Security Dose 28112023: Primary Goals & Objectives of Security Infrastructure
Security Dose 28112023: Primary Goals & Objectives of Security Infrastructure
In this Security Dose, we will talk about three primary goals and objectives of Security Infrastructure. Any security solution or policy that existed before, exists today, and will exist tomorrow, is evaluated against these three security goals. Not only the security solution but, every vulnerability is also evaluated based on these goals.
These goals are known as the CIA triad. The “C” stands for
Confidentiality, the “I” stands for Integrity, and the “A” stands for Availability.
Let’s talk about what are these, how these are affected, and what are the
countermeasures to protect these goals.
⚡⚡ Confidentiality📜
It is the concept of measuring scale to ensure the protection of the secrecy of a resource. The confidentiality goal is to protect the unauthorized access of critical information.
Threats to Confidentiality
Direct intentional attacks such
as man-in-middle, oversight of security policy, and misconfiguration of the security
controls are some of the scenarios that impact confidentiality.
Prevention
Confidentiality can be protected using strong encryption, strict access control, strong authentication procedures, data classification, tools, and training.
⚡⚡ Integrity📜
It is to protect the reliability and correctness of
the data. It prevents unauthorized modification of the data. It also prevents
unauthorized and intended activities i.e., man-in-middle attacks, Intrusions, viruses,
etc.
Threats to Integrity
There are many attacks that cause
integrity compromise these include viruses, unauthorized access, software code
errors, malicious modifications, backdoor entries, intentional unauthorized
modification, etc.
Prevention
The countermeasures to Integrity include strict access and authentication processes, IDS, Object/data encryption, hash verification, and extensive training.
⚡⚡ Availability📜
The concept is to ensure that the authorized
user gets uninterrupted access to the resource. It makes sure the resources are
protected against DoS attacks so that they are functional and available all the
time to authorized users.
Threats to Availability
The conditions like software/hardware failure, natural climatize, environmental issues like heat, power loss, static, and electricity issues), link failures, device distractions, etc. All these can be caused by human error, ineptitude, or misconfiguration of the device or software.
Prevention
The right deployment of the system/object, effective
implementation of access control, monitoring the performance of devices, DoS
prevention using firewalls or routers, implementation of the redundant critical systems,
implementation, maintenance, and testing of backup setup.
I hope you find this informative and useful.
- Security: Cisco ASA Vs Cisco FTD - The Network DNA
- Site-to-Site VPN: IPSEC Tunnel Between an ASA and a Cisco IOS Router
- Cisco Security: Cisco ASA 5505 Interfaces configuration for Access Ports
- Cisco Security: Cisco ASA 5505 Interfaces configuration for Trunk Port
- Cisco ASA Series 1: Restoring the ASA to Factory Default Configuration
- Cisco ASA Series 2: Configuring NAT
- Cisco ASA Series 3: Easy VPN Remote
- Cisco ASA Series 4: Configuring VLANs and Sub interfaces
- Cisco ASA Series 5: Configuring Threat Detection
- Site to Site IPSec VPN Tunnel between Cisco ASA and Palo Alto Firewalls
