midterm exam ni Rennnnnnnaty

Comprehensive

should address all aspects of information security

Independent

strategy should function independently of specific technologies

Living Document

strategies should evolve over time to address emerging threats and adapt

Long Life Span

should be designed for sustainability, with principles that remain applicable

Risk-Based Approach

The strategy focuses on identifying and mitigating risks based

Organizationally Significant

The strategy must align with the organization's goals, priorities, and business processes

Strategic

Tactical

Operational

The strategy operates on three levels

Strategic

Long-term vision

Tactical

Mid-term planning and resource allocation

Operational

Day-to-day implementation and monitoring

storage

transmission

processing

three states of information

Storage

Information at rest, such as data stored in databases

Transmission

Information in motion, such as data traveling over networks or between devices.

Processing

•as data being manipulated or accessed by applications or users.

Technology

Tools and systems used to protect information

Policy

Formal rules and procedures established by an organization

People

The human element, which involves educating and training users, enforcing security awareness

Confidentiality

refers to protecting information from unauthorized access. Ensuring only authorized individuals access information.

Symmetric Encryption

encryption method that uses a single key to encrypt and decrypt data

Asymmetric Encryption

encryption method that uses two different keys—a public key and a private key

Integrity

data are trustworthy, complete, and have not been accidentally altered or modified by an unauthorized user.

Hashing

transforming a given key or string of characters into another value for the purpose of security

Digital Signature

used to verify the authenticity and integrity of a digital document, essentially acting like a virtual fingerprint that confirms the origin of the data and ensures it hasn't been tampered with.

Availability

data are accessible when you need them.

Redundancy

creating duplicate copies of the same data.

Identification

•Establishing a user's identity.

claiming an identity, typically through usernames or IDs.

Authentication

: Verifying the identity of the user.

confirms the user's claimed identity

Authorization

Granting access based on identity.

user is allowed to do (permissions and access levels

Accountability

•Ensuring that the actions of the user are traceable.

that all actions performed by a user are logged and can be traced back to them.

Remote Authentication Dial-In User Service

RADIUS

to manage network access.

for example •A user connects to a network and is authenticated via RADIUS. Once authenticated, the user is authorized based on their role, and all network activities are logged for accountability.

Assets

Valuable items or resources that need protection.

Threats

•Potential causes of harm to assets.

Vulnerabilities

•Weaknesses in a system that can be exploited by threats.

Risks

•The potential impact of a threat exploiting a vulnerability.

Controls

: Measures put in place to mitigate risks

Physical Assets

These are tangible because they have a physical form (e.g., hardware, buildings, infrastructure).

Digital Assets

2.Intangible, as they include data, software, and intellectual property, which do not have a physical presence but hold value.

Human Assets

2.Intangible, as employees' knowledge and expertise contribute to the organization's value but are not physical assets.

Reputation

- Intangible, since trust and credibility affect an organization's success but cannot be physically measured

1.Natural Threats: Earthquakes, floods, fires.

2.Human-made Threats: Cyberattacks, sabotage, theft.

3.Technological Threats: System failures, malware.

Operational Threats: Employee errors, internal fraud

Types of Threats

1.Technical Vulnerabilities: Software bugs, unpatched systems, weak encryption.

2.Physical Vulnerabilities: Unsecured facilities, lack of surveillance.

3.Human Vulnerabilities: Lack of training, social engineering susceptibility.

Types of Vulnerabilities

Risk = Likelihood x Impact

Risk Calculation

cybersecurity

is a subcategory of information security

Information security

is a broad field that covers many areas such as physical security, endpoint security, data encryption, and network security

Identification

•Recognizing vulnerabilities in software, networks, or human behavior.

Risk Analysis

•Determining the potential impact of each risk.

Mitigation

: Implementing security controls to reduce risk

Role-Based Access Control

assigns permissions based on roles

Attribute-Based Access Control

considers attributes like location and device type.

Firewalls

Hardware or software solutions that monitor and control network traffic.

IDPS

Detecting and blocking malicious activities.

VPNs

Encrypting data transmission over the internet to secure remote access.

Network Segmentation

Isolating critical network components to minimize security risks.

Information Security Policies

A formalized statement outlining how an organization manages and protects its information assets.

ISO 27001

An international standard for establishing, implementing, maintaining, and continually improving an Information Security Management System

NIST Cybersecurity Framework

A set of voluntary guidelines, best practices, and standards for improving cybersecurity risk management

COBIT

: A framework for IT governance and management, ensuring IT aligns with business objectives.

Gap Analysis

•Identifies deviations from security best practices.

Certification Process

Ensures compliance with industry standards

Information Security Blueprint

is a strategic plan that outlines an organization's approach to safeguarding its information assets against cyber threats

Role-Based Access Control

Assigns permissions based on user roles within the organization

Zero-Trust Security Models

Operate on the principle of "never trust, always verify

AI & Machine Learning

Automates threat detection and response, enabling rapid identification

Blockchain

Enhances data integrity and secures transactions through decentralized and tamper-proof ledgers.

Zero Trust Architectures

: Adopt models that require continuous verification of access requests

Quantum Cryptography

Develop advanced encryption methods to prepare for the security challenges posed by quantum computing capabilities.