Section 2: Fundamentals of Security

information security

act of protecting data and information from unauthorized access, unlawful modification, disruption, disclosure, corruption, and destruction

information systems security

act of protecting the systems that hold and process the critical data

information security vs information systems security

protecting the data vs devices that hold the data

CIA triad

confidentiality

integrity

availability

confidentiality

ensures information is only accessible to those with the appropriate authorization

integrity

ensures data remains accurate and unaltered unless modification is required

availability

ensures information and resources are accessible and functional when needed by authorized users

CIANA pentagon

extension of CIA triad with the inclusion of:

• non-repudiation

• authentication

non-repudiation

guaranteeing a specific action/event has taken place and cannot be denied by the parties involved

AAA of security

authenticaiton

authorization

accounting

authentication

process of verifying the indentity of a user or system

authorization

defines what actions/resources a user can access

accounting

act of tracking user activities and resource usage, typically for audit or billing purposes

security controls

measures/mechanisms put in place to mitigate risks and protect the CIA of IS and data

categories of security controls

• technical

• managerial

• operational

• physical

types of security controls

• preventative

• deterrent

• detective

• corrective

• compensating

• directive

zero trust

security model that operates on the principle that no one, whether inside or outside the organizations, should be trusted by default

how to acheive zero trust

• control plane

• data plane

what does the control plane consist of

• adaptive identity

• threat scope reduction

• policy-driven access control

• secured zones

what does the data plane focus on

• subject/system

• policy engine

• policy admin

• establishing policy enforcement points

threat vs vulnerability

external sources vs internal factors

where does the risk to enterprise systems and networks lie

the intersection of threats and vulnerabilities