Untitled Deck Flashcards
Information Security
Protecting data and information from unauthorized access, modification, disruption, disclosure, and destruction
Information Systems Security
Protecting the systems (e.g., computers, servers, network devices) that hold and process critical data
CIA Triad
Confidentiality, Integrity, Availability
Confidentiality
Ensures information is accessible only to authorized personnel (e.g., encryption)
Integrity
Ensures data remains accurate and unaltered (e.g., checksums)
Availability
Ensures information and resources are accessible when needed (e.g., redundancy measures)
Non-Repudiation
Guarantees that an action or event cannot be denied by the involved parties (e.g., digital signatures)
CIANA Pentagon
An extension of the CIA triad with the addition of non-repudiation and authentication
Triple A’s of Security
Authentication, Authorization, Accounting
Authentication
Verifying the identity of a user or system (e.g., password checks)
Authorization
Determining actions or resources an authenticated user can access (e.g., permissions)
Accounting
Tracking user activities and resource usage for audit or billing purposes
Security Control Categories
Technical, Managerial, Operational, Physical
Security Control Types
Preventative, Deterrent, Detective, Corrective, Compensating, Directive
Zero Trust Model
Operates on the principle that no one should be trusted by default
Control Plane (Zero Trust)
Adaptive identity, threat scope reduction, policy-driven access control, and secured zones
Data Plane (Zero Trust)
Subject/system, policy engine, policy administrator, and establishing policy enforcement points
Threat
Anything that could cause harm, loss, damage, or compromise to our information technology systems
Threat Sources
Natural disasters, Cyber-attacks, Data integrity breaches, Disclosure of confidential information
Vulnerability
Any weakness in the system design or implementation
Vulnerability Sources
Software bugs, Misconfigured software, Improperly protected network devices, Missing security patches, Lack of physical security
Risk
The intersection of a threat and a vulnerability
Reasons Confidentiality is important
To protect personal privacy, To maintain a business advantage, To achieve regulatory compliance
Methods to ensure Confidentiality
Encryption, Access Controls, Data Masking, Physical Security Measures, Training and Awareness
Encryption
Process of converting data into a code to prevent unauthorized access
Access Controls (Confidentiality)
Setting up strong user permissions to ensure only authorized personnel can access certain data
Data Masking
Obscuring specific data within a database for unauthorized users while retaining its use for authorized users
Physical Security Measures (Confidentiality)
Ensuring confidentiality for both physical and digital information
Training and Awareness (Confidentiality)
Regular training on security awareness best practices
Reasons Integrity is important
To ensure data accuracy, To maintain trust, To ensure system operability
Methods to maintain Integrity
Hashing, Digital Signatures, Checksums, Access Controls, Regular Audits
Hashing
Process of converting data into a fixed-size value
Digital Signatures
Ensure both integrity and authenticity
Checksums
Method to verify the integrity of data during transmission
Access Controls (Integrity)
Ensure only authorized individuals can modify data
Regular Audits
Systematically reviewing logs and operations to ensure only authorized changes have been made
Reasons Availability is important
Ensuring Business Continuity, Maintaining Customer Trust, Upholding an Organization’s Reputation
How to maintain Availability
Using redundancy in systems and network designs
Redundancy
Duplication of critical components or functions of a system to enhance reliability
Server Redundancy
Using multiple servers in a load-balanced or failover configuration
Data Redundancy
Storing data in multiple places
Network Redundancy
Ensures that if one network path fails, the data can travel through another route
Power Redundancy
Using backup power sources, like generators and UPS systems
Reasons Non-repudiation is important
To confirm the authenticity of digital transactions, To ensure the integrity of critical communications, To provide accountability in digital processes
5 Commonly used Authentication Methods
Something you know (Knowledge Factor), Something you have (Possession Factor), Something you are (Inherence Factor), Something you do (Action Factor), Somewhere you are (Location Factor)
Something you know (Authentication)
Relies on information a user can recall
Something you have (Authentication)
Relies on the user presenting a physical item
Something you are (Authentication)
Relies on a unique physical or behavioral characteristic
Something you do (Authentication)
Relies on a unique action
Somewhere you are (Authentication)
Relies on the user being in a certain geographic location
Multi-Factor Authentication (MFA)
Requires multiple methods of identification
Reasons Authentication is critical
To prevent unauthorized access, To protect user data and privacy, To ensure resources are accessed by valid users only
Authorization
Permissions and privileges granted after authentication
Reasons Authorization mechanisms are important?
