Confidentiality
Definition: Preventing unauthorised disclosure of information.
Ensures only authorised individuals can access data.
Examples: Encryption, access controls (passwords, permissions).
Integrity
Definition: Ensuring information is accurate, complete, and uncorrupted.
Prevents unauthorised modification or destruction of data.
Examples: Hashing, digital signatures, version control.
Availability
Definition: Ensuring systems and data are accessible to authorised users when needed.
Protects against disruptions to service.
Examples: Redundancy, backups, DDoS mitigation.
Authentication
Definition: Verifying the identity of a user or system.
Proving you are who you claim to be.
Examples: Passwords, MFA (Multi-Factor Authentication), biometrics.
Authorisation
Definition: Determining what an authenticated user is permitted to do.
Granting specific access rights or permissions.
Examples: Role-Based Access Control (RBAC), file permissions (read/write).
Non-Repudiation
Definition: Ensuring a party cannot deny having performed an action.
Provides undeniable proof of origin or delivery.
Examples: Digital signatures, audit trails, logging.
-
Overview6
-
External Threats I: Social Engineering & Denial of Service12
-
External Threats Part II: Backdoor Mechanisms, IP Spoofing, and MITM Attacks11
-
External Threats III: SQL Injection & XSS10
-
External Threats IV: Types of Malware11
-
Internal Network Threats14
-
Anti-Malware, Firewalls, ACLs & IPS11
-
Human & Organisational Security Measures11
-
Foundations of Cryptography10
-
Public & Private Keys for Secure Communication7
-
Certificates, SSL/TLS & Best Practices11
-
SQL Syntax7
-
SQL Alter6
-
APP Principles13
-
APP prioritised5
