Cybersecurity Fundamentals PDF

Summary

This document provides an overview of fundamental cybersecurity concepts, including the CIA triad (Confidentiality, Integrity, and Availability), non-repudiation, AAA (Authentication, Authorization, and Accounting), gap analysis, and the zero trust security model.

Full Transcript

1.2 Summarize
fundamental
security
concepts
Explore the fundamental principles of
cybersecurity, including Confidentiality,
Integrity, and Availability (CIA), Non-
repudiation, and Authentication,
Authorization, and Accounting (AAA).
Understand the importance of conducting
Gap analysis and implementing Zero Trust
security models.
Confidentiality, Integrity, and
Availability (CIA)
Confidentiality Integrity Availability
Ensuring that sensitive Maintaining the accuracy, Ensuring that authorized
information is accessible completeness, and users have reliable and
only to authorized consistency of data timely access to information
individuals or entities. throughout its entire and resources when needed.
Protecting data from lifecycle. Preventing Guarding against disruptions
unauthorized access or unauthorized modification or or denials of service.
disclosure. tampering.
Non-repudiation
Non-repudiation is a critical security concept that ensures the origin of a message or action cannot be
denied. It provides proof of the integrity and origin of data, preventing the sender from falsely claiming
they did not send it.

1. Digital signatures and timestamps ensure non-repudiation by cryptographically binding the sender's
identity to the message.
2. Audit logs and transaction records also support non-repudiation by documenting activities and
proving who performed them.

3. Biometric authentication, like fingerprints or facial recognition, can further strengthen non-repudiation
by uniquely identifying the user.
Authentication, Authorization, and
Accounting (AAA)
1 Authentication
Verifying the identity of a user, device, or system before granting access to resources. Common
methods include passwords, biometrics, and multi-factor authentication.

2 Authorization
Controlling and managing the permissions and privileges granted to authenticated entities.
Ensures users can only access what they are authorized to.

3 Accounting
Tracking and logging user activities and resource usage for auditing, compliance, and forensic
purposes. Provides accountability and non-repudiation.
Gap Analysis
Gap analysis is a strategic planning technique
used to identify the gaps between an
organization's current state and its desired
future state. This analysis helps uncover areas
for improvement and opportunities for growth.

By examining the differences between the
actual and desired performance,
organizations can develop targeted strategies
to bridge those gaps and achieve their
objectives more effectively.
Zero Trust Security Model
Verify
1
Continuously verify identity and authorization

Limit Access
2
Restrict access to only what is required

Monitor
3
Continuously monitor and detect threats

The Zero Trust security model shifts away from traditional perimeter-based defenses towards a more
granular, user-centric approach. It requires continuous verification, least privilege access, real-time
monitoring, and automated incident response. This helps organizations protect against advanced threats
and data breaches by eliminating implicit trust.
Physical Security: Bollards

Bollards are sturdy, short posts installed at
building entrances or perimeters to control
vehicle access and prevent unauthorized entry.
They serve as a critical physical security
measure, protecting against ram raids, vehicle-
borne attacks, and accidental collisions.
Physical Security: Access Control
Vestibule

Secure Entry Point Tailgating Prevention Advanced Access
An access control vestibule is a The vestibule design prevents Control
specialized entryway that tailgating, where an Access control vestibules often
enhances security by requiring unauthorized person follows an integrate biometric scanners,
visitors to pass through two sets authorized person through the keycard readers, and other
of doors, creating an airlock-like doors. The airlock space allows advanced security technologies
space that prevents only one person to enter at a to verify the identity of anyone
unauthorized entry. time. entering the protected space.
Physical Security: Fencing

1 Perimeter Protection 2 Layered Security
Fencing serves as a critical physical barrier, Fencing is often used in conjunction with
demarcating the boundaries of a facility and other physical security measures like
deterring unauthorized access. cameras, lighting, and access control to
create a comprehensive security system.

3 Customized Solutions 4 Visibility and Signage
Fencing can be tailored to the specific Clear signage and high visibility of fencing
needs of a site, with options ranging from can further enhance its deterrent effect and
chain-link to wrought iron to barbed wire, communicate the boundaries of the
depending on the level of security required. protected area.
Physical Security: Video Surveillance

Camera Motion Detection Secure Storage Centralized
Monitoring Advanced motion Video footage is Monitoring
Strategically placed sensors trigger the securely stored in the A security operations
CCTV cameras cameras, ensuring cloud or on-site center continuously
continuously monitor efficient recording and servers, allowing for monitors the video
and record activity, reducing storage easy retrieval and long- feeds, responding
providing a visual requirements. term retention. quickly to any
deterrent and evidence suspicious activity.
for investigations.
Physical Security: Security Guard

Security guards play a crucial role in physical
security, acting as a deterrent, first responder, and
watchful eye. Their presence discourages would-
be intruders, and they are trained to swiftly
intervene and report any suspicious activity. By
continuously monitoring the premises, security
guards help maintain a safe and secure
environment.
Physical Security: Access Badge
1 Badge Issuance 2 Badge 3 Multi-factor
Employees are issued Authentication Authentication
personalized access Access badges are For heightened security,
badges to enter secure scanned at entry points to access badges may be
areas. Badges contain verify the employee's used in conjunction with
unique identifiers and identity and authorization. other authentication
may include photo ID, This ensures only factors like biometrics or
name, and access approved personnel can PIN codes to further verify
permissions. enter restricted zones. identity.
Physical Security: Lighting
Illumination Surveillance
Proper lighting is crucial for physical security, Effective lighting supports video surveillance
providing illumination to deter and detect systems, ensuring clear footage and the ability to
intruders. Bright, strategically placed lights can identify individuals. It also enables security
enhance visibility around the perimeter, entry personnel to monitor the premises effectively,
points, and other vulnerable areas. both in-person and through camera feeds.

