ITF+ Security Notes

1. Basic Security Concepts

  • CIA Triad:
    • Confidentiality: Ensures only authorized users access data.
    • Integrity: Protects data from unauthorized changes.
    • Availability: Ensures systems and data are accessible when needed.
  • Authentication vs. Authorization:
    • Authentication: Verifying user identity (e.g., password).
    • Authorization: Granting access to resources based on identity.

2. Threats and Vulnerabilities

  • Malware:
    • Viruses: Attach to files and spread.
    • Worms: Self-replicating and spread independently.
    • Ransomware: Encrypts data until a ransom is paid.
    • Spyware: Collects user information without consent.
  • Phishing:
    • Fraudulent emails or messages tricking users into providing sensitive information.
  • Social Engineering:
    • Manipulating people into revealing confidential information (e.g., pretexting, baiting).

3. Authentication Methods

  • Passwords:
    • Use strong, complex passwords (e.g., at least 12 characters with symbols and numbers).
  • Biometrics:
    • Fingerprints, facial recognition, or iris scans.
  • Multifactor Authentication (MFA):
    • Combines two or more methods (e.g., password + fingerprint).

4. Encryption

  • Symmetric Encryption:
    • Uses one key for both encryption and decryption.
    • Example: AES (Advanced Encryption Standard).
  • Asymmetric Encryption:
    • Uses a pair of keys: public for encryption, private for decryption.
    • Example: RSA (Rivest–Shamir–Adleman).

5. Network Security

  • Firewalls:
    • Monitors and controls incoming/outgoing traffic based on security rules.
  • VPNs (Virtual Private Networks):
    • Encrypts internet connections for secure remote access.
  • Intrusion Detection and Prevention Systems (IDS/IPS):
    • IDS: Monitors network for suspicious activity.
    • IPS: Blocks detected threats automatically.

6. Browser Security

  • Secure Browsing Practices:
    • Always verify HTTPS for secure websites.
    • Avoid clicking on suspicious pop-ups or ads.
  • Browser Features:
    • Enable pop-up blockers and clear cookies regularly.
    • Use browser privacy modes like "Incognito."
  • Updates and Extensions:
    • Keep browsers updated to patch vulnerabilities.
    • Avoid installing unverified or unnecessary extensions.

7. Physical Security

  • Locks and Surveillance:
    • Secures physical access to devices and systems.
  • Secured Server Rooms:
    • Restricted access, temperature control, and fire protection.
  • Asset Management:
    • Keeping track of devices to prevent unauthorized use.

8. User Best Practices

  • Strong Passwords:
    • Avoid common passwords; use password managers.
  • Regular Updates:
    • Keep operating systems and applications patched.
  • Phishing Awareness:
    • Be cautious of unsolicited emails and verify links before clicking.

9. End-User Awareness and Training

  • Importance:
    • Educating users about security threats reduces risks.
  • Topics to Cover:
    • Identifying phishing attempts and malicious emails.
    • Proper handling of sensitive data.
    • Secure use of personal and work devices.
  • Training Methods:
    • Security awareness training sessions.
    • Simulated phishing tests.

10. Data Protection

  • Backup Strategies:
    • Perform regular backups; use offsite or cloud-based solutions.
    • Backup Types: Full, Incremental, Differential.
  • Disaster Recovery:
    • Ensure data recovery plans are tested and updated regularly.

11. Questions for Review

  1. How does asymmetric encryption differ from symmetric encryption?
  2. What is the role of firewalls and VPNs in network security?
  3. What are examples of phishing and social engineering attacks?
  4. Why is multifactor authentication (MFA) more secure than passwords alone?
  5. How does IDS differ from IPS in network monitoring and protection?
Previous

ITF+ Databases
Next

ITF+ Troubleshooting