Exam Objectives 1.2

Summarize fundamental security concepts.

• Confidentiality, Integrity, and Availability (CIA): Safeguards data confidentiality, integrity, and accessibility
• Non-repudiation: Prevents denial of one’s actions, ensuring accountability
• Authentication, Authorization, and Accounting (AAA):
  • Authenticating people: Verifies a person’s identity
  • Authenticating systems: Using 802.1x devices are authenticated
  • Authorization models: Controls access permissions
• Gap analysis: Helps you achieve the desired state security
• Zero trust: Principle of “never trust, always verify”
• Control plane: Manages and configures network devices and resources:
  • Adaptive identity: Flexible approach to identity management
  • Threat scope reduction: Reducing the attack surface
  • Policy engine: Enforces rules and policies
  • Policy administrator: Executes the policy engine’s decisions
  • Policy-driven access control: Automating the enforcement of directives
...