Scribd
Upload
4 views2 pages

Cybersecurity and Operating Systems Management - Pumbayabaya, Zainal T. (Lesson 2)

The document outlines core security concepts essential for protecting data, systems, and networks, focusing on confidentiality, integrity, availability, authentication, and authorization. Confidentiality ensures sensitive information is only accessible to authorized parties, while integrity maintains data consistency and availability ensures systems are usable when needed. Authentication and authorization work together to validate identities and determine access rights, forming the foundation of effective cybersecurity practices.

Uploaded by

bERU fekar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
4 views2 pages

Cybersecurity and Operating Systems Management - Pumbayabaya, Zainal T. (Lesson 2)

The document outlines core security concepts essential for protecting data, systems, and networks, focusing on confidentiality, integrity, availability, authentication, and authorization. Confidentiality ensures sensitive information is only accessible to authorized parties, while integrity maintains data consistency and availability ensures systems are usable when needed. Authentication and authorization work together to validate identities and determine access rights, forming the foundation of effective cybersecurity practices.

Uploaded by

bERU fekar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Pumbayabaya, Zainal T.

Cybersecurity and Operating Systems Management

Term 5.1, AY 2024-2025

Core security concepts are basic principles meant to safeguard data, systems, and networks from
unauthorized access, misuse, and damage. They hold significance for the purposes of ensuring confidentiality,
integrity, and availability of information in a digital world. Next are the basics of core security concepts:

1. Confidentiality

Confidentiality ensures sensitive information is accessible to only the authorized persons and parties. It
safeguards data from unauthorized access or interference by restricting unauthorized access to data, helping
in maintaining their privacy and secrecy. Techniques used include encryption and access control. For example,
encrypting a file ensures that even if one intercepts it, it cannot be read without the decryption key.

2. Integrity

Integrity ensures that data is consistent and unchanged. It's either in storage or on transit. The information
should not be altered by third parties. Hashing and digital signatures are methods to verify the integrity of
data by pointing out a unique fingerprint from the data, thus enabling the recipient to confirm if data is
altered.

3. Availability

Availability is a principle that seeks to ensure that information and systems are available and usable when
required. This principle calls for maintenance of hardware and software, providing redundant systems, and
preparing against system failures. The techniques for achieving availability include making backups,
formulating disaster recovery plans, and load balancing so that the system is capable of withstanding periods
of unavailability and other types of attacks, such as DDoS attacks.

4. Authentication

Authentication is the process of validating the identity of users, devices, or systems. It makes sure that only
authorized individuals are allowed to access specific resources. Common authentication methods include
**passwords**, **biometric scans**, and **multi-factor authentication (MFA)**, which adds an additional
layer of security.

5. Authorization

Authorization determines exactly what actions authenticated users are granted access to see or do and what
resources have access. A user is subsequently authorized to action only those of which they could be allowed
following authentication, their role, and permission level determining this. There is usually handling through
**RBAC**.

Together, authentication and authorization establish the foundation under which cybersecurity principles
help organizations control access to any information and asset.

You might also like