Security fundamentals
Let's look at some of the security fundamentals in the following subsections.
Security principles
The IR team's members need to have a general understanding of the basic security principles, such as the following:
- Confidentiality
- Availability
- Authentication
- Integrity
- Access control
- Privacy
- Nonrepudiation
Security vulnerabilities and weaknesses
To understand how any specific attack is manifested in a given software or hardware technology, the IR team's members need to be able to first understand the fundamental causes of vulnerabilities through which most attacks are exploited. They need to be able to recognize and categorize the most common types of vulnerabilities and associated attacks, such as those that might involve the following:
- Physical security issues
- Protocol design flaws (for example, man-in-the-middle attacks or spoofing)
- Malicious code (for example, viruses, worms, or Trojan horses)
- Implementation flaws (for example, buffer overflow or timing windows/race...
