CySA+
  • CySA+ CS0-002 Exam Objectives
  • Threat Intelligence Cycle
  • Intelligence Sources
  • Security Intelligence Sharing
  • Threat Classification and Threat Actors
  • Threat Research and Indicators of Compromise
  • Attack Frameworks and The Cyber Kill Chain
  • Defining Threat Modeling and Threat Hunting
  • Vulnerability Identification and Validation
  • Vulnerability Scan Results and CVSS Scores
  • Nmap and Enumeration
  • Security Controls
  • Defense in Depth Security Baselines
  • Security Trend Analysis
  • Remediation Issues
  • Asset, Change, and Configuration Management
  • Software Development Lifecycle & Development Models
  • Software Assessment and Code Review
  • Mitigating Attack Types Part 1
  • Mitigating Attack Types Part 2
  • Mitigating Attack Types Part 3
  • Password Cracking and Hashing
  • Privilege Escalation & Man-in-the-Middle
  • Network Based IoCs
  • Host Based IoCs
  • Network Architecture and Segmentation
  • Network Traffic, Packet, and Protocol Analysis
  • Pentesting and Active Defense
  • Firewalls
  • URL Analysis & DNS in Malware
  • Network Access Control and Port Security
  • Identity and Access Management (IAM)
  • Web Application Scanners
  • SSL/TLS Digital Certificate Management
  • Mobile Threats
  • Email Threats and Mitigation
  • Data Loss Prevention (DLP)
  • Endpoint Security and Behavior Analysis
  • Hardware Assurance
  • Blackholes and Sinkholes
  • IoT, Embedded Systems & ICS/SCADA Threats
  • Log Analysis & Continuous Security Monitoring
  • SIEM and Event Correlation
  • Malware Analysis
  • Cloud Models and Service Threats
  • Cloud Automation and Other Cloud Threats
  • VDI, Containers, and Microservices
  • CI/CD, IaC, DevOps
  • AI and Machine Learning
  • Digital Forensics
  • Technical Controls for Securing Data
  • Non-Technical Controls for Securing Data
  • Security Policies and Procedures
  • Continuity Planning and Risk Assessment
  • Incident Response Phases and Communication
Powered by GitBook
On this page

Technical Controls for Securing Data

  • Access Control

    • Access Control Lists (ACLs) with Access Control Entries (ACEs)

    • Network: routers, switches, firewalls

    • Files and folders: implemented in the filesystem

    • Least privilege

    • Context based ACLs

  • Windows:

    • Full control

    • Modify

    • Read and Execute

    • List folder contents

    • Read

    • Write

  • Windows Command Line: icacls

    • N – No access

    • F – Full access

    • R – Read only access

    • RX – Read and execute access

    • M – Modify access

    • W – Write access

    • D – Delete access

  • Linux permissions:

    • R – read

    • W – write

    • E – execute

  • Apply to 3 entities:

    • U – user or owner

    • G – group

    • O – others/rest of the world

  • Linux commands:

    • Chmod – changer permissions

    • Chown – Change Owner

  • Encryption Controls

    • Data at rest

    • Data in transit

    • Data in use

    • Encryption strength

    • Legal requirements

  • DLP – Data Loss Prevention

    • Classify data

    • Email

    • Web uploads

    • Personal mail

    • Instant message

    • Social Media

    • USB devices

  • De-identification Controls – Slightly altering data so that it can be shared safely, with no risks to privacy.

    • Data masking replacing patterns with XXX-XX-1234

    • Tokenization – replace data with random tokens

    • Aggregation/Banding – Replacing data with a broader range.

    • De-identification attacks – correlate incomplete sets of data to determine original data.

  • DRM – Digital Rights Management

    • Method for controlling distribution of data

    • Authorized players

    • Authorized viewers

    • Social DRM (Watermarking)

    • Online Checks

PreviousDigital ForensicsNextNon-Technical Controls for Securing Data

Last updated 2 years ago