[ad_1]
The discussion assignment requires an Original Posting (main post) from you of 2-3 paragraphs answering the module’s question.
In addition to your main post, you must post three responses to other posts made by your classmates. These can be replies to other main posts or responding to student replies on your thread.
List of topics for discussion. Choose ONE of the below.
Identify key terms associated with security.
Discuss threats to information.
Explain the importance of confidentiality, integrity, and availability in terms of cybersecurity.
Discuss the principle of least privilege and defense in depth.
Recall the basic risk management process.
Identify ethical issues in cybersecurity.
Please respond to ALL 3 peer posts below
PEER 1: Threats to Security
In the modern age there are many threats to our assets, especially in the online world. I am going to be writing about threats to security in this discussion post. There are three main types of threats that can comprimise security, that being: threat agents, attacks, and risks. Threat agents can be many different things, but we can define them broadly as a potential party that wants to steal and/or compromise our personal detail or property. For example, this could be the threat of hackers online banking companies face, or a potential home invader. Threat agents could even be something natural, like the threat of a hurricane a beachfront house faces during a stormy season.
Attacks are the second type of threat, and can be cateogorized further into sub-categories: Physical, DOS, subversion, masquerade, disclosure, and forgery. There are important differences to all of them. Physical attacks are the attacks most people try to prepare for; think jewelery store robbery or other attacks that is physical and to the point. DOS stands for denial of service, and occurs when an attacker overwhelms or otherwise compromises the host computer, rendering it unusable for a time. This type of attack can commonly occur on webpages, and make them unresponsive. Subversion is when the system is modified and/or damaged, sometimes for the benefit of the attacker. A masquerade can occur when a user of a system pretends to be someone they are not, and is closesly related to a forgery. Forgery attacks are a type of masquerade where they are pretending to be someone they are not by sending unauthorized messages. Finally, a disclosure occurs when private or revealing information is disclosed to public, often times to harm public image.
A risk is when there is a potential of an attack to a system or assets. The PRMF (proprietors risk management framework) is a version of the NIST’s RMF designed for more detailed and personalized analyses of risks. There are three steps: identify the risks, prioritize the risks, and establish the requirements. This can seem quite obvious at first, but it is very helpful to have a step-by-step process written out. In identifying our risks, we need to go over what we previously discussed and think about what type of threat agents and attacks our systems could be vulnerable to. Then, we prioritize these risk by estimating impacts and how likely each risk is to occur. Finally, we establish and implement rules and requirements to follow, to mitigate.
PEER 2 : Least Privilege and Defense In Depth
I chose to discuss the principle of least privilege and defense in depth.
The principle of least privilege is one of the basic things a company can do to implement boundary security. It is the idea that an users should only have access to the resources that is needed so they can perform the duties that they are required to do. For instance, an Cashier should not have access to financial records. The Principle of least privilege reduces the risk of attackers gaining access to critical systems or sensitive data by compromising a low level user account.
On the other hand, Defense in Depth is about preventing access to the system. It is a series of layered defensive mechanisms to protect an organization’s assets. It the idea that if one line of defense is compromised, an additional layer exist as a backup. for example, if a hacker successfully in penetrates a network, defense in depth gives administrators time to launch countermeasures. To Protect the date from being compromised an antivirus software and firewall should be in place to block further entry.
PEER 3
I have identified some key terms that are associated with security from our textbook. Specifically focusing on chapter 2 section 6 (2.6), which explains how security controls are implemented in a system according to certain requirements. Security controls fall into three different categories:
Preventative: These are controls that block actions that violate security requirements. Most prefer to use these controls because they directly implement requirements.
Detective: These are controls that can detect violations of requirements so that admins, security officers, auditors, or investigators can see them. Some of these controls can only detect problems but can’t prevent them.
Corrective: These are controls that take measures to help restore the system. These types of controls are rarely used in information security.
These controls are further broken down into six categories to simplify the job of analyzing security threats. The categories are physical, mechanical, logical, functional, procedural, cryptographic. If you haven’t already, I would highly encourage all of you to read pages 82, 83, and 84 so that you can review the security controls in more depth! Also, please let me know if y’all have any tips to remember the security control categories!
[ad_2]
Testimonials
