💡
A Blog
  • Welcome
  • PEN100
    • Basic Security Concepts
    • System Administration
    • Networking
    • Basic Scripting
  • Tools
    • Reconnaissance
    • Enumeration
    • Exploitation
  • Recommended Resources
    • Holding Page
    • Page 1
  • Useful Links
    • Pravinrp's OSCP Cheatsheet
    • Sushant747's Total OSCP Guide
    • Practical Ethical Hacking Mindmap
  • Machine WriteUps
    • Machine Name 1
Powered by GitBook
On this page

Was this helpful?

  1. PEN100

Basic Security Concepts

The CIA triad

CIA stands for Confidentiality, Integrity, and Availability.

A system is Confidential if the only people that can access it are the people explicitly permitted to access it.

A system has Integrity if the information and functionality it stores is only that which the owner intends to be stored.

A system is considered Available if the people who are supposed to access it are able to do so.

The Principle of Least Privilege

The Principle of Least Privilege expresses the idea that each part of a system should only be granted the lowest possible privileges that are needed to get their job done.

Open Security

A counter-intuitive principle which states that the security of a system should not depend on secrecy. Even if an attacker knows exactly how the system's security is implemented, the attacker should still be thwarted.

Defense in Depth: advocates for adding defenses to as many layers of a system as possible, so that if one is bypassed, another may still prevent full infiltration.

PreviousWelcomeNextSystem Administration

Last updated 3 years ago

Was this helpful?