ISC 2
CERTIFIED IN CYBER-SECURITY
14TH FEBRUARY 2023
1. CIA TRIAD
- Confidentiality
- Integrity
� - Availability
2
� 2. Authentication
Methods of Authentication
3
� 3. Non-Repudiation
4. Privacy
SHORT TEST / SUMMARY OF ABOVE:
4
� UNDERSTAND THE RISK
MODULE 2:
MANAGEMENT PROCESS
1. Risk Management Terminology:
5
� 2. Threat
6
� 3. Vulnerability: A vulnerability is an inherent weakness or flaw in a system
or component, which, if triggered or acted upon, could cause a risk event to
occur. Consider the pickpocket scenario from below.
An organization’s security team strives to decrease its vulnerability. To do so, they view
their organization with the eyes of the threat actor, asking themselves, “Why would we
be an attractive target?” The answers might provide steps to take that will discourage
threat actors, cause them to look elsewhere or simply make it more difficult to launch an
attack successfully. For example, to protect yourself from the pickpocket, you could
carry your wallet in an inside pocket instead of the back pant pocket or behave alertly
instead of ignoring your surroundings. Managing vulnerabilities starts with one simple
step: Learn what they are.
4. Likelihood:
5. Risk Identification:
7
� 6. Risk Assessment:
7. Risk Treatment:
8
� - Avoidance: Risk avoidance is the decision to attempt to eliminate the risk
entirely. This could include ceasing operation for some or all of the
activities of the organization that are exposed to a particular risk.
Organization leadership may choose risk avoidance when the potential
impact of a given risk is too high or if the likelihood of the risk being
realized is simply too great.
- Risk acceptance: is taking no action to reduce the likelihood of a risk
occurring. Management may opt for conducting the business function that
is associated with the risk without any further action on the part of the
organization, either because the impact or likelihood of occurrence is
negligible, or because the benefit is more than enough to offset that risk.
- Risk Mitigation: Risk mitigation is the most common type of risk
management and includes taking actions to prevent or reduce the
possibility of a risk event or its impact. Mitigation can involve remediation
measures, or controls, such as security controls, establishing policies,
procedures, and standards to minimize adverse risk. Risk cannot always be
mitigated, but mitigations such as safety measures should always be in
place.
- Risk Transference: Risk transference is the practice of passing the risk to
another party, who will accept the financial impact of the harm resulting
from a risk being realized in exchange for payment. Typically, this is an
insurance policy.
8. Risk Priorities:
9
�# Module 3: Understand Security Controls
Security Controls:
Physical Controls:
Technical Controls:
Administrative Controls:
10
�Governance Elements:
Code Of Conduct:
11
�12
�CHAPTER 2: Incident Response, Business Continuity
and Disaster Recovery Concepts
Module 1: Incident Response:
Breach:
EVENT: Any observable occurrence in a network or system
Exploit: A particular attack. It is named this way because these attacks
exploit system vulnerabilities.
Incident: An event that actually or potentially jeopardizes the confidentiality,
integrity or availability of an information system or the information the system
processes, stores or transmits.
Intrusion: A security event, or combination of events, that constitutes a
deliberate security incident in which an intruder gains, or attempts to
gain, access to a system or system resource without authorization.
Threat: Any circumstance or event with the potential to adversely impact
organizational operations (including mission, functions, image or
reputation), organizational assets, individuals, other organizations or the
13
�nation through an information system via unauthorized access,
destruction, disclosure, modification of information and/or denial of
service.
Vulnerability: Weakness in an information system, system security
procedures, internal controls or implementation that could be exploited
by a threat source.
Zero Day: A previously unknown system vulnerability with the potential of exploitation
without risk of detection or prevention because it does not, in general, fit recognized
patterns, signatures or methods.
The Goal of Incident Response:
Components of Incident Response:
Preparation:
14
�Detection and Analysis:
Containment:
Post-Incident Activity:
15
�16
� MODULE 2: THE IMPORTANCE OF BUSINESS
CONTINUITY
THE IMPORTANCE OF BUSINESS
CONTINUITY
17
�MODULE 3: UNDERSTAND DISASTER RECOVERY
(DR)
MODULE 4: SUMMARY
18
�19
�Chapter 3: Access Control
Concepts
Module 1: Access Control Concepts:
Security Control:
CONTROL ASSESSMENT:
<PENDING>
DEFENCE IN DEPTH:
20
�21
�Examples of least privilege:
PRIVILEGED ACCESS MANAGEMENT:
22
�Privileged Accounts:
<PENDING OTHER>
SEGREGATION OF DUTIES:
23
�AUTHORIZATION VS UNAUTHORIZATION:
24
�MODULE 2: PHYSICAL SECURITY CONTROLS:
TYPES OF PHYSICAL CONTROLS:
25
�26
�MONITORING:
27
�MODULE 3: Logical Access Controls:
Discretionary access control (DAC) :
28
�29
�MANDATORY ACCESS CONTROL (MAC)
30
�Chapter 4: Network Security
Starting with basic knowledge like Network, Switch, Hub,
Firewall
31
�32
�OSI (OPEN SYSTEM INTERCONNECTION) MODAL:
33
�TCP/IP:
34
�IPv4 and IPv6:
35
�36
�WIFI:
37
�SECURE PORTS:
38
�39
�40
�41
�42
�MODULE 2: NETWORK (CYBER) THREATS:
TYPES OF THREATS:
43
�44
�IDS (INTRUSION DETECTION SYSTEM):
45
�PREVENTING THREATS:
46
�47
�48
�MODULE 3: UNDERSTAND NETWORK SECURITY INFRA:
49
�50
�51
�52
�53
�54
�55
�56
�NETWORK DIAGRAM:
57
�58
�59
�60
�61
�62
�63
�CHAPTER 5: Security Operations:
Module 1: Understand Data Security:
Data handling:
64
�Their Meaning:
65
�66
�67
�68
�69
�70
�ENCRYPTION OVERVIEW:
71
�72
�73
�74
�75
�76
�77
�78
�79
�80
�MODULE 3: Best Practice Security Policies:
81
�82
�83
�84
�MODULE 4: SECURITY AWARENESS TRAINING:
85
�86
�87
�88
