Principles of Security - TryHackMe Walkthrough скачать в хорошем качестве

Principles of Security - TryHackMe Walkthrough

Introduction:- The following room is going to outline some of the fundamental principles of information security. The frameworks used to protect data and systems to the elements of what exactly makes data secure. The measures, frameworks and protocols discussed throughout this room all play a small part in "Defence in Depth." Defence in Depth is the use of multiple varied layers of security to an organisation's systems and data in the hopes that multiple layers will provide redundancy in an organisation's security perimeter. Chapters:- 0:00 - Room Introduction 0:24 - The CIA Triad 1:24 - Principles of Privileges 4:21 - Security Models 7:17 - Threat Modelling & Incident Response Confidentiality, Integrity and Availability (CIA) Principles of Privileges:- Two key concepts are used to assign and manage the access rights of individuals, two key concepts are used: Privileged Identity Management (PIM) and Privileged Access Management (or PAM for short) Security Models:- The Bell-La Padula Model The Bell LaPadula Model is popular within organisations such as governmental and military. This is because members of the organisations are presumed to have already gone through a process called vetting. Vetting is a screening process where applicant's backgrounds are examined to establish the risk they pose to the organisation. Therefore, applicants who are successfully vetted are assumed to be trustworthy - which is where this model fits in. The Biba Model The Biba model is used in organisations or situations where integrity is more important than confidentiality. For example, in software development, developers may only have access to the code that is necessary for their job. They may not need access to critical pieces of information such as databases, etc. Threat Modelling & Incident Response:- STRIDE (Spoofing identity, Tampering with data, Repudiation threats, Information disclosure, Denial of Service and Elevation of privileges) An incident is responded to by a Computer Security Incident Response Team (CSIRT). It consists of following phases:- Preparation Identification Containment Eradication Recovery Lessons Learned Room Link:- https://tryhackme.com/room/principles...