A

Uploaded by

yoniman1352

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

4 views

A

Uploaded by

yoniman1352

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 4

1.

Countermeasures

 Definition: Strategies or technologies designed to mitigate or eliminate security threats.

 Examples:
o Preventive Measures: Firewalls, antivirus software, secure coding practices.
o Detective Measures: Intrusion Detection Systems (IDS), monitoring logs.
o Responsive Measures: Incident response plans, patches, and updates.
 Approaches:
o Proactive: Identifying vulnerabilities before exploitation (penetration testing).
o Reactive: Responding after detecting a security event (incident response).

2. Security Services

 Definition: High-level objectives to secure systems as per ISO/OSI standards.

 Primary Services:
1. Authentication: Verifies user identity.
2. Confidentiality: Protects data from unauthorized access.
3. Integrity: Ensures data remains unchanged.
4. Nonrepudiation: Prevents denial of actions.
5. Access Control: Regulates user permissions.
6. Availability: Guarantees system uptime.

3. Authentication

 Purpose: Ensures that users or systems are who they claim to be.
 Methods:
o Something You Know: Passwords, PINs.
o Something You Have: Tokens, smart cards.
o Something You Are: Biometrics (fingerprint, retina scans).
 Protocols:
o Kerberos: Ticket-based authentication.
o OAuth: Delegated authorization framework.
4. Data Confidentiality

 Purpose: Ensures information is not accessible by unauthorized parties.

 Implementation:
o Encryption:
 Symmetric (e.g., AES): Same key for encryption and decryption.
 Asymmetric (e.g., RSA): Public-private key pairs.
o Secure Channels: SSL/TLS for secure communication.
o Access Controls: Ensuring data is visible only to authorized users.

5. Access Control

 Purpose: Restricts access to systems or resources.

 Models:
o Role-Based Access Control (RBAC): Access based on roles.
o Discretionary Access Control (DAC): Owner grants permissions.
o Mandatory Access Control (MAC): Central authority defines rules.
 Techniques:
o Multi-factor Authentication (MFA).
o Attribute-Based Access Control (ABAC).

6. Data Integrity

 Purpose: Ensures that data remains unaltered and accurate.

 Techniques:
o Hashing: Creates a unique digest (e.g., SHA-256, MD5).
o Checksums: Verifies data using algorithms like CRC.
o Digital Signatures: Ensures data authenticity and integrity.
7. Nonrepudiation

 Purpose: Prevents denial of performed actions or communications.

 Techniques:
o Digital Signatures: Tied to a specific user via cryptographic keys.
o Audit Trails: Detailed logs of activities for accountability.
 Applications:
o Online transactions.
o Email integrity using protocols like S/MIME.

8. Availability Service

 Purpose: Ensures systems and data are available when needed.

 Challenges: Denial of Service (DoS) attacks, hardware failures.
 Solutions:
o Redundancy: Using backup systems or data replication.
o Load Balancing: Distributing traffic to multiple servers.
o Disaster Recovery: Plans for catastrophic failure.

9. Security Mechanisms (X.800)

 Definition: Techniques to enforce security services as per X.800 standards.

 Examples:
o Encapsulation: Using VPNs for secure communication.
o Cryptography: Ensuring confidentiality, integrity, and authenticity.
o Security Protocols: HTTPS, IPSec.

10. Relationship Between Security Services and Mechanisms

 Services: Define goals (e.g., data confidentiality).

 Mechanisms: Provide tools to achieve those goals (e.g., encryption).
 Example:
o Service: Data Integrity.
o Mechanism: Hashing algorithms to detect unauthorized changes.
11. Techniques

 Definition: Methods used to implement security.

 Categories:
o Cryptographic Techniques:
 Encryption (Symmetric and Asymmetric).
 Hashing (MD5, SHA-256).
o Network Techniques:
 Firewalls: Filters network traffic.
 Intrusion Prevention Systems (IPS): Blocks malicious activities.
o Software Techniques:
 Secure Coding: Avoiding vulnerabilities like SQL injection.
 Patching: Updating software to fix vulnerabilities.

12. Steganography

 Definition: Hiding data within non-obvious carriers like images, audio, or video.
 Techniques:
o Least Significant Bit (LSB) Method: Embedding data in the least significant bits
of an image’s pixels.
o Frequency Domain Techniques: Embedding data in imperceptible areas of
sound or images.
 Applications:
o Covert communication.
o Watermarking for digital copyright protection.

