiation?
Digital Signatures