-
The 7 tenets of zero trust (NIST SP 800-207)
Read more: The 7 tenets of zero trust (NIST SP 800-207)The 7 tenets of zero trust provided in NIST SP 800-207, are an attempt to define what should be included in a zero trust architecture instead of what should be excluded. Several authors define zero trust in terms of what should be excluded, like perimeters. But these attempts, go back to the use of perimeters…
-
What is a next generation firewall (NGFW)?
Read more: What is a next generation firewall (NGFW)?A next generation firewall is a must-have in nowadays cybersecurity environments. NGFWs improve traditional firewalls in many ways, to improve network security. According to Gardner, “Next-generation firewalls (NGFWs) are deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall”. So, let’s start…
-
What is Zero Trust Architecture?
Read more: What is Zero Trust Architecture?Zero trust architecture (ZTA) provides us with tools and principles to increase security in enterprise networks. This effort becomes especially relevant nowadays with the increase in cybersecurity threats and attacks. A zero trust architecture assumes that an attacker is always present in the network and therefore, access to every resource is denied by default until…
-
What is the CIA Triad?
Read more: What is the CIA Triad?The CIA Triad is how computer security or cybersecurity experts refer to the concepts of Confidentiality, Integrity, and Availability altogether. These are major security goals in network security. Let’s see the definition of each concept and some examples. Definitions The main term related to the CIA Triad is Computer Security. Computer Security: Measures and controls…
-
What is the OSI security architecture?
Read more: What is the OSI security architecture?The Open System Interconnection (OSI) security architecture is a recommendation of the International Telecommunication Union which defines a systematic approach to define security requirements for a certain organization, as well as approaches to meet the aforementioned requirements. The OSI security architecture provides a general description of security services and mechanisms, as well as a description…
-
What is the OSI model and how important is it in networking?
Read more: What is the OSI model and how important is it in networking?Data Networking is a way of electronically moving data from one location to another location. From a high-level view, it includes several protocols interconnected to move the information from one device to another one and it also includes hardware. The Open Systems Interconnection (OSI) Model is a reference model that provides standardization to Data Networking.…
-
What is a security attack (with examples)?
Read more: What is a security attack (with examples)?A security attack is an activity or act made upon a system with the goal to obtain unauthorized access to information or resources. It is usually carried out by evading security policies that are in place in organizations or individual devices. Two definitions provided by RFC 4949 are: An intentional act by which an entity…
-
What is a Public Key Certificate?
Read more: What is a Public Key Certificate?A Public Key Certificate is a document. We can use it to share a public key directly with other users/people/services. It is also known as a digital certificate or identity certificate. Basically, a certificate tells someone else, that you own a certain public key. That public key can then be used to start a secure…
-
What is a Cryptographic Hash Function?
Read more: What is a Cryptographic Hash Function?A cryptographic hash function is an algorithm that has two main properties: it is a one-way function and is collision-free. As per function definition, it transforms one input into only one output. By one way function we mean that is computationally infeasible to find the input related to a given output. The best attack known…
-
What is an Intrusion Detection System (IDS) and how does it work?
Read more: What is an Intrusion Detection System (IDS) and how does it work?An Intrusion Detection System (IDS) is a security system that monitors computer systems and network traffic. It searches for malicious traffic that can represent attacks to the system or network. Also, it searches for systems or network misuse. The main goal of an IDS is to detect intrusions and/or react in real-time avoiding the intruder…
Just Cryptography
Learn Cryptography and Information Security