Business Directory - BSR Road, Ghaziabad
80% (10)
Business Directory - BSR Road, Ghaziabad
17 pages
SYO 701+Study+Guide
100% (1)
SYO 701+Study+Guide
176 pages
Lab Report PAM
No ratings yet
Lab Report PAM
6 pages
Detailed Notes on Security Concepts
No ratings yet
Detailed Notes on Security Concepts
5 pages
Chapter 7 Operating System Security
No ratings yet
Chapter 7 Operating System Security
5 pages
UNIT IV WEB APPLICATION SECURITY AND TECHNOLOGIES
No ratings yet
UNIT IV WEB APPLICATION SECURITY AND TECHNOLOGIES
34 pages
Security Mechanisms Techniques
No ratings yet
Security Mechanisms Techniques
8 pages
INS unit 1
No ratings yet
INS unit 1
8 pages
5-Privacy and security
No ratings yet
5-Privacy and security
12 pages
Unit 5. Recent Trends in Computer and Applications
No ratings yet
Unit 5. Recent Trends in Computer and Applications
11 pages
Chapter 1 PDF
No ratings yet
Chapter 1 PDF
49 pages
Imp
No ratings yet
Imp
85 pages
Cybersec 1 2
No ratings yet
Cybersec 1 2
7 pages
Introduction- Cyber-Attacks, Vulnerabilities, Defe...
No ratings yet
Introduction- Cyber-Attacks, Vulnerabilities, Defe...
2 pages
CNS
No ratings yet
CNS
52 pages
IT-Security-and-Cybersecurity-Reviewer
No ratings yet
IT-Security-and-Cybersecurity-Reviewer
5 pages
Module - 2 - CS701 - Information Security - Dr. M.selvam
No ratings yet
Module - 2 - CS701 - Information Security - Dr. M.selvam
30 pages
Network Security Essentials: Fourth Edition by William Stallings (Based On Lecture Slides by Lawrie Brown)
No ratings yet
Network Security Essentials: Fourth Edition by William Stallings (Based On Lecture Slides by Lawrie Brown)
31 pages
Cyber Security Full Portion(2)
No ratings yet
Cyber Security Full Portion(2)
44 pages
Chapter 1 2 AU
No ratings yet
Chapter 1 2 AU
80 pages
_Basic Security Concepts
No ratings yet
_Basic Security Concepts
4 pages
IFT 426 LECTURE NOTE
No ratings yet
IFT 426 LECTURE NOTE
15 pages
cn-notes (2)
No ratings yet
cn-notes (2)
76 pages
5k5 cs
No ratings yet
5k5 cs
6 pages
CIA Triad
No ratings yet
CIA Triad
3 pages
IS_Unit 1 (3)
No ratings yet
IS_Unit 1 (3)
15 pages
CYB_201 FINAL
No ratings yet
CYB_201 FINAL
79 pages
Untitled Document (2)
No ratings yet
Untitled Document (2)
3 pages
CourseWork2 CST3510 CyberSecurity Notes
No ratings yet
CourseWork2 CST3510 CyberSecurity Notes
4 pages
CCNA Sec 01
No ratings yet
CCNA Sec 01
11 pages
Network Security Notes CSTY9483
No ratings yet
Network Security Notes CSTY9483
4 pages
CompTIA Security+-1xd
No ratings yet
CompTIA Security+-1xd
80 pages
FALLSEM2022-23 CSI3002 ETH VL2022230103582 2022-08-01 Reference-Material-I
No ratings yet
FALLSEM2022-23 CSI3002 ETH VL2022230103582 2022-08-01 Reference-Material-I
48 pages
13 Mark
No ratings yet
13 Mark
23 pages
Cybersecurity Is The Practice of Protecting Computer Systems
No ratings yet
Cybersecurity Is The Practice of Protecting Computer Systems
3 pages
CompTIA Security Plus Study Notes
No ratings yet
CompTIA Security Plus Study Notes
80 pages
Fundamentals of Security
No ratings yet
Fundamentals of Security
47 pages
Risk Management
No ratings yet
Risk Management
10 pages
Introduction To Network Security
No ratings yet
Introduction To Network Security
34 pages
Seminarreport
No ratings yet
Seminarreport
10 pages
4
No ratings yet
4
4 pages
CISSP SUMMARY
No ratings yet
CISSP SUMMARY
4 pages
COMPUTER NETWORK UNIT 4 MODULE 1 2
No ratings yet
COMPUTER NETWORK UNIT 4 MODULE 1 2
35 pages
Security Threats & Vulnerabilities Module 5