To protect sensitive data, To maintain system integrity, To create a streamlined user experience
Accounting
Ensures all user activities are tracked and recorded
Reasons a robust Accounting system is important?
Create an audit trail, Maintain regulatory compliance, Conduct forensic analysis, Perform resource optimization, Achieve user accountability
Technologies used for Accounting
Syslog Servers, Network Analysis Tools, SIEM Systems
Syslog Servers
Aggregate logs from various devices for analysis
Network Analysis Tools
Capture and analyze network traffic
SIEM Systems
Real-time analysis of security alerts
Security Control Categories (4)
Technical, Managerial, Operational, Physical
Technical Controls
Technologies, hardware, and software to manage and reduce risks
Managerial Controls
Strategic planning and governance of security
Operational Controls
Procedures and measures for day-to-day data protection
Physical Controls
Tangible measures to protect assets
Security Control Types (6)
Preventive, Deterrent, Detective, Corrective, Compensating, Directive
Preventive Controls
Proactive measures to thwart threats
Deterrent Controls
Discourage attackers by making attacks less appealing
Detective Controls
Monitor and alert to malicious activities
Corrective Controls
Mitigate damage and restore systems
Compensating Controls
Alternative measures when primary controls are not feasible
Directive Controls
Guide, inform, or mandate actions (often policy-based)
Gap Analysis
Evaluating the differences between current and desired performance
Steps in Conducting a Gap Analysis
Define the scope, Gather data on the current state, Analyze the data, Develop a plan to bridge the gap
Types of Gap Analysis
Technical Gap Analysis, Business Gap Analysis
Technical Gap Analysis
Evaluating technical infrastructure
Business Gap Analysis
Evaluating business processes
Plan of Action and Milestones (POA&M)
Outlines measures to address vulnerabilities, allocate resources, and set timelines
Zero Trust
Demands verification for every device, user, and transaction
Two Planes of Zero Trust
Control Plane, Data Plane
Control Plane (Zero Trust)
Framework for defining, managing, and enforcing access policies
Elements of Control Plane (Zero Trust)
Adaptive Identity, Threat Scope Reduction, Policy-Driven Access Control, Secured Zones
Adaptive Identity (Zero Trust)
Real-time validation based on user behavior, device, location, etc.
Threat Scope Reduction (Zero Trust)
Limits user access to reduce the attack surface
Policy-Driven Access Control (Zero Trust)
Managing access based on roles and responsibilities
Secured Zones (Zero Trust)
Isolated environments for sensitive data
Components used by Control Plane (Zero Trust)
Policy Engine, Policy Administrator
Policy Engine (Zero Trust)
Cross-references access requests with predefined policies
Policy Administrator (Zero Trust)
Establishes and manages access policies
Data Plane (Zero Trust)
Consists of the Subject/System and Policy Enforcement Point
Subject/System (Zero Trust)
The entity attempting to gain access
Policy Enforcement Point (Zero Trust)
Where access decisions are executed
Threat Actor Objectives
Summarize security concepts, Compare threat actors and motivations, Explain threat vectors and attack surfaces
Threat Actor Motivations
Data Exfiltration, Blackmail, Espionage, Service Disruption, Financial Gain, Philosophical/Political Beliefs, Ethical Reasons, Revenge, Disruption/Chaos, War
Threat Actor Attributes
Internal vs. External, Differences in resources and funding, Level of sophistication
Types of Threat Actors
Unskilled Attackers, Hacktivists, Organized Crime, Nation-state Actors, Insider Threats
Unskilled Attackers (Script Kiddies)
Individuals with limited technical expertise who use readily available tools
Hacktivists
Individuals or groups driven by political, social, or environmental ideologies
Organized Crime
Groups that execute cyberattacks for financial gain (e.g., ransomware, identity theft)
Nation-state Actors
Highly skilled attackers sponsored by governments for cyber espionage or warfare
Insider Threats
Security threats originating from within the organization
Shadow IT
IT systems, devices, software, or services managed without explicit organizational approval
Threat Vector
The means or pathway by which an attacker gains unauthorized access
Shadow IT
Use of information technology systems, devices, software, applications, and services without explicit organizational approval; IT-related projects managed outside of the IT department.
