More on this book
Community
Kindle Notes & Highlights
Started reading
February 19, 2020
Confidentiality, integrity, and availability together form the CIA security triad, a model used to guide security principles within an organization.
A use case describes a goal that an organization wants to achieve.
Confidentiality prevents the unauthorized disclosure of data.
Encryption scrambles data to make it unreadable by unauthorized personnel.
Identification, authentication, and authorization combined provide access controls and help ensure that only authorized personnel can access data.
Obfuscation methods attempt to make something unclear or difficult to understand.
Integrity provides assurances that data has not changed.
Digital signatures also provide non-repudiation.
Digital signatures require the use of certificates and a Public Key Infrastructure (PKI). Certificates include keys used for encryption and the PKI provides the means to create, manage, and distribute certificates.
Availability indicates that data and services are available when needed.
Risk is the possibility or likelihood of a threat exploiting a vulnerability resulting in a loss. A threat is any circumstance or event that has the potential to compromise confidentiality, integrity, or availability. A vulnerability is a weakness. It can be a weakness in the hardware, the software, the configuration, or even the users operating the system.
It’s important to realize that the control types (technical, administrative, and physical) and control goals (preventive, detective, corrective, deterrent, and compensating) are not mutually exclusive.
Virtualization allows multiple virtual servers to operate on a single physical server.
It provides increased availability with lower operating costs.
Additionally, virtualization provides a high level of flexibility when testing security controls, updates, and patches because they c...
This highlight has been truncated due to consecutive passage length restrictions.
In a persistent virtual desktop, each user has a custom desktop image. Users can customize them and save their data within the desktop. A drawback is the amount of disk space required on the server to support unique desktop images for all users.
VM escape is an attack that allows an attacker to access the host system from within the virtual system.