Deterrence Safety
Well-lit environments discourage criminal activity, Adequate lighting promotes a sense of safety and
as perpetrators prefer to operate in the shadows. security for employees, visitors, and the general
Lighting makes it harder for them to conceal their public. It helps prevent tripping hazards and
movements and increases the chances of being enables easy navigation around the facility.
spotted.
Physical Security: Sensors
Sensors are essential elements of physical security systems, providing real-time monitoring and
detection capabilities. These intelligent devices can detect motion, heat, vibration, or intrusion, triggering
alerts and initiating appropriate responses to secure the premises.

Sensor Type Purpose

Motion Sensors Detect movement within a defined area, triggering alarms or
activating surveillance cameras.

Heat Sensors Identify abnormal heat signatures, which could indicate a fire or
human presence.

Vibration Sensors Monitor for unauthorized entry attempts, such as breaking glass
or cutting through fences.

Perimeter Sensors Establish virtual boundaries, alerting security personnel of
potential intrusions along the perimeter.
Honeypot
A honeypot is a security tool designed to lure and trap unauthorized users or intruders. It is a decoy
system or application that appears to be a legitimate part of a network, but is actually isolated and
monitored to gather information about the attacker's behavior and tactics.

Honeypots can be used to detect, deflect, and study attempts to gain unauthorized access to information
systems. By analyzing the attacker's actions within the honeypot, security teams can better understand
and defend against real threats to the organization.
Honeynet
A honeynet is an advanced honeypot system designed to attract and study the tactics and behaviors of
sophisticated cyber attackers. It consists of a network of interconnected honeypots that monitor and
analyze the activities of intruders in a controlled environment.

By observing the attacker's actions within the honeynet, security professionals can gain valuable insights
into emerging threats, hacking techniques, and the motivations behind cyber attacks.
Honeyfile ¯
A honeyfile is a type of security trap designed to detect and deceive unauthorized users. It appears to be
a legitimate file, but is actually a hidden trap that can be used to monitor and track intruders who access

O
it. Honeyfiles are often used as part of a broader honeypot security strategy.

Honeytoken
A honeytoken is a digital trap designed to detect and monitor unauthorized access or activity within a
computer system or network. It is typically a fake or bogus asset, credential, or data that is planted to lure
and detect potential attackers.

Honeytokens can be used to identify insider threats, detect data breaches, and gather intelligence on the
tactics, techniques, and procedures (TTPs) of threat actors. They can be strategically placed across an
organization's digital infrastructure to help enhance overall cybersecurity posture.
Conclusion and Key Takeaways
In summary, implementing a robust security strategy that encompasses confidentiality, integrity, and
availability (CIA), non-repudiation, AAA, and layered physical security measures is crucial. By identifying
gaps, adopting a zero-trust model, and leveraging honeypots, organizations can enhance their overall
cybersecurity posture and protect against evolving threats.
Practice Exam Questions
1. Which of the following is a core principle of information security?

A) Confidentiality
B) Complexity
C) Compatibility
D) Capacity

Correct Answer: Confidentiality. Confidentiality ensures that information is accessible only to authorized
individuals or entities.

2. What is the purpose of non-repudiation in security?

A) To prevent users from denying their actions
B) To ensure data is always available
C) To encrypt data at rest
D) To verify user identities

Correct Answer: To prevent users from denying their actions. Non-repudiation provides proof of the
origin, delivery, and integrity of data to prevent users from denying involvement in a particular action.
Practice Exam Questions
3. Which of these is a key component of the Authentication, Authorization, and
Accounting (AAA) security framework?

A) Identification
B) Confidentiality
C) Integrity
D) Availability

Correct Answer: Identification. AAA ensures that users are properly identified, authorized to access
resources, and that their actions are properly accounted for.

4. What is the primary purpose of a honeypot in cybersecurity?

A) To attract and study unauthorized access attempts
B) To encrypt sensitive data
C) To provide redundancy for critical systems
D) To verify user identities

Correct Answer: To attract and study unauthorized access attempts. Honeypots are used to detect,
deflect, and analyze attempts to gain unauthorized access to information systems.
Practice Exam Questions
5. What is the difference between a honeypot and a honeynet?

A) A honeypot is a single system, while a honeynet is a network of systems
B) A honeypot is for internal use, while a honeynet is for external use
C) A honeypot is for detecting attacks, while a honeynet is for preventing attacks
D) A honeypot is for monitoring, while a honeynet is for analysis

Correct Answer: A honeypot is a single system, while a honeynet is a network of systems. A honeynet is
an advanced honeypot system designed to attract and study the tactics and behaviors of sophisticated
cyber attackers.
Further resources
https://examsdigest.com/

https://guidesdigest.com/
https://labsdigest.com/

https://openpassai.com/