Comp Tiach1

The document outlines key concepts in cybersecurity, including the CIA triad (Confidentiality, Integrity, Availability) and the DAD triad (Disclosure, Alteration, Denial) as they relate to cybersecurity threats and risks. It discusses various types of risks from breaches, gap analysis categories, and methods for data protection, including encryption and data loss prevention techniques. Additionally, it covers access control methods and the distinction between segmentation and isolation in network security.

Uploaded by

ansih12

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

3 views3 pages

Comp Tiach1

Uploaded by

ansih12

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 3

Ch1: Todays security professionals

Cybersecurity fundamentals (CIA triad )

1. Confidentiality: prevent unauthorized access to sensitive data( firewalls , encryption etc..)
2. Integrity: Ensure data is not altered by unauthorized parties ( Hashing etc..)
3. Availability : Ensure system and data are available when needed ( backups, fault tolerance)

Nonrepudiation
➢ Assurance that someone cant deny an action ( sending message)
➢ Implemented through digital signature

Cybersecurity threats(DAD triad)

➢ Disclosure : Unauthorized access( violates confidentiality )
➢ Alteration: Unauthorized modification (violate integrity )
➢ Denial: Disruption of access ( violate availability )

Types of risks from breaches:

1.finincal Risk: direct or indirect monetary losses.

2.Reputational Risk: loss of trust by customers and stakeholders .

3.Startigic Risks: Long term impact on achieving goals (leaked product plans)

4.Opreational Risks: Disruptes day-to-day functions.

5-Complince Risk: violating laws or regulations ( HIPAA, PCC SD)

**Risks can be in more than one category.

Gap Analysis
By category :
➢ Technical: Software/Hardware tools (firewall, encryption)
➢ Operational: Day-to-day practices (log reviews)
➢ Managerial: High-level planning and risk analysis
➢ Physical: locks, camera, fencing.

Information Classification: Public

By Type:
➢ Preventive: sops incident (access controls)
➢ Detective: identifies incident (IDS)
➢ Corrective: Fixes issue post-incidents (backups restore)
➢ Deterrent: discourages attacks (warning signs)
➢ Compensating: Alternatives when primary control isn’t feasible.
➢ Directive: guides behavior ( polices )

Data Protection:
Three data states:
1.Data in Rest: stored data , protect with encryption.

2.Data in transit: Network-transmitted ; protect with encryption.

3.Data in Use: Actively processed data, protect memory

Encryption:
Convert data into unreadable form unless decrypted.

Protect both stored and in transmitted data.

Data Loss prevention (DLP)

Prevent unauthorized sharing or leakage of sensitive data:

Types of DLP:
➢ Agent-Based: installed on devices.
➢ Network-Based: monitors traffic on network.

Methods of DLP:
➢ Pattern matching: Detects data formats like SSns.
➢ Watermarking: Track tagged documents.

Data Minimization and Obfuscation

Techniques:
➢ Hashing: one way transformation ( vulnerable to rainbow tables)
➢ Tokenization: Replaces data with a unique ID ( reversible with lookup)
➢ Masking: Partially hides data( credit card numbers)

Information Classification: Public

Access control
➢ Geographic: based on location.
➢ Permission-based: Based on user roles and authorization.

Segmentation Vs. Isolation

➢ Segmentation: Network separation with some communication allowed.
➢ Isolation: No external communication at all.

