CompTIA Security+

Confidentiality

ensure that unauthorized individuals are not able to gain access to sensitive information

Integrity

ensures that there are no unauthorized modifications to information or systems, either intentionally or unintentionally

Availability

ensures that information and systems are ready to mee the needs of legitimate users at the time those users request them

Nonrepudiation

Someone who performed some action, cannot later deny having taken that action. Digital signatures are an example

Security Incidents

A breach of the confidentiality, integrity or availability of information or systems

Disclosure

The exposure of sensitive information to unauthorized individuals, data loss. When attackers purposefully remove it, they are performing data exfiltration

Alteration

Unauthorized modification of information, intentionally or unintentionally (power surge)

Denial

Disruption of an authorized user’s legitimate access to information.

Financial Risk

Risk of monetary damage to the organization as result of data breach

Reputational Risk

Negative publicity surrounding a security breach causes loss of goodwill among customers

Strategic Risk

Risk the organization will become less effective in meeting its major goals and objectives as a result of the breach

Operational Risk

Risk to the organization’s ability to carry out its day-to-day functions

Compliance Risk

Occurs when a security breach causes an organization to run afoul of legal or regulatory requirements

Gap Analysis

Cybersecurity professionals review control objectives for a particular oganization, system or service and examines controls designed to achieve those objectives.Controls that do no meet the control objectives are denoted gaps

Technical Controls

Enforce confidentiality, integrity, and availability in the digital space

Operational Controls

Processes put in place to manage technology in a secure manner

Managerial Controls

Procedural mechanisms that focus on the mechanics of risk management process

Physical Controls

Security controls that impact the physical world.

Preventive Controls

intend to stop a security issue before it occurs

Deterrent Controls

seek to prevent an attacker from attempting to violate security policies

Detective Controls

identify security events that have already occurred

Corrective Controls

remediate security issues that have already occurred

Compensating Controls

Mitigate the risk associated with exceptions made to a security policy

Directive Controls

Inform employees and other what they should do to achieve security objectives

Data Protection Stages

Data at rest, data in transit, data in use

Data Loss Prevention

Data loss prevention (DLP) systems help organizations enforce information handling policies and procedures to prevent data loss and theft.

Agent-Based DLP

Software agents installed on a system that search those systems for the presence of sensitive information

Agnetless DLP

Dedicated devices that sit on the network and monitor outbound network traffic, watching for transmissions that contain unencrypted information. May block traffic in violation

DLP Pattern Matching

Telltale signs of sensitive information

DLP Watermarking

Administrators apply electronic tags to sensitive documents. DLP can monitor for unencrypted content containing those tags

Data Minimization

technique reducing risk by reducing the amount of sensitive information maintained on a regular basis

Deidentification

Removes the ability to link data back to an individual

Data Obfuscation

Transforming into a format where original information can’t be retrieved

Hashing

A hash function to transform values in a dataset to a corresponding hash value

Tokenization

Replaces sensitive values with a unique identifier using a lookup table

Masking

Partially redacts sensitive information by replacing some or all sensitive fields with blank characters

Rainbow Table Attack

The attacker computes all possible candidate values and matches them

Geographic Restrictions

Limit access to resources based on the physical location of the user or system

Permission Restrictions

Limit access to resources based on the user’s role or level of authorization

Segmentation

places sensitive systems on separate networks where they may communicate with each other but have strict restrictions.

Isolation

completely cuts a system from access to or from outside networks

Data Exfiltration

When attackers purposefully remove it, they are performing data exfiltration