Fundamentals
Security
of Information
Fundamentals
Assessment
Security
–
of Information
Study
Assessment
Guide,
Security
Risk
– Study
Analysis
Assessment
Guide,
and Security
Risk
– Study
Analysis
Evaluation
Guide,
and Security
Risk
Review.pdf
Analysis
Evaluation
and Security
Review.pdf
Evaluation Review.pdf
Fundamentals of
Information
Security
Assessment –
Study Guide, Risk
Analysis and
Security
Evaluation Review
Fundamentals of Information
Fundamentals
Security
of Information
Fundamentals
Assessment
Security
–
of Information
Study
Assessment
Guide,
Security
Risk
– Study
Analysis
Assessment
Guide,
and Security
Risk
– Study
Analysis
Evaluation
Guide,
and Security
Risk
Review.pdf
Analysis
Evaluation
and Security
Review.pdf
Evaluation Review.pdf
,Fundamentals of Information Security Assessment study guide.pdf Fundamentals of Information Security Assessment study guide.pdf Fundamentals of Information Security Assessment study guide.pdf
Information Security Protecting information and systems from unauthorized access, use, disclosure,
disruption, modification, or destruction
Confidentiality Making sure only authorized people can access information
Integrity Making sure information is accurate and not changed improperly
Availability Making sure systems and data are accessible when needed
CIA Triad The three core security principles of confidentiality, integrity, and availability
Parkerian Hexad A security model that includes confidentiality, integrity, availability, possession,
authenticity, and utility
Possession Having ownership or control of data or a device
Authenticity Being genuine, real, and from a trusted source
Utility Being useful and usable
Threat Anything that could cause harm to a system or asset
Vulnerability A weakness that can be exploited
Risk The chance that a threat will exploit a vulnerability and cause harm
Fundamentals of Information Security Assessment study guide.pdf Fundamentals of Information Security Assessment study guide.pdf Fundamentals of Information Security Assessment study guide.pdf
, Fundamentals of Information Security Assessment study guide.pdf Fundamentals of Information Security Assessment study guide.pdf Fundamentals of Information Security Assessment study guide.pdf
Impact The amount of harm caused by a security event
Defense in Depth Using multiple layers of security instead of relying on one
Least Privilege Giving users only the access they need
Nonrepudiation Preventing someone from denying an action they performed
Accountability Being able to trace actions to a specific user
Identification Claiming an identity
Authentication Proving an identity
Authorization Determining what an authenticated user is allowed to do
Access Control The process of deciding who can access resources
Access Control List (ACL) A list of permissions attached to a resource
Capabilities Access rights assigned directly to a user or process
Two-Factor Authentication (2FA) Authentication using two different factor types
Multifactor Authentication (MFA) Authentication using two or more different factor types
Fundamentals of Information Security Assessment study guide.pdf Fundamentals of Information Security Assessment study guide.pdf Fundamentals of Information Security Assessment study guide.pdf