Information Classification: Public

Hotel Management System
78% (41)
Hotel Management System
84 pages
Security Assignment IT
No ratings yet
Security Assignment IT
37 pages
Fundamentals of Security
No ratings yet
Fundamentals of Security
47 pages
Information System Security
No ratings yet
Information System Security
19 pages
Basic Security Concepts
No ratings yet
Basic Security Concepts
4 pages
Cyber Essintionals 1
No ratings yet
Cyber Essintionals 1
5 pages
Navigation Menu: Skip To Content
No ratings yet
Navigation Menu: Skip To Content
61 pages
Computer Security Technology and Principles
No ratings yet
Computer Security Technology and Principles
19 pages
Ins Final QB
No ratings yet
Ins Final QB
66 pages
Module 1
No ratings yet
Module 1
8 pages
01-Introduction To Information Security
No ratings yet
01-Introduction To Information Security
14 pages
Resumécc 124022
No ratings yet
Resumécc 124022
46 pages
5-Privacy and Security
No ratings yet
5-Privacy and Security
12 pages
Cybersecurity Basics for Businesses
No ratings yet
Cybersecurity Basics for Businesses
39 pages
Computer Security Technology and Principles-1
No ratings yet
Computer Security Technology and Principles-1
22 pages
5 Marks 1 - 40 Cyber Security
No ratings yet
5 Marks 1 - 40 Cyber Security
20 pages
CompTIA Security Review
88% (8)
CompTIA Security Review
133 pages
IS - Unit 1
No ratings yet
IS - Unit 1
15 pages
E - Commerce
No ratings yet
E - Commerce
21 pages
Chapter 1 Introduction
No ratings yet
Chapter 1 Introduction
44 pages
Cybersecurity Framework Essentials
No ratings yet
Cybersecurity Framework Essentials
12 pages
Mainak Mondal BCAC602
No ratings yet
Mainak Mondal BCAC602
7 pages
Define CIA Triad
No ratings yet
Define CIA Triad
85 pages
OSI Security Architecture Explained
No ratings yet
OSI Security Architecture Explained
115 pages
Introduction To Network SecurityD1
No ratings yet
Introduction To Network SecurityD1
3 pages
Assigenment Information Security 1 - 1
No ratings yet
Assigenment Information Security 1 - 1
6 pages
Security
No ratings yet
Security
57 pages
Computer Security
No ratings yet
Computer Security
30 pages
Chapter 1
No ratings yet
Chapter 1
6 pages
Cybersecurity Fundamentals Notes
No ratings yet
Cybersecurity Fundamentals Notes
38 pages
Additional Notes
No ratings yet
Additional Notes
91 pages
Final Exam
No ratings yet
Final Exam
9 pages
IT Security and Cybersecurity Reviewer
No ratings yet
IT Security and Cybersecurity Reviewer
5 pages
Ins QB
No ratings yet
Ins QB
58 pages
Introduction To Cyber Secutiry
No ratings yet
Introduction To Cyber Secutiry
23 pages
Important Questions
No ratings yet
Important Questions
9 pages
Chapter 1
No ratings yet
Chapter 1
11 pages
SecuritySection6 7
No ratings yet
SecuritySection6 7
11 pages
Security Plus Syo701 Notes
No ratings yet
Security Plus Syo701 Notes
3 pages
INS Question Bank Boards
No ratings yet
INS Question Bank Boards
87 pages
Computer Security Notes
No ratings yet
Computer Security Notes
4 pages
Unit I CNS
No ratings yet
Unit I CNS
10 pages
Unit-1 CSDF
No ratings yet
Unit-1 CSDF
62 pages
CISSP Study Guide: CIA Triad Essentials
0% (1)
CISSP Study Guide: CIA Triad Essentials
5 pages
Introduction - Cyber-Attacks, Vulnerabilities, Defe...
No ratings yet
Introduction - Cyber-Attacks, Vulnerabilities, Defe...
2 pages
Quick Notes of Essential of Cyber Security Subject by MCA Scholar's Group ?
No ratings yet
Quick Notes of Essential of Cyber Security Subject by MCA Scholar's Group ?
20 pages
IWAM Module 1
No ratings yet
