Section - Principles of Security

  • Task 1 - Basic Intro
  • Task 2 - CIA Triad
    • Infosec model created in 1998
    • Confidentiality
      • Protection of org data. Is it public, private, admin only, etc.
    • Integrity
      • Accuracy and consistency. Have things been tampered with? Have only authorized people accessed it?
    • Availability
      • Uptime, is the data accessibile to those who are authorized?
  • Task 3 - Privileges
    • Privileged Identity Management (PIM)
      • Who you are in the company translates into access on a system
    • Privileged Access Management (PAM)
      • Management of what privileges a system access role has
      • Things like security policies, auditing, etc.
      • Things that reduce the potential attack surface.
  • Task 4 - Security Models (Beyond CIA Triad)
    • Bell-La Padula
      • Model used to maintain and achieve confidentiality. It’s very strict and on a need to know basis
        • Works by granting access to pieces of data (called objects)
      • Popular within the government and military
      • Usually used when people/users have already been through a vetting process, and are already considered trustworthy.
      • “Can’t read up, can read down”
        • I.e. can’t climb up the ladder, but is able to climb down
    • Biba
      • Basically the Bell-La Padula model but for the integrity portion of the CIA triad
      • “Can read up, can’t read down”
        • I.e. can climb up the ladder, but can’t climb down
  • Task 5 - Thread Modelling / Incident Response
    • Threat Modelling
      • Reviewing, improving, and testing security protocols
      • Extremely important! It helps identify what threats are likely, what to expect, etc.
        • Generic Process:
          • Identification -> Preparation -> Mitigation -> Reviews -> Repeat
          • Threat Intelligence -> Asset Identification -> Mitigation Capabilities -> Risk Assessement -> Repeat
    • Threat Modelling / Response Frameworks
      • STRIDE - Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege
      • CSIRT - Computer Security Incident Response Team
        • Preparation -> Identification -> Containment -> Eradication -> Recovery -> Notes/Lessons
      • PASTA - Process for Attack Simulation and Threat Analysis
Copyright © 2022 AJ Nicoloff Original Theme by Zheli Design