This lab provides a cybersecurity professional with insights into common cybersecurity standards and practices. The ‘Identify Standard Security Practices’ lab is the fourth lab of Cybersecurity: Offensive Tools - Challenge Series. You will review scenarios around “The Three A’s of Security” concept, to test your knowledge about authentication, authorization, and auditing. You will dive into the concept of “The CIA Triad” and identify cases of confidentiality, integrity, and availability. Finally, you will learn additional standard security concepts, such as “The Principle of Least Privilege,” password security, vulnerabilities, and exploits.
Understand the scenario
You are a systems administrator responsible for analyzing security for your organization. You need to identify standard security practices by answering a series of scenario-based questions. In this challenge, you will test your general knowledge of security practices by answering some multiple-choice questions.
The Three As of Security:
The concept of “The Three A’s of Security” is foundational for any cybersecurity professional. In this lab, you will review several scenarios and determine which of the three principles: authentication, authorization, and auditing, are at play. This concept, also referred to as AAA of security, is essential for anyone involved with the implementation of cybersecurity best practices. Security and system administrators, as well as SOC analysts and penetration testers, should be well-trained in this foundational concept.
The CIA Triad:
The CIA Triad, or concept of Confidentiality, Integrity, and Availability, is the core purpose of the cybersecurity practice. Ensuring that a company’s data is protected, it can be trusted, and available when needed, is at the core of a security professional’s responsibility. In this section, you review scenarios where elements of the CIA Triad are displayed or lacking. You will have to identify the principle or choose which one should be implemented. These concepts are foundational to the role of a security administrator, penetration tester, and SOC analyst.
There is a multitude of security principles, standards, guidelines, and frameworks throughout every industry that employs IT solutions and capabilities. This section will help you learn more about the basic concepts as a foundation for future security learning. You will learn about the principle of least privilege, password security, password cracking tools, vulnerabilities, and zero-day exploits.
Lab Summary Conclusion:
In this virtual lab, you will learn insights into standard security concepts. You will discover the concepts of “The Three A’s of Security,” “The CIA Triad,” and other common principles that apply to most, if not all, cybersecurity professions. The scenario-based questions will allow you to explore your mastery of these foundational concepts. These skills are essential for anyone interested in a profession that involves the secure use of information technology.
Other Challenges in this series
- GUIDED CHALLENGE: Escalate Privileges in Linux
- ADVANCED CHALLENGE: Can You Enumerate Network Services by Using Port Scanning in Linux?