Notes - Unit 2: Computing Security Concepts and Problems 2

by abhishek rai,
published on

***************************************************************************************
***************************************************************************************
File Name: Unit-Two-Notes-501x-14042018
About: Notes from unit two of RITx:CYBER501x course on Edx.
Unit 2: Computing Security Concepts and Problems 2
Author: Abhishek Rai
Date: 14th April 2018
Day: Saturday
***************************************************************************************
***************************************************************************************

 


A. The CIA Model


i) The C stands for confidentiality.

Cybersecurity requires privacy in data and information.Certain people, devices, or processes should be permitted or restricted from seeing data, files,and items, like username, password combinations.Confidentiality is concerned with simply viewing data or information.

The main way confidentiality is accomplished is through encryption.

ii) The I in this CIA model stands for integrity.

Cybersecurity requires us to feel safe that data transmitted, processed,and stored has not been changed from its original form,either accidentally or maliciously.

The main way integrity is accomplished is through hashing.

iii) The last letter of CIA, the A, stands for availability.

With all your cyber security measures in place, dealing with hardware, software, people,processes, and more, users who are authorized to do their jobs should be able to do so.


B.) The AAA Model: Authentication


i) The first A refers to authentication, which is the process of proving you are who you say you are.

ii) Authentication requires proof in one of three possible forms: Something you know,like a password; something you have, like a key fob; something you are, biometrics.

iii) 2FA - Sending codes to your phone through SMS, short message service text messages.

You use these codes that are texted to your phone in addition to a password to access an account.

NIST, the National Institute of Standards and Technology subsequently denounced two-factor authentication through text messages.

They stated that 2FA with SMS should be deprecated immediately due to the fact that SMS messages can be intercepted or redirected.

C.) The AAA Model: Authorization

i) Authorization means that based on the user's credentials, we let him do certain things,we let him see certain things but not others.

ii) This is tied into the principle of least privilege, which states users and even devices,programs, and processes should be granted enough permissions to do their required functions and not a single drop more.



D.) The AAA Model: Accounting


i) Keeping track of users and their actions is very important.From a forensics perspective, tracing back to events leading up to a cybersecurity incident can prove very valuable to an investigation.

ii) A generic account for administrators or managers to share is not a very good idea.The accounting can't tie actions to an individual.


E.) Threat Agents


A threat agent—or threat actor—is anything that can possibly damage or disrupt the system’s ability to perform as it needs to.
This isn’t limited to malicious actors like hackers.

Individuals within a threat population; Practically anyone and anything can, under the right circumstances, be a threat agent – the well-intentioned, but inept, computer operator who trashes a daily batch job by typing the wrong command, the regulator performing an audit, or the squirrel that chews through a data cable.

Also includes God (as in “acts of”), “Mother Nature,” and random chance.

Non-Human Elements: Floods, Lightning strikes, Plumbing, Viruses, Fire, Electrical, Air (dust), Heat control


i) A threat is a looming danger that can change or damage your assets.
Think of the actual actions like fires, floods, hackers getting into your network,malware infecting your systems, your server crashing without backups to go to,or even a cleaner accidentally pulling out the plug to an important server.
Threat agents or actors are the ones carrying out the threats.

ii) A vulnerability is a weakness, a flaw in a program, device, network, and even a person.
Weak authentication checks, default user name password combinations,incorrectly configured firewalls, and even a gullible or naive employee are all vulnerabilities.

iii) When threat actors carry out the threat, they exploit the vulnerability.
Exploit can be a verb meaning penetrating a system to exploit, or a noun meaning the tool or method used to penetrate a system and exploit.

iv) Risk is the combination of the probability of an event or loss from zero to 100% and its consequence or impact.

v) There are three things that can be done to risk but eliminate is not one of them.
You could reduce or mitigate the risk.

We can eliminate some vulnerabilities and block some threats,but nothing is ever going to be 100%.

Encryption, hashing, VPN's, firewalls, intrusion detection and prevention systems, and more can reduce the risk.

Another thing you can do to risk is transfer it.You can purchase cybersecurity insurance, which is a growing industry now,or even use cloud computing and another company's resources.