No ratings yet
Security Threats & Vulnerabilities Module 5
4 pages
Cyber Security PDF
No ratings yet
Cyber Security PDF
14 pages
VAPT General Questions
No ratings yet
VAPT General Questions
9 pages
Sic
No ratings yet
Sic
8 pages
css answer
No ratings yet
css answer
17 pages
Lectures 4 - To - 6 Security Frameworks
No ratings yet
Lectures 4 - To - 6 Security Frameworks
25 pages
Computer Network Security
No ratings yet
Computer Network Security
46 pages
CHPT 4
No ratings yet
CHPT 4
9 pages
CHAPTER 1
No ratings yet
CHAPTER 1
31 pages
CNS - UNIT I
No ratings yet
CNS - UNIT I
30 pages
Symmetric Cipher Presentation
No ratings yet
Symmetric Cipher Presentation
39 pages
Isit
No ratings yet
Isit
36 pages
information security
No ratings yet
information security
23 pages
Chapter 01 Introduction)
No ratings yet
Chapter 01 Introduction)
20 pages
Sub:Network Security: UNIT-1
No ratings yet
Sub:Network Security: UNIT-1
40 pages
Chapter 1 Computer Security
No ratings yet
Chapter 1 Computer Security
22 pages
Basic Model for Network Security 2024-25
No ratings yet
Basic Model for Network Security 2024-25
8 pages
Network Security: Lecturer: Guled Yusuf Mihile
No ratings yet
Network Security: Lecturer: Guled Yusuf Mihile
20 pages
Security+ Boot Camp Study Guide
From Everand
Security+ Boot Camp Study Guide
Chad Russell
5/5 (1)
Vtu Syllabus 5th Sem
No ratings yet
Vtu Syllabus 5th Sem
18 pages
Ctia Cdma Test Plan Rev 4.0
No ratings yet
Ctia Cdma Test Plan Rev 4.0
63 pages
Tmt70-I TRG Revd
No ratings yet
Tmt70-I TRG Revd
118 pages
AppWall Implementation Plan V10 AppWall Verion 5 6
No ratings yet
AppWall Implementation Plan V10 AppWall Verion 5 6
7 pages
Zigbee Tutorial
No ratings yet
Zigbee Tutorial
9 pages
Andrew Smart Bias Tees
No ratings yet
Andrew Smart Bias Tees
1 page
MUCLecture 2022 2253163
No ratings yet
MUCLecture 2022 2253163
12 pages
6 Ports Antenna Datasheet
No ratings yet
6 Ports Antenna Datasheet
2 pages
Proprietary at Commands Manual
No ratings yet
Proprietary at Commands Manual
127 pages
User manual Neumann KH 120 II (English - 41 pages) (1)
No ratings yet
User manual Neumann KH 120 II (English - 41 pages) (1)
3 pages
SW Lab1
No ratings yet
SW Lab1
6 pages
Legit Config Haze
No ratings yet
Legit Config Haze
31 pages
The 6416D+ Users Guide and Quick Reference
No ratings yet
The 6416D+ Users Guide and Quick Reference
7 pages
VENICE 2U UserManualAdminConfig 3 en 1
No ratings yet
VENICE 2U UserManualAdminConfig 3 en 1
44 pages
G703 Interface Adapter IB40 201 7
No ratings yet
G703 Interface Adapter IB40 201 7
9 pages
Honywell HC30WB2R1-HC30WB5R1-Datasheet
No ratings yet
Honywell HC30WB2R1-HC30WB5R1-Datasheet
2 pages
Caretech Full Manual
No ratings yet
Caretech Full Manual
51 pages
Raised Cosine Filter
No ratings yet
Raised Cosine Filter
4 pages
ZXC10 BSSB RSSI Alarm Troubleshooting Guide R1 1
No ratings yet
ZXC10 BSSB RSSI Alarm Troubleshooting Guide R1 1
41 pages
Sr. Solutions Architect
No ratings yet
Sr. Solutions Architect
3 pages
SNMP
No ratings yet
SNMP
4 pages
BEM108 Operation Manual 20190916 PDF
No ratings yet
BEM108 Operation Manual 20190916 PDF
34 pages
Dot1q Tunnel
No ratings yet
Dot1q Tunnel
3 pages
Lte RanNokia Parameter Mapping
No ratings yet
Lte RanNokia Parameter Mapping
135 pages
07 July 1989
No ratings yet
07 July 1989
108 pages
CH 4 B P Lathi
No ratings yet
CH 4 B P Lathi
99 pages
PDF Document
No ratings yet
PDF Document
7 pages
Apna DTH
No ratings yet
Apna DTH
2 pages