Security Architectures Flashcards
Threat Modeling
As the process of describing probable adverse effects on our assets caused by specific threats sources.
When we do threat modeling….what do we consider
- Important to only consider dangers
- Potential impact of those threats
- Specify threat sources
Attack Trees
Is a graph showing how individual actions by attackers can be chained together to achieve their goals.
Attack tree lend themselves to a methodology known as reduction analysis….there are 2 aspects:
- Reduce the number of attacks
- Reduce the threat posed by the attack
STRIDE
Developed by Microsoft in 1999
Is a threat modeling framework that evaluates a system’s design using flow diagrams, systems entities, and events related to a system.
The Lockheed Martin Cyber Kill Chain
- It is used to anticipate the intent and actions of an enemy and then develop a plan to get inside their decision loop and defeat them.
- The term kill chain evolved to describe the process of identifying a target, determining the best way to engage it, amassing the required forces against it, engaging it, and destroying it.
- It identifies the steps that threat actors generally must complete to achieve their objectives.
7 Stages of the Lockheed Martin Cyber Kill Chain
- Reconnaissance
- Weaponization
- Delivery
- Exploitation
- Installation
- Command and Control
- Action on Objective
STRIDE
Mnemonic
S - Spoofing
T - Tampering
R - Repudiation
I - information Disclosure
D - Denial of Service
E - Elevation of Privilege
Cyber Kill Chain is a high level framework
It is one of the most commonly used one for modeling threats
MIRATE Corporation developed a framework of…
Adversarial Tactics, Techniques & Common Knowledge called ATT&CK as a comprehensive tactics and techniques used by threat actors
- 14 Tactics contains a number of techniques—> sub-techniques
Why Bother with threat modeling
Threat modeling allows us to simplify some of the activities of our adversaries so we can drill into the parts that really matter to us as defenders.
Basic Security questions 3 questions:
- Why might someone want to target our organization (Motive)
- How could they go about accomplishing their objectives (Means)
- When and where would they attack us (Opportunity)
Defence in Depth
- Which is the coordinated use of multiple security controls in a layered approach.
- Multilayered defence systems
Zero Trust
- The Zero Trust model is one in which every entity is considered hostile until proven otherwise.
- Built inside out.
- this is not 100% practical as it may impact productivity
Trust But Verify
Basically mean that, even when an entity and its behaviours are trusted, we should double-check both
Shared Responsibility
Refers situation in which a service provider is responsible for certain security controls, while the customer is responsible for others.
Separation of Duties
SoD, in which important functions are divided among multiple individuals to ensure that no one person has the ability to intentionally or accidentally cause serious losses to the organization.
Least Privilege
- Least Privilege, states that people are granted exactly the access and authority that they require to do their jobs, and nothing more.
- Need-to-know principle is similar to the least privilege principle
Authorization Creep
As Employees work at an organization over time and move from one department to another, they often are assigned more and more access rights and permissions.