outline - Confidentiality prevents unauthorized disclosure...

Info icon This preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Confidentiality: prevents unauthorized disclosure of data. Authorized personnel only. Integrity : assurance data has not changed Availability : can be accessed/used Security Triad: PII : Personally Identifiable Information Identification : a unique username Authentication : prove identity, such as with a password. Authorization : Grant or restrict access based on permissions. Access Controls: Steganography: hiding data within data, such as encoding a message in an image. Remember this: Confidentiality ensures that data is only viewable by authorized users . The best way to protect the confidentiality of data is by encrypting it. This includes any type of data, such as PII, data in databases, and data on mobile devices. Access controls help protect confidentiality by restricting access . Steganography helps provide confidentiality by hiding data , such as hiding text files within an image file. Integrity: ensures data not changed or tampered with or corrupted. Hash : verifies data. A number created based on an algorithm ran against the data. When a hash changes, the data changes. Data is not valid if hash is incorrect. MAC: Message Authentication Code, similar to hash. MAC also stands for Mandatory Access Control (control model) and Media Access Control (physical addresses on NICs). Remember this: Integrity verifies that data has not been modified. Loss of integrity can occur through unauthorized or unintended changes. Hashing algorithms , such as MD5, HMAC, or SHA-1, calculate hashes to verify integrity. A hash is simply a number created by applying the algorithm to a file or message at different times. By comparing the hashes, you can verify integrity has been maintained. Non-repudiation : Sender cannot later deny sending because of digital signature. Digital Signature: similar to physical signature. Difficult to reproduce. Also provides authentication of the sender. Requires use of certificate and Public Key Infrastructure (PKI) Remember this: Digital signatures can verify the integrity of emails and files. Digital signatures require certificates and also provide authentication and non-repudiation. Disk redundancies, Server redundancies, Load balancing, Site redundancies, Backups, UPS, Redundancy and Fault Tolerance: Removes a single point of failure ( SPOF ). Creates high availability. Availability: data/services available when needed. Chapter 1: Mastering Security Basics Monday, October 24, 2016 11:41 AM Darril Gibbons - Get Certified Book Page 1
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Disk redundancies, Server redundancies, Load balancing, Site redundancies, Backups, UPS, Cooling systems (HVAC). Remember this: Availability ensures that systems are up and operational when needed and often addresses single points of failure . You can increase availability by adding fault tolerance and redundancies, such as RAID, failover clusters, backups, and generators. HVAC systems also increase availability.
Image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern