Understanding Security Fundamentals
In this chapter, we'll explore the core concepts of cybersecurity and establish a foundation for understanding security principles.
The CIA Triad
The three main principles of information security:
- Confidentiality
- Integrity
- Availability
graph TD
A[CIA Triad] --> B[Confidentiality]
A --> C[Integrity]
A --> D[Availability]
B --> E[Encryption]
B --> F[Access Control]
C --> G[Hashing]
C --> H[Digital Signatures]
D --> I[Redundancy]
D --> J[Backup Systems]
Basic Security Concepts
Authentication vs Authorization
def login(username: str, password: str) -> bool:
# Authentication: Verify identity
user = authenticate_user(username, password)
if not user:
return False
# Authorization: Check permissions
if not user.has_permission('access_system'):
return False
return True
Encryption Basics
from cryptography.fernet import Fernet
# Generate key
key = Fernet.generate_key()
f = Fernet(key)
# Encrypt data
message = b"sensitive data"
encrypted = f.encrypt(message)
# Decrypt data
decrypted = f.decrypt(encrypted)
Threat Modeling
STRIDE Framework
- Spoofing
- Tampering
- Repudiation
- Information Disclosure
- Denial of Service
- Elevation of Privilege
def assess_threat(system_component: str) -> dict:
threats = {
'Spoofing': [],
'Tampering': [],
'Repudiation': [],
'Information_Disclosure': [],
'Denial_of_Service': [],
'Elevation_of_Privilege': []
}
# Analyze each threat type
return threats
Risk Assessment
Risk Calculation
def calculate_risk(likelihood: float, impact: float) -> str:
risk_score = likelihood * impact
if risk_score > 0.75:
return "High Risk"
elif risk_score > 0.25:
return "Medium Risk"
else:
return "Low Risk"
Security Controls
Types of Controls
- Preventive
- Detective
- Corrective
# Example: File permission (Preventive Control)
chmod 600 sensitive_file.txt
# Example: Log monitoring (Detective Control)
tail -f /var/log/auth.log | grep "Failed password"
# Example: Backup restoration (Corrective Control)
tar -xzf backup.tar.gz
Network Security Basics
Port Scanning
# Basic port scan
nmap -sS -p 1-1000 192.168.1.1
# Service version detection
nmap -sV 192.168.1.1
Firewall Rules
# Allow incoming SSH
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# Block suspicious IP
sudo iptables -A INPUT -s 192.168.1.100 -j DROP
System Hardening
Password Policy
# Set password complexity requirements
sudo nano /etc/security/pwquality.conf
# Check password age
sudo chage -l username
Service Management
# List running services
systemctl list-units --type=service
# Disable unnecessary service
sudo systemctl disable unnecessary_service
Hands-on Exercise: Security Assessment
- System Analysis
# Check system information
uname -a
cat /etc/os-release
# List running processes
ps aux
# Check open ports
netstat -tuln
- Security Audit
# Check failed login attempts
grep "Failed password" /var/log/auth.log
# Review sudo usage
grep sudo /var/log/auth.log
# Check file permissions
ls -la /etc/passwd /etc/shadow
- Security Implementation
import hashlib
import os
def secure_password_storage(password: str) -> tuple:
"""Securely hash a password with salt."""
salt = os.urandom(32)
key = hashlib.pbkdf2_hmac(
'sha256',
password.encode('utf-8'),
salt,
100000
)
return salt, key
In the next chapter, we'll dive deeper into network security and explore common attack vectors and defenses.