Network Security

CIA Triad | Confidentiality, Integrity, Availability Confidentiality | Protecting data from unauthorized access Integrity | Ensuring data is accurate and not altered Availability | Ensuring systems/data are accessible when needed Encryption | Method to protect data by converting it into secure format Authentication | Verifying user identity Access Control | Restricting access to authorized users only Data Classification | Categorizing data based on sensitivity Integrity Protection | Using hashing, permissions, and audits to protect data Availability Threats | Natural disasters, hardware failure, cyber attacks Threat | Potential cause of harm to a system Risk | Likelihood and impact of a threat Risk Assessment | Identifying and evaluating risks Risk Register | Document that records risks and details Risk Score | Likelihood × Impact Risk Avoidance | Eliminating the risk completely Risk Acceptance | Accepting the risk knowingly Risk Mitigation | Reducing risk impact or likelihood Risk Transfer | Shifting risk to third party (insurance) Residual Risk | Remaining risk after controls applied Least Privilege | Giving minimum access required Admin Account Separation | Using separate admin and user accounts Separation of Duties | Dividing tasks to prevent fraud/errors Attack Surface | All possible entry points for attackers Application Attack Surface | Code, ports, inputs Network Attack Surface | Firewalls, network design Human Attack Surface | Social engineering, user mistakes Attack Surface Analysis | Identifying and reducing vulnerabilities Ingress Traffic | Incoming network traffic Egress Traffic | Outgoing network traffic Social Engineering | Manipulating people to gain access Phishing | Fake emails to steal information Identity Verification | Confirming legitimacy of request Security Awareness | Training users to prevent attacks Cost vs Security | Balance between cost and protection

CIA Triad

The CIA Triad is a fundamental concept in information security, encapsulating three core principles: Confidentiality, Integrity, and Availability. These principles serve as a framework for developing security policies and practices in order to protect sensitive data and ensure reliable systems.

Confidentiality

Confidentiality ensures that sensitive information is accessible only to authorised users, employing methods like encryption and secure access controls.

Integrity | Ensuring data is accurate and not altered

Integrity means maintaining the accuracy and consistency of data, ensuring it is not improperly modified.

Availability | Ensuring systems/data are accessible when needed

Integrity means maintaining the accuracy and consistency of data, ensuring it is not improperly modified.

Encryption | Method to protect data by converting it into secure format

Authentication | Verifying user identity

Access Control | Restricting access to authorized users only

Data Classification | Categorizing data based on sensitivity

Integrity Protection | Using hashing, permissions, and audits to protect data

Availability Threats | Natural disasters, hardware failure, cyber attacks

Threat | Potential cause of harm to a system

Risk | Likelihood and impact of a threat

Risk Assessment | Identifying and evaluating risks

Risk Register | Document that records risks and details

Risk Score | Likelihood × Impact

Risk Avoidance | Eliminating the risk completely

Risk Acceptance | Accepting the risk knowingly

Risk Mitigation | Reducing risk impact or likelihood

Risk Transfer | Shifting risk to third party (insurance)

Residual Risk | Remaining risk after controls applied

Least Privilege | Giving minimum access required

Admin Account Separation | Using separate admin and user accounts

Separation of Duties | Dividing tasks to prevent fraud/errors

Attack Surface | All possible entry points for attackers

Application Attack Surface | Code, ports, inputs

Network Attack Surface | Firewalls, network design

Human Attack Surface | Social engineering, user mistakes

Attack Surface Analysis | Identifying and reducing vulnerabilities

Ingress Traffic | Incoming network traffic

Egress Traffic | Outgoing network traffic

Social Engineering | Manipulating people to gain access

Phishing | Fake emails to steal information

Identity Verification | Confirming legitimacy of request

Security Awareness | Training users to prevent attacks

Cost vs Security | Balance between cost and protection