principles of security Flashcards
confidentiality (triad)
protection of data from unauthorized access and missuse
integrity (triad)
condition where data is kept accurate and consistent unless authorized changes are made
availability (triad)
data is available and accessible to authorized users
threat modelling
process of reviewing, improving, and testing security protocols in place at organization’s information technology infrastructure/services
an effective threat model includes
threat intelligence
asset identification
mitigation capabilities
risk assessment
Incident Response
IR
*steps taken to resolve/remediate the effects of an incident
incidents are classified..?
using rating of urgency/impact
*urgency determined by attack type
*impact determined by affected system and repercussions
CSIRT
comp sec IR team
*pre-arranged group of employees with knowlege of systems/current incident
six phases of incident response
preparation
identification
containment
eradication
recovery
lessons learned