Why does Shadow IT exist?
An organization’s security posture is set too high or too complex, negatively affecting business operations.
Bring Your Own Devices (BYOD)
Involves the use of personal devices for work purposes.
Threat Vector
The means or pathway by which an attacker can gain unauthorized access to a computer or network to deliver a malicious payload.
Attack Surface
Encompasses all the various points where an unauthorized user can try to enter or extract data from an environment. Can be minimized by restricting access, removing unnecessary software, and disabling unused protocols.
Message-based Threat Vectors
Threats delivered via email, SMS text messaging, or other forms of instant messaging.
Phishing campaigns are commonly used.
Phishing Campaigns (Message-based)
When an attacker impersonates a trusted entity to trick victims into revealing sensitive information.
Image-based Threat Vectors
Embedding malicious code inside an image file.
File-based Threat Vectors
Files, often disguised as legitimate documents or software, transferred as email attachments, through file-sharing services, or hosted on malicious websites.
Voice Calls (Threat Vector)
Vhishing: Use of voice calls to trick victims into revealing sensitive information.
Vhishing
Use of voice calls to trick victims into revealing sensitive information.
Removable Devices (Threat Vector)
One common technique is baiting: leaving a malware-infected USB drive in a public location.
Baiting (Removable Devices)
An attacker leaves a malware-infected USB drive in a location where a target might find it.
Unsecure Networks (Threat Vector)
Wireless, wired, and Bluetooth networks that lack appropriate security measures. Unauthorized access can intercept communications or gain network access.
MAC Address Cloning
An attack that can occur with physical access to network infrastructure.
VLAN Hopping
An attack that can occur with physical access to network infrastructure.
BlueBorne
A set of vulnerabilities in Bluetooth technology that allows attackers to take over devices, spread malware, or establish on-path attacks.
BlueSmack
A type of Denial of Service attack targeting Bluetooth devices by sending a specially crafted packet.
Deception and Disruption Technologies
Technologies designed to mislead, confuse, and divert attackers while detecting and neutralizing threats.
Tactics, Techniques, and Procedures (TTPs)
Specific methods and patterns of activities associated with a particular threat actor.
Honeypots
Decoy systems or networks set up to attract potential hackers.
Honeynets
A network of honeypots designed to mimic an entire network of systems (servers, routers, switches).
Honeyfiles
Decoy files placed within a system to lure attackers.
Honeytokens
Pieces of data or resources with no legitimate value but are monitored for access or use.
Bogus DNS entries
Fake Domain Name System entries introduced into a system’s DNS server.
Creating decoy directories
Fake folders and files placed within a system’s storage.
Dynamic page generation
Effective against automated scraping tools or bots trying to index or steal content.
Port Triggering
Security mechanism where services/ports remain closed until a specific outbound traffic pattern is detected.
Spoofing fake telemetry data
When a system detects a network scan, it can be configured to respond with fake network data.
Physical Security
Measures to protect tangible assets (buildings, equipment, people) from harm or unauthorized access.
Fencing and Bollards
Physical security controls. Fences are barriers made of posts and wire or boards. Bollards are short, sturdy vertical posts preventing vehicle access.
Fences
Barriers made of posts and wire or boards to enclose or separate areas; provide visual deterrent, physical barrier, and delay intruders.
Bollards
Robust, short vertical posts (steel or concrete) designed to manage or redirect vehicular traffic.
Brute Force Attacks (Physical Security)
Forcible entry, tampering with security devices, confronting security personnel, or ramming barriers with vehicles.
Forcible Entry
Gaining unauthorized access by physically breaking or bypassing barriers (windows, doors, fences).
Tampering with security devices
Manipulating security devices to create exploitable vulnerabilities.
Confronting security personnel
Direct confrontation or attack of an organization’s security personnel.
Ramming barriers with vehicles
Using a vehicle to ram into physical security barriers.
Surveillance Systems
An organized strategy to observe and report activities. Components include video surveillance, security guards, lighting, and sensors.
Video Surveillance
Can include motion detection, night vision, facial recognition, and remote access.
Security Guards
Flexible and adaptable forms of surveillance.
Lighting
Crucial for effective surveillance; deters criminals, reduces hiding spots, and enhances video quality.
Sensors
Devices that detect and respond to external stimuli. Categories include infrared, pressure, microwave, and ultrasonic.
