Fundamentals Of Security Flashcards
Information Security
Protecting data and information from unauthorized access, modification, disruption, disclosure, and destruction
Information Systems Security
Protecting the systems (e.g., computers, servers, network devices) that hold and
process critical data
CIA Triad
- Confidentiality (authorized personnel only)
- Integrity - accurate and unaltered
- Availability - info and resources available as needed
CIANA Pentagon
Extension of CIA triad with addition of non-repudiation and authentication
Triple A’s of Security
- Authentication - verifying ID of a user or system
- Authorization- determine actions/ resources a user has access to
- Accounting - track user activities and resource usage for audit/billing
6 Security Control Types
- preventative - proactive measures
- deterrent - discourage attackers by making effort seem less appealing/more challenging
- detective - monitor and alert organizations to malicious activity as they occur or shortly after
- corrective - mitigate any potential damage and restore systems to their normal state
- compensating - alternative measures that are implemented when primary security controls, not feasible or effective
- directive - guide, inform, or mandate actions; often routed in policy or documentation; set the standards for behavior within an organization
Zero Trust Model
Principle that no one should be trusted by default; to achieve we use the control plane and the data plane
Control plane
The overarching framework and set of components, responsible for defining, managing and reinforcing the policies related to user and system access within an organization
Adaptive identity - relies on real time validation that takes into account the user behavior, device location and more
Threat scope reduction - limits the users access to only what they need for their work task, because this reduces network potential attack surface
- focused on minimizing the “blast radius” that could occur in the event of a breach
Policy-driven access control - developing managing and enforcing user access policies based on their roles and responsibilities
Secured zones - isolated environments within a network that are designed to house sensitive data
Data plane
Ensures the policies are properly executed
Subject/system - the individual entity attempting to gain access
Policy engine - cross references the access request with its predefined policies
Policy administrator - used to establish and manage the access policies
Policy enforcement points - where the decision to grant or deny access is actually executed
Threat
Anything that could cause harm, loss, damage, or compromise to our information technology systems
Examples:
- Natural disasters
-Cyber attacks
- Data integrity breaches
- Disclosure of confidential information
Vulnerability
Any weakness in the system design or implementation
Examples:
- software bugs
- misconfigured software
- improperly protected network devices
- missing security patches
-lack of physical security
Risk management
Finding different ways to minimize the likelihood of an outcome and achieve the desireed outcome
Confidentiality - Encryption
Refers to the protection of information from unauthorized access and disclosure
Important for three reasons:
1. Protect personal privacy
2. Maintain a business advantage
3. Achieve regulatory compliance
Five methods to ensure confidentiality
- Encryption - convert data to code
- Access controls - strong user permissions
- Data masking - obscuring data within a database
- Physical security
- Training and awareness - conduct training on security awareness/best practices to protect an organization’s sensitive data
Integrity - hashing
Helps ensure that information and data remain accurate and unchanged from its original state unless intentionally modified by an authorized individual
Important for 3 reasons:
1. Ensure data accuracy
2. Maintain trust
3. Ensure system operability
Five methods to maintain integrity
- Hashing - converting data into a fixed-size value
- Digital signatures - ensure both integrity and authenticity
- Checksums - Method to verify the integrity of data during transmission
- Access codes - ensure only authorized individuals can modify data, reduces risk of unintended or malicious alterations
- Regular audits - systematically review logs and operations to ensure that only authorized changes have been made/ discrepancies addressed
Availability - redundancy
Ensure that information, systems, and resources are accessible and operational when needed by authorized users
Importance:
1. Ensuring business continuity
2. Maintaining customer trust
3. Upholding an organization’s reputation
Redundancy (spare tire)
Duplication of critical components or functions of a system with the intention of enhancing its reliability
Types of redundancy
- Sever - involves using multiple servers in a load balanced or fall-over configuration so that if one is overloaded or fails, the others will take over
- Data - store data in multiple places (RAIDs or cloud storage)
- Network - ensures that if one network path fails, the data can travel through another route (cable, network, cellular)
- Power - involves using backup power sources like generators and UPS systems
Non-repudiation - Digital signatures
- Focused on providing undeniable proof in the world of digital transactions
- security measure that ensures individuals or entities involved in a communication or transaction cannot deny their participation or the authenticity
Importance:
1. To confirm the authenticity of digital transactions
2. To ensure the integrity of critical communications
3. To provide accountability in digital processes
Digital signatures
- unique to each user who is operating within the digital domain
- created by first hashing a particular message or communication that you want to digitally sign , then encrypts that hash digest with the users private key using asymmetric encryption
Authentication
Security measure that ensures individuals or entities are who they claim to be during a communication or transaction
Importance:
- to prevent unauthorized access
- to protect user data and privacy
- to ensure that resources are accessed by valid users only
5 common authentication methods
- Knowledge factor - info a user can recall
- Possession factor - user presents a physical item
- Inheritance factor - user provides a unique physical or behavioral characteristic of the person to validate that they are who they claim to be
- Action factor - Relies on the user conducting a unique action to prove who they are
- Location factor - relies on the user being in a certain geographic location before access is granted
Authorization
The permissions and privileges granted to users or entities after they have been authenticated
Importance:
- to protect sensitive data
- to maintain the system integrity in our organization
- to create a more streamlined user experience
