Hi There, I feel excited after seeing you again. In the last blog we saw about the (ISC)2 Code of ethics, Today in this Blog we will look into Security Concepts Part One. The security Concepts series is split into 2 parts for your best understanding and reference.
Part 1 consists of CIA Triad in detail which is required to pass this Examination, and
Part 2 consists of Authentication and Authorization, Password Security, Multi-Factor Authentication, Non - Repudiation, and Privacy.
You may ask why we have to look into Security Concepts, the Answer is these Security Concepts are the building blocks for your understanding as well as Implementing Security infrastructure and maintaining security in the Cyber world. These security Concepts help us how the internet is working from Behind the scene.
The First and Foremost Security concept everyone should know is the CIA - TRIAD
CIA Triad is the Three Main Goals in Information Security. In the CIA - Triad, The word C.I.A. is broken into 3 attributes and these three attributes have their own functions. They are:
C For Confidentiality
I For Integrity
A For Availability
Now we will look at each attribute in detail:
Confidentiality:
Confidentiality ensures that only authorized individuals have access to information and resources. in other words, Confidentiality protects Information from unauthorized disclosure.
There are some Threats and Concerns that affect Confidentiality, they are:
Snooping: Gathering Information that is left open. The mitigation of the threat is to implement a clean desk policy.
Dumpster Diving: Collecting Information from Trash bin / Recycle bin. The Mitigation of the threat is File shredding.
Eavesdropping: Eavesdropping is the act of secretly or stealthily listening to the private conversation or communications of others without their consent in order to gather information. there are 2 types of Eavesdropping: Physical Eavesdropping and Electronic Eavesdropping ( Wiretapping). The Mitigation of Electronic Eavesdropping (Wiretapping) is to use Encryption between Communication.
Social Engineering: The attacker uses open-source intelligence to catch the victim's mindset and attacks them with phishing emails and by other means. The Mitigation of this threat is to educate users to evade such types of attack attempts.
Integrity:
Integrity Protects information from unauthorized changes and data breaches.
There are some threats and Concerns that affect integrity, they are:
Unauthorized modification: An attacker gains access to a system and makes changes that violate a security policy / unauthorized changes. The mitigation of Unauthorized modification is to follow the policy of least privilege of the users.
Impersonating Attacks: The attacker Pretends to be someone other than who they actually are. In other words, they just make you believe they are from your own organization in the name of a legit employee and they try to get important data from you. The mitigation of Impersonating Attacks is to educate the users about these types of attacks and avoid this.
Man-in-the-Middle Attack: This type of attack places the attacker in the middle of the communication session. In other words, The attacker Intercepts the network traffic and pretends to be a user, and monitors all the data traffic for any sensitive information. The mitigation of the Man in the Middle attack is to use data encryption to protect communication.
Reply Attacks: In Reply attacks the attacker eavesdrop on the logins and reuses the Captured Credentials. In this type of attack, the attacker doesn't have to get in the middle of the conversation, but only has to find a way to observe a legitimate user login into a system. The mitigation of the Reply attack is the same as the man-in-the-middle attack, to use data encryption to protect communication.
Availability:
Availability ensures that information and the system remain available to authorized users when needed. They protect against disruptions to normal system operation or Data availability.
There are some threats and Concerns that affect Availability, they are:
Denial of service attack: DOS attack occurs when a malicious individual bombards a system with an overwhelming amount of traffic. The idea is to simply send so many requests to a server that its unable to answer any request from legitimate users. We can protect ourselves from DOS attacks by using a firewall that blocks unauthorized connections.
Power Outages: Power outages can cause a system outage and cause an Availability Problem. The mitigation is to use Redundant Power (Backup power source) and a Generator to tackle power outages and maintain Availability.
Hardware Failures: Server, Hardware, Network, and other equipment, all fail occasionally and those failures can disrupt access to information making it an availability problem. We can mitigate this issue by building a system that has built-in redundancy (Backup devices kept on standby), so if one component fails other will start up.
Destruction Of Equipment: Destruction can occur in Man Made - Intentional and Natural disasters which cause disrupt access to information making it an availability problem. We can mitigate this issue: Small Scale: Build Redundant Systems ( Maintaining Spare system Devices that is kept standby) and in Large Scale: Establishing Data Backup Centers on Cloud / Remote.
Ok then, We will stop here. till here we looked into the CIA Triad which is very important for a security professional to follow and an Important topic in this CC Exam. You will face up to 4 - 5 Questions from the CIA triad in your CC Exam.
We will continue with Security Concepts - Part 2 in our next blog. Then bye until we meet on the next series. this is Sandeep Velayudhan Signing out.
For More informative content Join Our official WhatsApp group