Infrared Sensors
Detect changes in infrared radiation (emitted by warm bodies).
Pressure Sensors
Activated when a specified weight is detected.
Microwave Sensors
Detect movement by emitting microwave pulses and measuring reflections.
Ultrasonic Sensors
Measure the reflection of ultrasonic waves off moving objects.
Bypassing Surveillance Systems
Visual obstruction, blinding sensors/cameras, interfering with acoustics or electromagnetics, or attacking the physical environment.
Visual Obstruction
Blocking a camera’s line of sight (e.g., paint, stickers, objects).
Blinding Sensors and Cameras
Overwhelming a sensor or camera with a sudden burst of light.
Interfering with Acoustics
Jamming or playing loud music to disrupt microphones.
Interfering with Electromagnetic Signals (EMI)
Jamming the signals that surveillance systems rely on.
Attacking the Physical Environment
Physically tampering with surveillance equipment (e.g., cutting wires).
Access Control Vestibules
Double-door systems electronically controlled so only one door is open at a time; prevents piggybacking and tailgating.
Piggybacking
Two people working together; one with access allows another without access to enter.
Tailgating
An unauthorized person closely follows someone with access into a secure area without their knowledge.
Door Locks
Restrict and regulate access to spaces. Types include padlocks, pin and tumbler locks, numeric locks, wireless locks, biometric locks, and cipher locks.
Padlocks
Easily defeated, offer minimal protection.
Basic Door Locks
Vulnerable to simple techniques like lock picking.
Modern Electronic Door Locks
Utilize various authentication methods (identification numbers, wireless signals, biometrics).
Biometric Challenges
False Acceptance Rate (FAR), False Rejection Rate (FRR), Crossover Error Rate (CER).
False Acceptance Rate (FAR)
System erroneously authenticates an unauthorized user.
False Rejection Rate (FRR)
System denies access to an authorized user.
Crossover Error Rate (CER)
Balance between FAR and FRR for optimal authentication.
Cipher Locks
Mechanical locks with numbered push buttons requiring a correct combination.
Access Badge Cloning
Copying data from an RFID or NFC card onto another device. Steps: Scanning, Data Extraction, Writing, Using.
Radio Frequency Identification (RFID)
A technology used for contactless authentication.
Near Field Communication (NFC)
A technology used for contactless authentication.
Social Engineering
Manipulative strategy exploiting human psychology for unauthorized access.
Motivational Triggers (Social Engineering)
Familiarity/Likability, Consensus/Social Proof, Authority/Intimidation, Scarcity/Urgency, Fear.
Authority (Social Engineering)
People comply if they believe the request comes from someone in authority.
Urgency (Social Engineering)
Creating a sense of immediacy to drive quick action.
Social Proof (Social Engineering)
Looking to others’ behaviors to determine one’s own actions.
Scarcity (Social Engineering)
Psychological pressure when a resource is perceived as limited.
Likability (Social Engineering)
People want to interact with those they like.
Fear (Social Engineering)
Threatening negative consequences if instructions aren’t followed.
Impersonation (Social Engineering)
Pretending to be someone else. Includes brand impersonation, typosquatting, and watering hole attacks.
Brand Impersonation
Pretending to represent a legitimate company or brand.
Typosquatting/URL Hijacking/Cybersquatting
Registering domain names similar to popular websites with typographical errors.
Watering Hole Attacks
Compromising a website or service that a target is known to use.
Pretexting
Creating a fabricated scenario to manipulate targets.
Phishing
Sending fraudulent emails to obtain personal information.
Spear Phishing
Targeted phishing focused on a specific group or organization.
Whaling
Targets high-profile individuals (CEOs, CFOs).
Business Email Compromise (BEC)
Using a compromised business email account to trick other employees.
Vishing (Voice Phishing)
Tricking victims into sharing information over the phone.
Smishing (SMS Phishing)
Using text messages to trick individuals into providing information.
Key Indicators of Phishing
Urgency, unusual requests, mismatched URLs, strange email addresses, poor spelling/grammar.
Frauds
Wrongful or criminal deception for financial or personal gain.
Identity Fraud/Identity Theft
Using another person’s information without authorization.
Scams
Fraudulent or deceptive acts or operations.
Invoice Scam
A scam in which a person is tricked into paying for a fake invoice for a product or service they did not order.
Influence Campaigns
Coordinated efforts to affect public perception or behavior towards a particular cause, individual, or group. They foster misinformation and disinformation.
