Please enable JavaScript.
Coggle requires JavaScript to display documents.
9- CYBERSECURITY & PRIVACY - Coggle Diagram
9- CYBERSECURITY &
PRIVACY
1- the breadth of computer security work
NIST NICE framework
securely provision
protect and defend
operate and mantain
investigate
oversee and govern
collect and operate and analyze
analyze
2- attacking and what makes them possible
malware
keyloggers
rootkit
botnets
DDoS
stolen credentials
software vulnerabilities
buffer overflow
input validation flaw
cross site scripting
injection attack
SQL injection attack
misconfiguration, insider threat &
other types of threats
3- security properties and
types of adversaries
access control
authentication
(determining identity of the user
attempting to access the resource)
authorization
(granting access to a resource)
mechanism
policy
access controls models
ACLs
RBAC
ABAC, PBAC
federated identity
SSO
5- principles for building and operating
systems to be more secure
(Saltzer and Schroeder, 1975)
economy of mechanism
open design
complete mediation
least priviledge
multiple layers of defence
psychological acceptability
safe defaults