The CIA Triad

www.f5.com

Security objectives may be seen from different perspectives, but every security measure must achieve one of three goals, the three principles of security: confidentiality, integrity, and availability (CIA), often referred to as the CIA triad.

Most of the security violations fall into at least one of these concepts and understanding each one of them is critical in order to prevent attacks and protect our systems.


Confidentiality

The ISO 2700 standard provides a good definition of confidentiality as “the property that information is not made available or disclosed to unauthorized individuals, entities, or processes.

Protecting confidentiality means providing adequate techniques to make sure that data is only accessed by allowed individuals. Depending on the type of information, more sensitive information requires a higher level of confidentiality.

Here are some examples of sensitive data:
  • Personal information
  • Account passwords
  • Credit card account information
  • Social security numbers
  • Military secrets
Confidentiality can be protected in several ways, one is to encrypt data before it is sent out over the network, or perhaps the use of VPN tunnels while data is in motion; another method to protect data from being accessed by unauthorized individuals is to use separate networks for confidential data.


Integrity

Integrity is the capability to ensure that the data has not been altered or changed from its original form; meaning that we are confident that the data arrives as it was sent.

Integrity applies not only to data but also to systems. For instance, if a threat actor changes the configuration of a server, firewall, router, switch, or any other infrastructure device, it is considered that he or she impacted the integrity of the system.[1]

An example of a system integrity violation is malware that deletes or corrupts system files required to boot the computer so it can cause a denial-of-service attack; errors such as programming errors i.e. bugs can also present an integrity violation; an attacker can also use an IoT modified device to send altered packets to a victim’s machine causing a denial-of-service condition.

An access control list (ACL) is an example of a control that helps to provide integrity. Another example is the generation of hash values that can be used to validate data integrity.[2]


Availability

Availability means ensuring that data is accessible when and where it is needed. Only individuals who need access to data should be allowed access to that data.[2]

Protecting availability is very critical in the IT industry; Low availability in an IT company such as ISPs (Internet Service Providers like Orange) is very beneficial to all concurrence, these companies will gain customers and money from its rival losses.

The most common attack facing availability is a denial of service attack (DOS).


Reference

[1] Omar Santos. CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide. 1st edition. 2020.
[2] McMillan and Troy. CCNA Security Study Guide: Exam 210-260. 2nd edition. 2018.


Comments

Post a Comment

Popular posts from this blog

OpenVas: Vulnerability Scanning | Installation Guide

Image
  Introduction: OpenVAS is a vulnerability scanner that analyzes endpoints and web apps to uncover and detect flaws. Corporations frequently employ it as part of their mitigation strategies to initially identify any weaknesses in their operational or testing servers and apps. This isn't an ultimate solution, but it can assist in the elimination of any common weaknesses that may have sneaked through the gaps. Installation: There are three methods to install GreenBone openVas: 1- Install from Kali/OpenVas repositories:  This way varies in difficulty because of the needed configurations, you can simply install it with apt. sudo apt-get update -y &&  sudo apt-get upgrade -y &&  sudo apt-get dist-upgrade -y sudo apt-get install openvas sudo gvm-setup sudo gvm-check-setup 2- Install from source (Manually): This way is not the best for beginners due to prerequisite installations and error handling can be challenging. github.com/greenbone/openvas-scanner 3- R...
Read more

Nmap | TryHackMe Walkthrough

Image
  An in-depth look at scanning with Nmap, a powerful network scanning tool. This room was created by DarkStar  and  MuirlandOracle , as it provides a great way to learn and start practicing nmap. I encourage you to give it a try by yourself since the hands-on practice will give you more understanding of the topic (take advantage of the manual page man nmap ). Task2: What networking constructs are used to direct traffic to the right application on a server? Ports How many of these are available on any network-enabled computer? 65535 [Research] How many of these are considered "well-known"? (These are the "standard" numbers mentioned in the task) 1024 Task3: What is the first switch listed in the help menu for a 'Syn Scan' (more on this later!)? -sS Which switch would you use for a "UDP scan"? -sU If you wanted to detect which operating system the target is running on, which switch would you use? -O Nmap provides a switch to detect the version of the...
Read more

Wireshark for Security Analysis | Customization & Common features

Image
1/ Introduction What is Wireshark? Wireshark is a network packet analyzer. A network packet analyzer presents captured packet data in as much detail as possible. You could think of a network packet analyzer as a measuring device for examining what’s happening inside a network cable, just like an electrician uses a voltmeter for examining what’s happening inside an electric cable (but at a higher level, of course). In the past, such tools were either very expensive, proprietary, or both. However, with the advent of Wireshark, that has changed. Wireshark is available for free, is open source, and is one of the best packet analyzers available today.  wireshark.org/docs/ Some intended purposes Here are some reasons people use Wireshark: Network administrators use it to troubleshoot network problems Network security engineers use it to examine security problems QA engineers use it to verify network applications Developers use it to debug protocol implementations People use it to learn n...
Read more