Misinformation
False or inaccurate information shared without harmful intent.
Disinformation
The deliberate creation and sharing of false information with the intent to deceive or mislead.
Diversion Theft
Involves manipulating a situation or creating a distraction to steal valuable items or information.
Hoaxes
Malicious deceptions often spread through social media, email, or other communication channels, often paired with phishing and impersonation. Prevention requires fact-checking and critical thinking.
Shoulder Surfing
Involves looking over someone’s shoulder to gather personal information, sometimes using cameras. Prevention requires awareness of surroundings.
Dumpster Diving
Searching through trash to find valuable information, often discarded documents. Prevention involves clean desk and clean desktop policies.
Eavesdropping
Secretly listening to private conversations, intercepting communications without knowledge. Prevention involves data encryption in transit.
Baiting
Leaving a malware-infected physical device (e.g., USB drive) in a place where it will be found by a victim. Prevention requires user training not to use found devices.
Tailgating
An attacker follows an employee through an access control point without their knowledge.
Piggybacking
An attacker convinces an authorized employee to let them into a facility by having them swipe their access badge.
Malware
Malicious software designed to infiltrate and potentially damage computer systems without user consent. Categories include viruses, worms, Trojans, ransomware, spyware, rootkits, and spam.
Threat Vector
The method used to infiltrate a victim’s machine (e.g., unpatched software, USB drives, phishing).
Attack Vector
The means by which the attacker gains access and infects the system, combining infiltration method and infection process.
Viruses
Attach to clean files, spread, and corrupt host files.
Worms
Standalone programs replicating and spreading to other computers without user interaction.
Trojans
Disguise as legitimate software, granting unauthorized access.
Ransomware
Encrypts user data and demands ransom for decryption.
Zombies/Botnets
Compromised computers (zombies) remotely controlled in a network (botnet) for malicious purposes.
Rootkits
Hide presence and activities on a computer, operating at the OS level.
Backdoors
Bypass normal security and authentication functions, often placed by designers/programmers or threat actors.
Logic Bombs
Malicious code that executes only when specific conditions are met.
Keyloggers
Record every keystroke made on a computer or mobile device.
Spyware
Monitors and gathers user/system information without knowledge.
Bloatware
Unnecessary software pre-installed on devices, consuming resources and potentially introducing vulnerabilities.
Computer Virus
Malicious code that runs on a machine without the user’s knowledge, infecting the computer when executed.
Boot Sector Virus
Stored in the first sector of a hard drive, loaded into memory upon boot-up.
Macro Virus
Code embedded inside a document, executing when the document is opened.
Program Virus
Infects executable or application files.
Multipartite Virus
Combines boot sector and program virus characteristics.
Encrypted Virus
Hides from detection by encrypting its code/payloads.
Polymorphic Virus
Changes its code each time it executes to evade detection.
Metamorphic Virus
Rewrites itself entirely before infecting a file.
Stealth Virus
Uses techniques to prevent detection by antivirus software.
Armored Virus
Has a layer of protection to confuse analysis.
Hoax Virus
A form of technical social engineering that scares users into undesirable actions.
Worm
Self-replicating malicious software that spreads without user interaction, disrupting network traffic.
Trojan
Malicious software disguised as harmless or desirable software.
Remote Access Trojan (RAT)
Provides an attacker with remote control of a victim’s machine.
Ransomware
Malware that blocks access to a system or data by encrypting it until a ransom is paid.
Botnet
A network of compromised computers or devices controlled remotely.
Zombie
A compromised computer or device within a botnet.
Command and Control Node
The computer managing and coordinating botnet activities.
Distributed Denial-of-Service (DDoS) Attack
Many machines target a single victim simultaneously.
Rootkit
Designed to gain administrative-level control over a system without detection.
Administrator/Root Account
Account with the highest level of permissions.
Kernel Mode
Operating at Ring 0, controlling access to device drivers and other core system functions.
DLL Injection
Technique to run arbitrary code within another process by forcing it to load a dynamic-link library.
Dynamic Link Library (DLL)
A collection of code and data used by multiple programs.
Shim
Software code placed between two components to intercept and redirect calls.
Backdoor
Bypasses normal security and authentication functions.
Easter Egg
A hidden feature or novelty within a program.
Logic Bomb
Malicious code that executes when specific conditions are met.
