.

Defense in Depth

Defense in Depth is a strategy that uses multiple layers of security to

protect systems and data. If one layer is bypassed or fails, others are still
there to defend.

Key Features:

 Self-Organizing: The system can adjust itself based on changes.

 Adaptive: Can respond to unexpected problems or attacks.

 Evolving: Updates over time to stay effective against new threats.

 Resilient: Recovers quickly after being attacked.

 Innovative: Uses new technologies and ideas to stay strong.

 Mission-Aligned: Matches the organization’s goals and purpose.

Segmentation is used to divide networks or systems into smaller parts, so if

one part is attacked, the others remain safe.

2. The CIA Triad (Confidentiality, Integrity, Availability)

This model is the foundation of information security.

a. Confidentiality

 Ensures that only authorized people can access the information.

 Protects data stored in computers, transferred across networks, or

printed on paper.

 Uses encryption, access controls, and classification (like "top

secret").

b. Integrity

 Keeps data accurate and trustworthy.

 Ensures that information hasn’t been changed by accident or by

hackers.

 Techniques include hashing, checksums, and digital signatures.

c. Availability

 Makes sure information and systems are ready to use when needed.
  Systems should work reliably and recover quickly from problems.

d. CIA Balance

 All three—confidentiality, integrity, and availability—must be balanced

depending on the type of system. For example, a medical system
might prioritize integrity and availability more than confidentiality.

3. Nonrepudiation and Authentication

a. Nonrepudiation

 Ensures that a person cannot deny their actions.

 Example: If someone sends a message and signs it digitally, they can't

claim they didn’t send it.

 Often uses digital signatures, smart cards, or biometrics.

b. Authentication

 Proves that a person is who they say they are.

 Can involve:

o Something you know (password)

o Something you have (ID card)

o Something you are (fingerprint or face)

4. IAAA – Identification, Authentication, Authorization,

Accountability

This framework helps control who gets access to what, and how they are
tracked.

a. Identification

 User claims an identity (e.g., typing a username).

b. Authentication

 Proves identity (e.g., password, security code, biometric scan).

c. Authorization
  Determines what actions or data the user is allowed to access.

 For example, a manager can view reports that regular staff cannot.

d. Accountability

 Keeps logs of actions taken by users.

 Helps in investigations and ensures users are responsible.

IAAA ensures that only the right people do the right things, and their
actions are traceable.

5. Assets, Threats, Vulnerabilities, Risks, and Controls

These five are the core elements of security and risk planning.

a. Assets

 Anything valuable to an organization: data, systems, employees,

services, etc.

b. Threats

 Potential dangers that can cause harm.

 Examples: hackers, natural disasters, system failures.

c. Vulnerabilities

 Weak points that threats can exploit.

 Examples: weak passwords, old software, unlocked doors.

d. Risks

 The chance that a threat will exploit a vulnerability and harm an asset.

 Risk = Threat × Vulnerability × Impact

e. Controls

 Tools or actions to reduce or eliminate risk.

 Types of controls:

o Administrative (policies, training)

o Technical (firewalls, encryption)

 o Physical (locks, guards)

Understanding and managing these help protect what matters most.

6. Privacy and Information Assurance

 Privacy means protecting personal or sensitive information from

misuse.

 It’s closely linked to confidentiality.

 Organizations are responsible for following laws and regulations to

protect data like medical records, financial data, or personal info.

 Failing to protect privacy can lead to legal issues and loss of trust.

7. Common Threats

Organizations face many threats every day. These include:

a. Human Errors

 Mistakes made by people: entering wrong data, misconfiguring

systems, etc.

b. Misconfigured Systems

 Improper settings that leave systems open to attacks.

c. Malware

 Harmful software like viruses, worms, spyware, and ransomware.

d. Natural Disasters

 Earthquakes, floods, fires that damage physical infrastructure.

e. Phishing

 Fake emails or messages that trick users into giving up login info.

f. Spam

 Unwanted messages that waste time and might carry malware.

g. Privacy Breaches

 Losing or leaking personal data of customers or employees.

h. Information Warfare

 Attacks by governments or organized groups meant to disrupt or steal

information.

Knowing these threats helps organizations prepare defenses and respond

quickly when problems occur.

8. Cryptology

Cryptology is the science of protecting information using codes.

Two parts:

 Cryptography: Creating codes to keep data safe (like encryption).

 Cryptanalysis: Breaking or analyzing those codes.

Cryptology helps in:

 Protecting data while storing or sending it.

 Making sure the data hasn’t been changed.

 Proving who sent or received the data.