Network Security Models and Cryptography Flashcards
(96 cards)
a cybersecurity approach built on “never trust, always verify”
Zero trust
The Zero trust approach:
- Challenges traditional security perimeters, recognizing both external and internal threats
- Prioritizes continuous user, device, and behavior verification, regardless of location
- Incorporates new tools and practices for robust access control and ongoing monitoring
Zero Trust Key Principles:
- Verification
- Least Privilege
- Micro-Segmentation
- Continuous Monitoring
- Identity and Access Management (IAM)
- Data Encryption
Is the process of confirming the identity and legitimacy of users and devices
Verification
Emphasizes granting users and devices only the minimum level of access necessary to fulfill their tasks
Least Privilege:
Is the practice of dividing the network into segments to limit lateral movement by attackers
Micro-Segmentation:
Is the practice of dividing the network into segments to limit lateral movement by attackers
Continuous Monitoring:
Is the practice of implementing strong authentication and centralized identity management
Identity and Access Management (IAM):
Encryption is utilized to secure data
Data Encryption:
a cybersecurity approach that involves layering security measures for maximum protection
Define in depth (DiD)
Define in depth (DiD) Approach:
- Improves resilience by bolstering the system’s ability to withstand threats
- Prevents attacks proactively by anticipating and thwarting breaches
- Enhances the ability to promptly identify security incidents and respond effectively
DiD involves:
- Layered Security
- Redundancy
- Isolation
- Monitoring and Response
- Testing and Evaluation
Use multiple security layers to cover various protection aspects
Layered Security
Duplicate critical security measures for backup in case of failure
Redundancy
Segregate sensitive systems to limit breach impact
Isolation
Continuously watch for suspicious activity and respond rapidly
Monitoring and Response
Regularly assess security through penetration tests and evaluations
Testing and Evaluation
is the science of securing information, allowing only authorized users to access and comprehend it
Cryptography
Cryptography Types
- Encryption
- Decryption
- Data Security Assurance
Transforms readable data into unreadable ciphertext
Encryption
Reverts encrypted data to its original form, called plaintext
Decryption
Protects information during transmission or storage, ensuring secure transformation and restoration for interpretation
Data Security Assurance
Cryptographic Methods:
- Hiding
- Obfuscation
- Transformation
- Switching
- Symmetric
- Asymmetric
Concealing data using unconventional methods, such as steganography
Hiding