cybersecurity fundamentals

Understanding Security Fundamentals

In this chapter, we'll explore the core concepts of cybersecurity and establish a foundation for understanding security principles.

The CIA Triad

The three main principles of information security:

  1. Confidentiality
  2. Integrity
  3. Availability
graph TD
    A[CIA Triad] --> B[Confidentiality]
    A --> C[Integrity]
    A --> D[Availability]
    B --> E[Encryption]
    B --> F[Access Control]
    C --> G[Hashing]
    C --> H[Digital Signatures]
    D --> I[Redundancy]
    D --> J[Backup Systems]

Basic Security Concepts

Authentication vs Authorization

def login(username: str, password: str) -> bool:
    # Authentication: Verify identity
    user = authenticate_user(username, password)
    if not user:
        return False
    
    # Authorization: Check permissions
    if not user.has_permission('access_system'):
        return False
    
    return True

Encryption Basics

from cryptography.fernet import Fernet

# Generate key
key = Fernet.generate_key()
f = Fernet(key)

# Encrypt data
message = b"sensitive data"
encrypted = f.encrypt(message)

# Decrypt data
decrypted = f.decrypt(encrypted)

Threat Modeling

STRIDE Framework

  • Spoofing
  • Tampering
  • Repudiation
  • Information Disclosure
  • Denial of Service
  • Elevation of Privilege
def assess_threat(system_component: str) -> dict:
    threats = {
        'Spoofing': [],
        'Tampering': [],
        'Repudiation': [],
        'Information_Disclosure': [],
        'Denial_of_Service': [],
        'Elevation_of_Privilege': []
    }
    
    # Analyze each threat type
    return threats

Risk Assessment

Risk Calculation

def calculate_risk(likelihood: float, impact: float) -> str:
    risk_score = likelihood * impact
    
    if risk_score > 0.75:
        return "High Risk"
    elif risk_score > 0.25:
        return "Medium Risk"
    else:
        return "Low Risk"

Security Controls

Types of Controls

  1. Preventive
  2. Detective
  3. Corrective
# Example: File permission (Preventive Control)
chmod 600 sensitive_file.txt

# Example: Log monitoring (Detective Control)
tail -f /var/log/auth.log | grep "Failed password"

# Example: Backup restoration (Corrective Control)
tar -xzf backup.tar.gz

Network Security Basics

Port Scanning

# Basic port scan
nmap -sS -p 1-1000 192.168.1.1

# Service version detection
nmap -sV 192.168.1.1

Firewall Rules

# Allow incoming SSH
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# Block suspicious IP
sudo iptables -A INPUT -s 192.168.1.100 -j DROP

System Hardening

Password Policy

# Set password complexity requirements
sudo nano /etc/security/pwquality.conf

# Check password age
sudo chage -l username

Service Management

# List running services
systemctl list-units --type=service

# Disable unnecessary service
sudo systemctl disable unnecessary_service

Hands-on Exercise: Security Assessment

  1. System Analysis
# Check system information
uname -a
cat /etc/os-release

# List running processes
ps aux

# Check open ports
netstat -tuln
  1. Security Audit
# Check failed login attempts
grep "Failed password" /var/log/auth.log

# Review sudo usage
grep sudo /var/log/auth.log

# Check file permissions
ls -la /etc/passwd /etc/shadow
  1. Security Implementation
import hashlib
import os

def secure_password_storage(password: str) -> tuple:
    """Securely hash a password with salt."""
    salt = os.urandom(32)
    key = hashlib.pbkdf2_hmac(
        'sha256',
        password.encode('utf-8'),
        salt,
        100000
    )
    return salt, key

In the next chapter, we'll dive deeper into network security and explore common attack vectors and defenses.