Exam Objectives 1.2
Summarize fundamental security concepts.
- Confidentiality, Integrity, and Availability (CIA): Safeguards data confidentiality, integrity, and accessibility
- Non-repudiation: Prevents denial of one’s actions, ensuring accountability
- Authentication, Authorization, and Accounting (AAA):
- Authenticating people: Verifies a person’s identity
- Authenticating systems: Using 802.1x devices are authenticated
- Authorization models: Controls access permissions
- Gap analysis: Helps you achieve the desired state security
- Zero trust: Principle of “never trust, always verify”
- Control plane: Manages and configures network devices and resources:
- Adaptive identity: Flexible approach to identity management
- Threat scope reduction: Reducing the attack surface
- Policy engine: Enforces rules and policies
- Policy administrator: Executes the policy engine’s decisions
- Policy-driven access control: Automating the enforcement of directives
...