Scribd
Upload
39 views

Task 1 Security

The document discusses several key cybersecurity concepts including authorization, authentication, encryption, access control, accounting, and current cybersecurity trends. Authorization determines what actions or resources a user can access and includes access control policies, authentication, and permissions. Authentication verifies a user's identity and can include password, biometric, or multi-factor authentication. Encryption scrambles data to protect its confidentiality and integrity using symmetric, asymmetric, or other encryption methods. Access control determines who can access what resources while accounting tracks and logs user activities for auditing, logging, and security information and event management. Current cybersecurity trends include ransomware, cloud security, AI/ML, IoT, identity management and remote work security challenges.

Uploaded by

palledeekshitha704
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
39 views

Task 1 Security

The document discusses several key cybersecurity concepts including authorization, authentication, encryption, access control, accounting, and current cybersecurity trends. Authorization determines what actions or resources a user can access and includes access control policies, authentication, and permissions. Authentication verifies a user's identity and can include password, biometric, or multi-factor authentication. Encryption scrambles data to protect its confidentiality and integrity using symmetric, asymmetric, or other encryption methods. Access control determines who can access what resources while accounting tracks and logs user activities for auditing, logging, and security information and event management. Current cybersecurity trends include ransomware, cloud security, AI/ML, IoT, identity management and remote work security challenges.

Uploaded by

palledeekshitha704
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Task-1

Security concepts
AUTHORIZATION
▪ Authorization refers to the process of determining what actions or resources a user is
permitted to access within a system or application

Importance :
▪ Prevent unauthorized access to sensitive data or resources

▪ Ensure Compliance with security policies and regulations

▪ Mitigate the risk of data branches or unauthorized actions

Key Components :
▪ Access control policies

▪ Authentication

▪ Permissions

▪ Authorization Mechanisms
AUTHENTICATION

▪ Definition : Authentication is the process of verifying the identity of a user or system, ensuring
that they are who they claim to be.
▪ Importance : Crucial in maintaining security and protecting sensitive information from
unauthorized access.
TYPES:
▪ Password-based: Relies on a secret password known only to the user.
▪ Biometric: Uses physical characteristics like fingerprints or facial features for identification.
▪ Multi-factor: Requires multiple forms of authentication ,such as a password combined with a
fingerprint scan or a security token.
▪ Example: Logging into an email account using a combination of a password and a verification
code sent to a mobile device.
▪ Takeaway: Strong authentication mechanisms are essential for safeguarding digital assets and
preventing unauthorized access.
ENCRYPTION

▪ It works by scrambling data into an unreadable format, called ciphertext, accessible only
to those with the decryption key. This ensures confidentiality, integrity, and authenticity of
data, protecting it from unauthorized access, alteration, or denial.
▪ Symmetric Encryption: AES (Advanced Encryption Standard), Twofish
▪ Asymmetric Encryption:RSA, Elliptic Curve Cryptography (ECC)
▪ Advantages:Enhanced data security and privacy. Ensures data integrity and prevents
alterations.
▪ Supports digital transformation initiatives. Facilitates compliance with regulations.
▪ Disadvantages:Ransomware risk, Key management challenges, Quantum computing
threat.
▪ Importance of Data Encryption:Protects Personal Privacy, Secures Financial Transactions,
Maintains Website Security, Combats Cyber Threats.
CYBER SECURITY CURRENT TRENDS

Navigating cybersecurity today involves understanding trends that shape our


digital defenses. From rising ransomware challenges to innovative security
approaches like Zero Trust.

• Ransomware attacks
• Cloud Security
• Artificial Intelligence and Machine Learning
• IoT
• Identity & Access Management
• Remote Work security

Shortage of skilled cybersecurity professionals continued to be a challenge,


highlighting the need for education & training programs to address the
growing demand for expertise in the field.
ACCESS CONTROL AND ACCOUNTING
Access Control :Access control is an essential element Accounting: Accounting in cybersecurity refers to the process of
of security that determines who is allowed to access tracking and logging the activities of users, systems, and applications
certain data, apps, and resources—and in what within a networked environment.
circumstances.​

Types of Access Controls :​
Attribute-based Access Control (ABAC)​ key aspects of accounting in cybersecurity:
Discretionary Access Control (DAC)​ Logging and Auditing
Mandatory Access Control (MAC)​ Event Logging
Role-Based Access Control (RBAC)​ Log Management
Break-glass Access Control​ Forensic Analysis
Rule-based Access Control Alerting and Notification
SIEM (Security Information and Event Management)
The value of access control :
Access control is a vital component of security strategy. By implementing robust accounting practices and leveraging
The goal of access control is to keep sensitive information advanced technologies such as SIEM solutions, organizations can
enhance their cybersecurity posture, improve incident detection and
from falling into the hands of bad actors
response capabilities, and demonstrate compliance with regulatory
requirements.

You might also like