Video Description

This lesson covers the core security requirement which are confidentiality, integrity and availability. Regarding confidentiality, there are overt types (cryptography and masking) and covert types (steganography) as well as states of data. Participants also learn about examples of confidentiality requirements such as masking password and other sensitive fields and how the use of insecure File Transfer Protocols (FTP) should not be allowed. On the topic of integrity, participants learn about system integrity and data integrity as well as integrity requirements such as input validation. Finally, this lesson covers the concept of availability, which is about providing timely access to resources. Participants learn about examples of availability requirements such as access and functionality of software. Also discussed in this session is authenticity, which is identifying an entity's identity claim and as well as authorization and accountability.

Course Modules

ISC2 CISSP - Archive