General Security Concept Acronym

The First Domain Acronmy, I got this.

Security Control

Prevent Security Event, Reduce the impact and limit damageby implementing measures to detect, respond to, and recover from security incidents.

Technical Control

Are Controls that are implemented using Technology, like NGFW, IDS, IPS

Managerial Control

Are Administrative Control, that focus on policies, procedures, and governance to manage security risks and ensure compliance.

Operation Control

Controls that are implemented by People and awareness program

Physical Control

Limit physical access, Like Security Fences, CCTV, Control Vestibles, etc.

Preventive Control

Block access to a resources

Deterrent Control

Discourage an intrusion attempt

Detective Control

Identified and log an Intrusion attempt

Corrective Control

Apply a control type, after an event, Reverse the impact of an event

Compensating Control

Are control using other means, when the primary control is not enough

Dirrective Control

Guide subject towards Security Compliance

CIA Triad

The fundamental of Security (Confidentiality, Integrity, and Availability)

C

Confidentiality, Prevent disclosure of information to unauthorized individuals or systems

I

Integrity, Message can’t be modified without detection

A

Availability, System and networks must be up and running

Confidentiality

Certain Information should only be known to certain people

Encryption

Encode message so only certain people can read it

Access Controls

Selectively Restrict access to a resource

Two-Factor Authentication

Additional confirmation before information is disclosed

Integrity

Any modification to the data would be identified

Hashing

It turns data (like a password) into a fixed-length scrambled value.

Digital Signature

It’s a way to prove who sent a message and that it wasn’t changed, using cryptography.

Digital Certificates

It’s a digital ID that proves a person or website is real and trusted, issued by a trusted authority.

Non-repudiation

It means someone cannot deny that they sent a message or performed an action.

Redundancy

Build services that will always be available

Fault tolerance

System will continue to run, even when a failure occurs

Patching

It means updating software to fix security flaws and bugs. Closed security hole

Non-Repudiation Systems

Proof of Origin, Proof of Integrity, Proof of Origin

PKI

Public Key Infrastructure

Cryptohgraphy

In Cryptography, we used hash

AAA Framework

Used to control and monitor access to systems.

Authentication

Based on your ID, prove you are who you say you are

Authorization

Based on your Authentication, what access do you have?

Accounting

Recorded Resources, like login time, data sente and received, and logout time

Digital Certificate

An authentication factor for Systems and people

CA

Certificate Authority, is the organization that issued the System a Digitally Signed Certificate

Authorization Models

Users and Services → Data and Applications

Put Authorization model In the middle, Define by roles, organizations and Attributes, etc.

No Authorization model → A simple relationship to user → Resource

Gap Analysis

Where you are compared with where you want to be

“The gap between the two”

NIST Special Publication 800-171 Revision 2

Tells non-government companies how to protect sensitive government information called CUI- Controlled Unclassified Information

ISO/IEC 27001

International Standards on how to manage and protect Information Securely

Zero Trust

A holistic approach to network security, Every time you have to proved you are who you say you are, every time time

Plane of Operation

Split Network into functional planes

Data Plane

Process the frame, Packets and network data

Control Plane

Manage the action of the data Plane

Adaptive Identity

Consider the source and the requested resources

Threat Scope Deduction

Decrease the number of possible entry points.

Policy Driven Access Control

Combine the adaptive identity what a predefined set of rules

Security Zones

Where are you coming from and where are you going

PEP

Policy Enforcement Point, Follow the rule, the gatekeeper

PDP

Policy Decision Point, Evaluates each access decision based on policy and other information

PE

Policy Engine, Evaluates each access decision based on Policy and other information

PA

Policy Administrator, Manage the Policy and process

Physical Security

Prevent Access, limit physical access

Access Control Vestibules

Opening one door causes others to lock

Fencing

Build a perimeter

CCTV

Closed Circuit Television, that monitored and recognized security event

Guards and access badges

Guards provide physical security, Access badges provide authentication factors

Two-Person Integrity/Control

Minimized exposure to an attack, No single person has access to a physical asset

Lighting

More light means more security

Sensors

Detects, Like Infrared, Pressure, Microwave, Ultrasonic

Deception and Disruption

Attract and traps attackers, by using Honeypots, honeynets, Honey file, Honeytoken

Honey pot

Created a virtual world, attack and trap tracker

Honey nets

Created a large network with multiple devices like computer, workstation etc, and attract and trap attacker

Hone File

Created fake information in file, to attract and trap attackers

Honey token

Add traceable data to the honeynet, if data is stolen, you’ll know where it came from