Keylogger
Software or hardware that records every keystroke.
Spyware
Malicious software designed to gather and send user/organization information without knowledge.
Bloatware
Unnecessary software pre-installed on devices.
Stage 1 Dropper/Downloader
Malware that retrieves additional malware code and tricks the user into activating it.
Dropper
Malware designed to initiate or run other malware forms within a payload.
Downloader
Retrieves additional tools post-initial infection.
Shellcode
Lightweight code meant to execute an exploit.
Stage 2 Downloader
Downloads and installs a remote access Trojan.
“Actions on Objectives” Phase
Threat actors execute primary objectives (e.g., data exfiltration, file encryption).
Concealment
Hiding tracks and erasing logs to prolong unauthorized access.
“Living off the Land”
Exploiting standard system tools for intrusions.
Account Lockouts
Multiple failed login attempts.
Concurrent Session Utilization
Multiple simultaneous sessions from a single account.
Blocked Content
Increased alerts from security tools.
Impossible Travel
Account access from geographically separated locations in an impossibly short time.
Resource Consumption
Unusual spikes in CPU, memory, or network bandwidth.
Resource Inaccessibility
Files or systems suddenly become inaccessible.
Out-of-Cycle Logging
Logs generated at odd hours.
Missing Logs
Gaps in logs or cleared logs without authorization.
Published/Documented Attacks
Reports of network infection.
Data Protection
Safeguarding information from corruption, compromise, or loss.
Data Classifications
Categorizing data based on value and sensitivity (e.g., Sensitive, Confidential, Public).
Data Owners
Senior executives responsible for labeling and protecting information assets.
Data Controllers
Entities responsible for determining data storage, collection, and usage purposes.
Data Processors
Entities hired by data controllers to assist with data tasks.
Data Stewards
Focus on data quality and metadata, ensuring proper labeling and classification.
Data Custodians
Responsible for managing data storage systems and enforcing access controls.
Data States
Data at rest, data in transit, and data in use.
Data at Rest
Inactive data on storage devices.
Data in Transit/Data in Motion
Data actively moving from one location to another.
Data in Use
Data actively being created, retrieved, updated, or deleted.
Full Disk Encryption (FDE)
Encrypts the entire hard drive.
Partition Encryption
Encrypts specific partitions.
File Encryption
Encrypts individual files.
Volume Encryption
Encrypts selected files or directories.
Database Encryption
Encrypts data within a database.
Record Encryption
Encrypts specific fields within a database record.
SSL (Secure Sockets Layer)/TLS (Transport Layer Security)
Secure communication over networks.
VPN (Virtual Private Network)
Creates secure connections over less secure networks.
IPSec (Internet Protocol Security)
Secures IP communications by authenticating and encrypting IP packets.
Encryption at the Application Level
Encrypts data during processing.
Access Controls
Restricts access to data during processing.
Secure Enclaves
Isolated environments for processing sensitive data.
Regulated Data
Controlled by laws, regulations, or industry standards.
PII (Personal Identification Information)
Information used to identify an individual.
PHI (Protected Health Information)
Information about health status, healthcare provision, or payment.
Trade Secrets
Confidential business information giving a competitive edge.
Intellectual Property (IP)
Creations of the mind (e.g., inventions, literary works).
Legal Information
Data related to legal proceedings, contracts, or regulatory compliance.
Financial Information
Data related to financial transactions.
Human-Readable Data
Understandable directly by humans.
Non-Human-Readable Data
Requires a machine or software to interpret.
Data Sovereignty
Digital information is subject to the laws of the country where it is located.
GDPR (General Data Protection Regulation)
Protects EU citizens’ data.
Geographic Restrictions/Geofencing
Virtual boundaries to restrict data access based on location.
Encryption
Transforms plaintext into ciphertext.
Hashing
Converts data into fixed-size hash values.
Masking
Replaces data with placeholders.
Tokenization
Replaces sensitive data with non-sensitive tokens.
Obfuscation
Makes data unclear or unintelligible.
Segmentation
Divides a network into separate segments.
Permission Restrictions
Defining data access and actions through ACLs or RBAC.
Data Loss Prevention (DLP)
A strategy to prevent sensitive information from leaving an organization.
Endpoint DLP System
Installed on workstations/laptops, monitors data in use.
Network DLP System
Monitors data in transit across the network.
