Module 4 Vocabulary Terms & Objectives

Module 4 “Cybersecurity” Objectives

Lesson 4.1 Basic Security Concepts

• 6.1 Explain fundamental security concepts and frameworks.

• 6.2 Explain methods to secure devices and security best practices.

-------------------------------------------

Lesson 4.2 Identify Common Security Threats

• 6.2 Explain methods to secure devices and security best practices.

-------------------------------------------

Lesson 4.3 Security Tools and Software

• 6.2 Explain methods to secure devices and security best practices.

Confidentiality

The fundamental security goal of keeping information and communications private and protecting them from unauthorized access.

The information can only be read by people who have been explicitly authorized to access it.

Integrity

The fundamental security goal of keeping organizational information accurate, free of errors, and without unauthorized modifications.

The information is stored and transferred as intended and that any modification is authorized.

Availability

The fundamental security goal of ensuring that computer systems operate continuously and that authorized persons can access data that they need.

The information is readily available and accessible to those authorized to view or modify it.

Non-Repudiation

The security goal of ensuring that the party that sent a transmission or created data remains associated with that data and cannot deny sending or creating that data.

Cybersecurity

Protection of computer systems and digital information resources from unauthorized access, attack, theft, or data damage.

National Institute of Standards and Technology (NIST)

A nonregulatory government agency that develops computer security standards used by US federal agencies and publishes cybersecurity best practice guides and research.

1. Identify: Develop security policies and capabilities. Evaluate risks, threats, and weak spots in the system and recommend security controls to reduce the risks.

2. Protect: Develop, install, operate, and retire IT hardware and software assets. Focus on security as a requirement of every stage of this operation's lifecycle.

3. Detect: Perform ongoing, proactive monitoring to be sure that controls are effective and capable of protecting against new types of threats.

4. Respond: Identify, analyze, contain, and eliminate threats to systems and data security.

5. Recover: Restore systems and data if other controls are unable to prevent attacks.

Threat Actor

Threat Actor

A person or entity responsible for an event that has been identified as a security incident or as a risk.

Authentication

A method of validating a particular entity's or individual's unique credentials.

Factors

In authentication design, different technologies for implementing authentication, such as knowledge, ownership/token, and biometric/inherence. These are characterized as something you know/have/are.

Personal Identification Number (PIN)

A number used in conjunction with authentication devices such as smart cards; as the PIN should be known only to the user, loss of the smart card should not represent a security risk.

Personally Identifiable Information (PII)

Data that can be used to identify or contact an individual (or, in the case of identity theft, to impersonate them).

Token

A physical or virtual item that contains authentication and/or authorization data, commonly used in multifactor authentication.

Biometric Authentication

An authentication mechanism that allows a user to perform a biometric scan to operate an entry or access system. Physical characteristics stored as a digital data template can be used to authenticate a user. Typical features used include facial pattern, iris, retina, fingerprint pattern, and signature recognition.

Two-Factor Authentication (2FA)

Strong authentication mechanism that requires a user to submit two different types of credential, such as a fingerprint scan plus PIN. Often, the second credential is transmitted via a second trusted device or account.

Multi-factor Authentication (MFA)

An authentication scheme that requires the user to present at least two different factors as credentials; for example, something you know, something you have, something you are, something you do, and somewhere you are. Specifying two factors is known as "2FA."

Single Sign-On (SSO)

Authentication technology that enables a user to authenticate once and receive authorizations for multiple services.

Authroization

The process of determining what rights and privileges a particular entity has.

Least Privilege

A basic principle of security stating that something should be allocated the minimum necessary rights, privileges, or information to perform its role. Also referred to as the principle of least privilege.

Accounting

Tracking authorized usage of a resource or use of rights by a subject and alerting when unauthorized use is detected or attempted.

Global Positioning System (GPS)

A means of determining a receiver's position on Earth based on information received from orbital satellites.

Geofencing

Security control that can enforce a virtual boundary based on real-world geography.

Social Engineering

Using persuasion, manipulation, or intimidation to make the victim violate a security policy. The goal of ________ might be to gain access to an account, gain access to physical premises, or gather information.

Lunchtime Attacks

A malicious action that takes place when a threat actor exploits an unlocked and unattended desktop or mobile device to gain unauthorized access.

Shoulder Surfing

Social engineering tactic to obtain someone's password or PIN by observing him or her as he or she types it in.

Tailgating

Social engineering technique in which a person gains access to a building by following someone who is unaware of his or her presence.

Spear Phishing

Email-based or web-based form of phishing that targets specific individuals.

Malware

Software that serves a malicious purpose, typically installed without the user's consent (or knowledge).

Virus

Malicious code inserted into an executable file image. The malicious code is executed when the file is run and can deliver a payload, such as attempting to infect other files.

Ransomware

Malware that tries to extort money from the victim by blocking normal operation of a computer and/or encrypting the victim's files and demanding payment.

Air-Gapped

A type of network isolation that physically separates a host from other hosts or a network from all other networks.

Worms

A type of malware that replicates between processes in system memory and can spread over client/server network connections.

Backdoors

A mechanism for gaining access to a computer that bypasses or subverts the normal method of authentication.

Spyware

Software that records information about a PC and its users, often installed without the user's consent.

Keylogger

Malicious software or hardware that can record user keystrokes.

Defense In Depth

Security strategy that positions the layers of diverse security control categories and functions as opposed to relying on perimeter controls.

Security Controls

A technology or procedure put in place to mitigate vulnerabilities and risk and to ensure the confidentiality, integrity, and availability (CIA) of information.

Seperation Of Duties

Security policy concept that states that duties and responsibilities should be divided among individuals to prevent ethical conflicts or abuse of powers.

Network Segmentation

Enforcing a security zone by separating a segment of the network from access by the rest of the network. This could be accomplished using firewalls or VPNs or VLANs. A physically separate network or host (with no cabling or wireless links to other networks) is referred to as air-gapped.

Firewall

Software or hardware device that protects a network segment or individual host by filtering packets to an access control list.

Antivirus Software

Inspecting traffic to locate and block viruses.

Server

A _______ provides shared resources on the network and allows clients to access this information. The advantage of a ________-based system is that resources can be administered and secured centrally. _____ must be kept secure by careful configuration (running only necessary services) and maintenance (OS and application updates, malware/intrusion detection, and so on). Where a network is connected to the Internet, _____ storing private information or running local network services should be protected by firewalls so as not to be accessible from the Internet.

Operating Systems (OS)

Software that facilitates the control and configuration of the computer device via device drivers, services, and one or more user interfaces.

Patches

A small unit of supplemental code meant to address either a security problem or a functionality flaw in a software package or operating system.

Patch Management

Identifying, testing, and deploying OS and application updates. Often classified as critical, security-critical, recommended, and optional.