PRACTICE

01 - Fundamental Security Concepts

Core Security Principles

  • CIA Triad:
    • Confidentiality: Prevent unauthorized disclosure (encryption, steganography, ACLs)
    • Integrity: Prevent unauthorized modification (hashing, digital signatures, version control)
    • Availability: Ensure timely, reliable access (redundancy, failover, backups)
  • AAA:
    • Authentication (AuthN): Prove identity (passwords, biometrics, smart cards, MFA)
    • Authorization (AuthZ): Grant permissions (RBAC, ACLs, least privilege)
    • Accounting: Track activity (logging, audit trails)
  • Non-repudiation: Proof of origin/action—prevents denial (digital signatures, trusted timestamps)
  • Authenticity: Verification that data/source is genuine (certificates, MAC validation)
  • Privacy: Right of individuals to control personal data collection/use (distinct from confidentiality)

Security Controls Matrix

Memorize both axes—exam questions test Category vs. Function

Category (Implementation) Function (Purpose)
Technical/Logical: Firewalls, encryption, AV, IDS Preventive: Block before occurrence (firewall policy, Faraday cage)
Administrative/Managerial: Policies, training, background checks Detective: Identify during/after (IDS logs, CCTV, audit reviews)
Physical: Locks, guards, biometrics, fencing Corrective: Fix/restore after (patching, restoring from backup)
  Deterrent: Discourage attempt ("Beware of Dog", security badges visible)
  Compensating: Alternate when primary weak (separate admin accounts when SSO fails)
  Recovery: Return to normal ops (DR sites, backups)

Pro Tip: Controls overlap. A smart card is Technical + Preventive. CCTV is Physical + Detective.

Cyber Roles & Business Units

CISO: Chief Information Security Officer – executive strategy, risk, budget
SOC: Security Operations Center – 24/7 monitoring, triage alerts, Tier 1-3 analysts
DFIR: Digital Forensics & Incident Response – investigate breaches, collect evidence
DevSecOps: Integrates security into CI/CD pipeline; "shift left" (security early in dev)
Data Owner: Classifies data; Data Custodian: Manages backups/controls
Security Architect: Designs secure networks; Privacy Officer: Compliance/PII governance

Gap Analysis & Frameworks

Gap Analysis: Compare current security posture vs. target state (framework requirements)
Frameworks: Structured guidelines (NIST CSF, ISO 27001, CIS Controls, COBIT) – provide standardized controls/baselines