CyberSecC@ptBlackb3ard
  • 🦜Welcome
  • Cyber Security
    • Offensive Security
      • Penetration Testing Methodology
      • Pre-Engagement Interaction
      • Reconnaissance (Information Gathering)
        • Open-Source Intelligence (OSINT)
      • Scanning and Enumeration
        • Domain Enumeration
        • Network Enumeration
          • Network Mapper (nmap)
          • Port/Protocol & Service Enumeration & Attack
            • File Transfer Protocol (FTP): 20, 21
              • Trivial File Transfer Protocol (TFTP): 69
              • FTP over SSL/TLS (FTPS): 989, 990
            • Secure Shell (SSH): 22
            • Telnet: 23
            • Simple Mail Transfer Protocol (SMTP): 25
              • SMTP Secure (SMTPS): 587
            • Domain Name System (DNS):53
            • Dynamic Host Configuration Protocol (DHCP): 67, 68
            • Hyper Text Transfer Protocol (HTTP): 80
              • HTTP over SSL/TLS (HTTPS): 443
            • Kerberos: 88
            • Post Office Protocol version 3 (POP3): 110
            • Network Time Protocol (NTP): 123
            • Remote Procedure Call (RPC): 135
            • NetBIOS: 137, 138, 139
            • Internet Message Access Protocol (IMAP): 143
            • IMAP over SSL/TLS: 933
            • Internet Relay Chat (IRC): 194
            • Light Weight Directory Access Protocol (LDAP): 389
              • LDAP over SSL/TLS (LDAPS): 636
            • Server Message Block (SMB): 445
              • Hostname
              • Shared Folders
            • Network File System (NFS): 2049
            • Microsoft SQL Server: 1433
            • MySQL Server: 3306
            • PostgreSQL Server: 5432
            • Remote Desktop Protocol (RDP): 3389
            • Border Gateway Protocol (BGP): 179
            • Remote Authentication Dial-In User Service (RADIUS): 1812, 1813
        • Web Enumeration
      • Security Assessment Report Writing
      • Tools
        • Cryptography & Encoding
          • Password Recovery
        • Network Tools
  • Networking
    • OSI and TCP/IP Model
      • Common Network Ports & Protocols
  • Cloud
    • Cloud Computing
  • General
    • Cyber Security Theory
      • Information Security
      • Cybersecurity Resilience
      • Cybersecurity Posture
    • Terms and Acronyms
    • Database Cheat Sheets
Powered by GitBook
On this page
  1. General
  2. Cyber Security Theory

Information Security

Information security is "the state of well-being of information and infrastructure in which the possibility of theft, tampering, or disruption of information and services is kept low or tolerable."

Information security focuses on proactively protecting information and systems from unauthorized access, misuse, disclosure, disruption, or destruction.

Elements of Information Security

It relies on five major elements:

  1. Confidentiality: assurance that the information is only accessible to authorized persons or systems. Breaches — improper data handling or unauthorized access. Controls — access controls & credentials, data encryptions, and proper hardware disposal.

  2. Integrity: assurance that data or resources are sufficiently accurate and reliable for their purpose; trustworthiness that they have not been tampered with intentionally or unintentionally. Controls - cryptographic encryption, checksums, and access controls.

  3. Availability: assurance that systems responsible for delivering, storing, and processing information are accessible when required by authorized persons. Controls - hardware redundancy, AV solutions, etc.

  4. Authenticity: refers to a characteristic of communication, transactions, or data that ensures the quality of being genuine or uncorrupted; a significant role of authentication is confirming that a user is genuine/authentic. Controls — biometrics, smart cards, digital certificates.

  5. Non-repudiation: assurance that process, communication, or transaction cannot later be denied as being executed by a person or system. For example, a sender cannot deny sending a message, nor can the recipient deny receiving the message. Controls — digital signatures.

CIA Triad: Confidentiality, Integrity, and Availability.

The above helps inform organizations on how to set up secure systems, security controls, and policies. Cybersecurity professional use them to establish f

The above helps inform organizations on setting up secure systems, security controls, and policies. Cybersecurity professionals use them to establish appropriate controls to mitigate threats, risks, and vulnerabilities.

  • Vulnerabilities:

  • Threats: any circumstance or event that can negatively impact assets, e.g., social engineering attacks, denial of service, etc.

  • Risks: the likelihood of a threat occurring. They are rated as Critical, High, Medium, or Low.

  • Vulnerabilities: are application, system, or network weaknesses that a threat can exploit, such as weak passwords or outdated/misconfigured firewalls.

Note: Both a vulnerability and a threat must be present for there to be a risk.

Likelihood x Threat = Risk

  • Assets: any item with perceived value (data, software, or hardware) to an organization, which thus carries an inherent risk (improper tampering, destruction, or disclosure) and thus requires protective security controls and measures.

  • Compliance: the process of adhering to internal standards and external regulations, enabling organizations to avoid fines and security breaches.

  • Security Frameworks: guidelines for building plans to help mitigate risks and threats to the CIA triad.

  • Security Controls: safeguards designed to reduce specific risks; they are used with security frameworks to establish a strong security posture.

  • Security posture refers to an organization's ability to manage its defense of critical assets and data and react to change; a strong security posture leads to lower risk for the organization.

PreviousCyber Security TheoryNextCybersecurity Resilience

Last updated 5 months ago