Security Models
grants specific users access to a broader set of resources than ordinary users.
privileged access security model
advocates granting users only the access they need to perform their job responsibilities.
least privilege security principle
assumes that no user or device can be trusted by default.
zero-trust architecture security model
refers to an organization's ability to withstand and recover quickly from cyber attacks.
Cyber resilience
a network device that regulates traffic based on predefined security rules.
firewall
the process of converting data into an unreadable format by using an encryption algorithm.
Encryption
the reverse process that uses an encryption key to restore encrypted data back to its original form.
Decryption
Confidentiality, Integrity, and Availability: these three principles form the foundation of the widely used model for developing effective security systems.
CIA Triad
keeping important information safe and secret.
Confidentiality
keeping data accurate and trustworthy.
Integrity
making sure that systems and services are always accessible and ready for use by the right people when needed.
Availability
refers to the measures and processes implemented to manage and mitigate security risks.
Control
relates to adhering to industry regulations, legal requirements, and organizational policies.
compliance
In a cloud model, the cloud service provider is responsible for securing the infrastructure, network, and physical facilities.
The customer is typically responsible for securing their data, applications, user access, and configurations.
responsibility
Cloud security allows organizations to easily scale their resources up or down based on demand.
scalability
a skilled manipulator is seeking to extract confidential system information from unsuspecting individuals.
social engineering
skillfully crafted and tailored emails that mimic authenticity to deceive their targets to collect personal details about you, your employees, or your students.
phishing attacks
malicious software, aiming to disrupt operations, inflict damage, or gain unauthorized access to computer systems.
malware
where crucial files are held hostage until a considerable ransom is paid.
ransomware
verifies the identity of users or systems that seek access and involves presenting unique credentials, such as passwords, physical tokens, or biometric data like fingerprints or voice recognition.
Authentication
determines what that user or system is allowed to do within the system.
authorization
create and manage user accounts, assign roles to users, grant and revoke permissions to resources, audit user activity, and monitor your security position.
Identity and Access Management (IAM)
a cyber attack that uses multiple compromised computer systems to flood a target with more traffic than it can handle, which causes a denial of service to legitimate users.
DDoS (distributed denial-of-service)
all about protecting your organization's data and systems in the cloud.
SecOps
refers to the legal concept that data is subject to the laws and regulations of the country where it resides.
Data sovereignty