1
Q
CIA Triad
A
- Confidentiality- keeping sensitive information hidden from those why shouldn’t have access
- Integrity- ensures information remains accurate and unaltered
- Availability- ensures information and systems are accessible when needed
- together these three principles work hand in hand to provide a strong foundation for information security
2
Q
Frameworks that help guide in creating Secure Systems
A
- NIST (National Institute of Standards and Technology)- think of NIST as a detailed guidebook for security
- provides a framework that helps organisations manage and reduce cybersecurity risks
- it’s like a step-by-step process for making sure your security practices are solid
- ISO/LEC- an international standard; if NIST is the guidebook, ISO/IEC is the globally recognised manual that organisations around the world follow to keep their data secure
- ensures that everyone is on the same page when it comes to best practices
3
Q
Building a Strong Defence (Defence in Depth)
A
- all about creating multiple layers of protection, so even if one layer is breached, the others can still hold strong
- first, you might start with a firewall as the outer layer, blocking unwanted traffic
- next, you add encryption to protect sensitive data from prying eyes
- then, you require MFA, making sure that even if someone gets through, they need more than just a password to access your systems
4
Q
Securing Devices: Mobile, Workstations, and loT
A
- whether you’re dealing with smartphones, workstations, or those smart devices we love, like smart fridges or thermostats, everything that connects to the internet needs to be protected
5
Q
Mobile Devices
A
- most important thing? Keep them updated! Those software updates you get? They often contain important security patches
- don’t forget to use strong passcodes and biometric authentication like fingerprints or face scans- it’s your first line of defence
6
Q
Workstations
A
- when it comes to workstations, security means installing antivirus software, enabling firewalls, and controlling who has access
- you also want to limit what can be plugged into the machine- USB drives can be a sneaky way to introduce malware
7
Q
IoT Devices
A
(smart light bulbs, thermostats, even your fridge)
- they’re all connected, and that means they need protection too
- always change the default passwords on these devices, and if possible, put them on a separate network from your primary devices to reduce risk if one of them gets compromised
8
Q
Authentication (Proving Who You Are)
A
- this is where MFA comes in- it’s no longer just about passwords
- first, there’s something you know- like a password or PIN
- next, there’s something you have- like a phone or security token that generates a one-time code
- finally, there’s something you are- biometrics like a fingerprint or facial recognition
- by combining these factors, you create an extra layer of security that makes it much harder for attackers to get through- even if someone steals your password, they’d still need that second factor to break in
9
Q
Authorisation: Deciding Who gets Access
A
- once you’ve authenticated someone, the next step is figuring out what they’re allowed to do; this is called authorisation- it’s about assigning roles and permissions to control who can access what
- regular users might only have access to certain files or systems
- admins, on the other hand, can modify or delete files, create new users, and control the overall system settings
- by carefully managing these roles, you reduce the risk of accidental or intentional misuse of important information
10
Q
Password Best Practices
A
- strong passwords are still one of the best ways to protect your accounts
- make sure your password is at least 12 characters long- the longer, the better
- use a mix of uppercase and lowercase letters, numbers, and symbols- avoid obvious things like your pet’s name or “password123.”
- consider using a password manager to keep track of everything- a lot easier than trying to remember dozens of unique passwords, and it ensures that you’re using strong, random combinations for each account
CompTIA Tech+
flashcards
Decks in class (44)
# Cards
-
Module 1.3- Computing Cycle4
-
Module 1.4- Units Of Measure4
-
Module 2.2- Computing Devices8
-
Module 2.3- Internal Components of a Computer10
-
Module 2.4- Types of Storage22
-
Module 2.5- Peripheral Devices & Installation6
-
Module 2.6- Virtualisation & Cloud Technologies13
-
Module 2.7- Common Internet Service Types13
-
Module 3.2- Principles of Computer Networking20
-
Module 3.3- Network Ports16
-
Module 3.4- Network Addresses and Identifiers17
-
Module 3.5- Network Models & Types13
-
Module 3.6- Networking Devices & Connectors17
-
Module 3.7- Small Wireless Networks21
-
Module 4.2- What is an Operating System?19
-
Module 4.3- Drivers, Applications, Tasks & System Services17
-
Module 4.4- File & Disk Management26
-
Module 4.5- Backup & Recovery21
-
Module 5.1- Common Software Applications12
-
Module 5.2- Productivity Software26
-
Module 5.3- Business & Enterpise Software16
-
Module 5.4- Managing Software31
-
Module 5.5- Trusted Software Sources23
-
Module 6.1- Introduction to Web Browsing16
-
Module 6.2- Browser Settings, Configuration & Maintenance19
-
Module 6.3- Secure Web Browsing19
-
Module 6.4- Protecting the Privacy23
-
Module 7.1- Introduction to Programming8
-
Module 7.2- Programming Tools26
-
Module 7.3- Programming Organisation & Logic Flows13
-
Module 7.4- Understanding Programming Language Categories14
-
Module 7.5- Code Maintenance- Version Control Systems & Branching16
-
Module 7.6- Fundamental Data Types & their Characteristics21
-
Module 8.1- Introduction to Databases & the Value of Data5
-
Module 8.2- Database Concepts & Structures11
-
Module 8.3- Working with Relational Databases12
-
Module 8.4- Database Operations & Access18
-
Module 8.5- Database Backup & Recovery13
-
Module 9.1- Basic Security Concepts & Strategies10
-
Module 9.2- Identifying Common Security Threats15
-
Module 9.3- Securing Devices & Networks15
-
Module 9.4- Security Tools & Software1
-
Module 9.5- Encryption & Data Protection15
-
Module 10.1- Impact & Use of AI19
