Cuestionario sin título

Questions and Answers

Pair

Confidentiality = Ensures information is accessible only to authorized personnel Integrity = Ensure data REmains acurrate and unaltered Availability = Ensures information and resources are accessible when needed non-repudation = Guarantees that an action or event cannot be denied by the involved parties

CIANA pentagon add to CIA:

non-repudation and authentication

Triple A of security

Authentication = Verifying the identity of a user or system Authorization = Determing actions or resourcer and authenticated user can access Accouting = TRacking user activies and resources usage for audit or billing puposes

Security control categories

Technical, maagerial, operational, physical

Security control types

Preventative, deterrent, detective, corrective, compensating , directive

Technical control

Technologies, hardware and software that are imlemented to manage and reduce risk

Managerial controls

Sometimes also referred to as administrative controls. Involve the strategic planning and governance side of security

Operational controls

Procedures and measures that area designed to protect data on a day-to-day basis. Are mainly governed by internal processes and human actions.

Physical controls

Tangible, real-world measures taken to protect assets

Preventive controls

Proactive measures implemented to thwart potential security threats or breaches.

Deterrents controls

Discourage potential attackers by making the effort seem less appealing or more challengin

Detective controls

Monitor and alert organizations to malicius activities

Corrective control

Mitigate any potential damage and restore our system to their normal state

Compensating controls

Alternatives measures that are implemented when primary security controls are not feasible or effective

Directive controls

Guide, inform, or mandate actions. Often rootef in policy od documentation.

¿Cuál de los siguientes principios de Zero Trust se centra en limitar el acceso de los usuarios solo a los recursos necesarios para sus tareas?

Acceso de menor privilegio

¿Qué técnica en Zero Trust implica dividir la red en segmentos más pequeños para minimizar el movimiento lateral de las amenazas?

Micro-segmentación

Cuál es el propósito principal de implementar monitoreo continuo en el contexto de Zero Trust?

Identificar comportamientos sospechosos en tiempo real

¿Cuál de las siguientes afirmaciones sobre la autenticación de usuarios en un modelo Zero Trust es correcta?

La autenticación debe ser fuerte y verificarse regularmente.

Qué enfoque Zero Trust promueve la idea de que la seguridad debe ser una tarea constante y adaptativa?

Seguridad como un proceso continuo

Study Notes

Zero Trust Principle

• Never Trust, Always Verify: This principle emphasizes the assumption that threats can originate both within and outside the network. It necessitates the verification of user identities, device integrity, and data authenticity.
• Least Privilege Access: Limiting user access to only the resources required for their tasks is crucial. Regularly reviewing and adjusting permissions ensures that access is granted on a need-to-know basis.
• Micro-Segmentation: Dividing the network into smaller, isolated segments prevents lateral movement of threats within the network. This granular access control helps minimize the impact of a security breach.
• Continuous Monitoring: Implementing real-time monitoring of user activity and network traffic allows for the detection of suspicious behaviour. Analytics and threat detection tools play a vital role in identifying potential threats.
• User Authentication: Strong authentication methods, such as multi-factor authentication, are essential. Regular verification of identities, even for users already on the network, ensures ongoing security.
• Device Security: Maintaining secure and compliant devices accessing the network is crucial. Monitoring device health and enforcing security posture checks helps prevent unauthorized access.
• Data Protection: Encrypting sensitive data, both during transmission and when stored, protects it from unauthorized access. Data loss prevention (DLP) measures further safeguard critical information.
• Automate Security Responses: Automating incident response allows for swift mitigation of potential threats. Integrating security tools enhances visibility and allows for faster reactions.
• Zero Trust Architecture: Security features should be embedded into the network from its inception. A combination of technologies, including identity management and firewalls, enforces the Zero Trust principles.
• Security as a Continuous Process: Continuously updating and auditing security measures helps adapt to evolving threats. Fostering a culture of security awareness and training among all users is crucial.