WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search






Table Of Contents  CertiGuide to Security+
 9  Chapter 0:  Read.Me

Previous Topic/Section
0.3  Security Tao
Previous Page
Pages in Current Topic/Section
1
Next Page
 0.5  Security Through Obscurity
Next Topic/Section

0.4  Security Checklist

Regardless of physical or network considerations the following points need to be addressed. They are:

  • Proof of identity (authentication).

  • Access permissions (authorization).

  • Eavesdropping prevention/encryption (confidentiality).

  • Protection of information from modification (integrity).

  • Proof of involvement (non-repudiation).

  • Connectivity between parties (availability).

An effective overall security plan addresses these six issues. Typically this requires a collection of resources. A single element may offer more than one attribute. For example, strong encryption of data addresses both confidentiality and integrity. Other methods must be used to satisfy the other factors.

Physical security should be modeled with the same principles. Consider a system involving access cards without connectivity. This makes checking a centralized database (authorization) or logging access (non-repudiation) difficult at best.

Later chapters of this book provide more information about the items on this checklist.

Non-technical users should got to the footnote for an article on how to choose a password23.


 __________________

23. http://www.infosecwriters.com/texts.php?op=display&id=112

Previous Topic/Section
0.3  Security Tao
Previous Page
Pages in Current Topic/Section
1
Next Page
 0.5  Security Through Obscurity
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.