IWAM Module 1
46 pages
IWAM Module 1
No ratings yet
IWAM Module 1
60 pages
Computer Security Concepts
No ratings yet
Computer Security Concepts
10 pages
States of Data
No ratings yet
States of Data
8 pages
Cyber Security Notes For Students
No ratings yet
Cyber Security Notes For Students
58 pages
Chapter 2
No ratings yet
Chapter 2
10 pages
Imp QB
No ratings yet
Imp QB
26 pages
Study Note Prelim
No ratings yet
Study Note Prelim
7 pages
Chapter 4 Notes
No ratings yet
Chapter 4 Notes
5 pages
Dis Cia 1
No ratings yet
Dis Cia 1
25 pages
Cyber Security
No ratings yet
Cyber Security
15 pages
Network Security Essentials: Fourth Edition by William Stallings (Based On Lecture Slides by Lawrie Brown)
No ratings yet
Network Security Essentials: Fourth Edition by William Stallings (Based On Lecture Slides by Lawrie Brown)
31 pages
Att jwjs3faEhHI5rgtCdQQBaRQmkLa2mglbwpKPmho79h4
No ratings yet
Att jwjs3faEhHI5rgtCdQQBaRQmkLa2mglbwpKPmho79h4
20 pages
Huawei CloudEngine 6863E Switch Datasheet
No ratings yet
Huawei CloudEngine 6863E Switch Datasheet
13 pages
Syllabus CS
No ratings yet
Syllabus CS
9 pages
Siebel Data Mapping Guide
No ratings yet
Siebel Data Mapping Guide
19 pages
Housekeeping Unusued or Old Tablespace
No ratings yet
Housekeeping Unusued or Old Tablespace
3 pages
Lenovo T470 External CD Drive
No ratings yet
Lenovo T470 External CD Drive
32 pages
MQTC v2016 IIB Performance Final PDF
No ratings yet
MQTC v2016 IIB Performance Final PDF
143 pages
Fema - Champ. Manual PDF
No ratings yet
Fema - Champ. Manual PDF
49 pages
10 1 1 1 6269 PDF
No ratings yet
10 1 1 1 6269 PDF
231 pages
The Dell Vostro 1510
No ratings yet
The Dell Vostro 1510
3 pages
Btm452 Hot Jan 2024 Set2
No ratings yet
Btm452 Hot Jan 2024 Set2
8 pages
Wireless Device Functions Explained
No ratings yet
Wireless Device Functions Explained
3 pages
Windows VSS Error Solutions
No ratings yet
Windows VSS Error Solutions
9 pages
JnU CSE 11th Batch Online Class Schedule, Zoom Link, ID and Password (Version 2.1)
No ratings yet
JnU CSE 11th Batch Online Class Schedule, Zoom Link, ID and Password (Version 2.1)
10 pages
Chapter 6 Lesson Plan (Introduction To Computer Graphics)
No ratings yet
Chapter 6 Lesson Plan (Introduction To Computer Graphics)
5 pages
Medelec EEG Operation Manual 4
No ratings yet
Medelec EEG Operation Manual 4
28 pages
F 33813024
No ratings yet
F 33813024
3 pages
Ilovepdf Merged
No ratings yet
Ilovepdf Merged
41 pages
Assignment
No ratings yet
Assignment
8 pages
Java Programming Exercises Volume Two Java Standard Library
No ratings yet
Java Programming Exercises Volume Two Java Standard Library
323 pages
Threats To Data
No ratings yet
Threats To Data
11 pages
Multimedia Systems-L5
No ratings yet
Multimedia Systems-L5
13 pages
Proposed List of Moocs (Nptel Jan-April-2023 Time Line) For B.E. Degree Honors
No ratings yet
Proposed List of Moocs (Nptel Jan-April-2023 Time Line) For B.E. Degree Honors
1 page
Ensayo de Estilo de Vida Saludable
100% (1)
Ensayo de Estilo de Vida Saludable
4 pages
Csibridge V23.1.0 Release Notes: Notice Date: 13-March-2021
No ratings yet
Csibridge V23.1.0 Release Notes: Notice Date: 13-March-2021
7 pages
Brochure ViewPoint6 EUEN Digital JB05708XE
No ratings yet
Brochure ViewPoint6 EUEN Digital JB05708XE
8 pages
iNetVu 7000 Controller Manual
No ratings yet
iNetVu 7000 Controller Manual
128 pages
HirePurchaseScheme CurrentPriceList (07!06!2013)
No ratings yet
HirePurchaseScheme CurrentPriceList (07!06!2013)
60 pages
Syllabus
No ratings yet
Syllabus
50 pages