3/4/25, 10:39 AM UNIT 1

UNIT 1
Data is raw, unorganized facts or values, like numbers or words.
Information is processed, organized, and meaningful data that you can use to make
decisions.
For example:

• Data: "10, 20, 30"

• Information: "The temperatures today were 10°C, 20°C, and 30°C."

What is information security?

Information Security (InfoSec) is the practice of protecting information from

unauthorized access.
Components of Information Security:
The CIA Triad is the core principle of information security

• Confidentiality: Ensures data is kept private and accessed only by authorized

individuals. Techniques include encryption, access control, and authentication.

• Integrity: Ensures data remains accurate, consistent, and unaltered during

storage or transmission. Techniques include hashing and checksums.

• Availability: Ensures data and systems are accessible to authorized users when
needed. Techniques include backup systems, redundancy, and DDoS protection.
Additional Characteristics of information Security:
1. Authenticity: Ensures that the information is genuine and comes from a trusted
source.

• Example: Using digital signatures to verify that a document was sent by the
right person.
2. Accountability: Ensures that every action or change in a system can be traced
back to a specific person or system.

• Example: Keeping logs of who accessed or modified a file and when.

3. Non-repudiation: Prevents someone from denying that they performed an
action, like sending a message or signing a document.

• Example: A secure online transaction where both parties have proof of the
exchange.

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 1/12
3/4/25, 10:39 AM UNIT 1

4. Privacy: Ensures that personal or sensitive information is kept confidential and

only accessible to those who need it.

• Example: Encrypting customer data in a database to protect it from

unauthorized access.

Methods to Secure Information:

1. Encryption: Turning data into a code that only authorized people can read,
making it unreadable to anyone who doesn’t have the decryption key.

• Example: Encrypting emails so only the recipient can read the message.
2. Access Control: Setting permissions to restrict who can access certain data or
systems. It ensures that only authorized users can view or modify sensitive
information.

• Example: Using a password to lock your phone so only you can open it.
3. Firewalls: Software or hardware that monitors and controls incoming and
outgoing network traffic based on security rules. It helps block harmful traffic
and unauthorized access to a network.

• Example: A firewall stopping malicious websites or hackers from accessing

your computer.
4. Antivirus Software: Programs designed to detect, prevent, and remove malicious
software (malware) from your system.

• Example: Antivirus software scanning files and stopping viruses from

infecting your computer.

NSTISSC Security Model

The NSTISSC Security Model, also known as the McCumber Cube, is a framework
developed by the National Security Telecommunications and Information Systems
Security Committee (NSTISSC) to guide comprehensive information security. It
extends the CIA triad (Confidentiality, Integrity, Availability) by considering
additional dimensions of security.
The Model Has Three Dimensions:

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 2/12
3/4/25, 10:39 AM UNIT 1

1. Information Security Objectives (CIA Triad):

• Confidentiality: Protecting information from unauthorized access.

• Integrity: Ensuring information is accurate and unaltered.

• Availability: Making information accessible when needed.

2. Information States (Where Security is Applied):

• Storage: Data at rest (e.g., files on a hard drive).

• Processing: Data in use (e.g., calculations, editing).

• Transmission: Data in transit (e.g., emails, network communication).

3. Security Countermeasures (How Security is Achieved):

• Policy: Rules and regulations for maintaining security.

• Technology: Tools and systems like firewalls, encryption, etc.

• Education: Training people to follow security practices.

How It Works:
The model forms a cube, with each axis representing one of the dimensions. By
analyzing all intersections, you can ensure that every aspect of information security is
addressed.

Evaluate how to secure each state of information for each security objective using
one or more security countermeasures.
This forms 27 intersections (3 objectives × 3 states × 3 countermeasures).
You evaluate each combination of these dimensions. For example:

• Confidentiality (Objective) for Data in Storage (State) using Policy

(Countermeasure)

Information system (IS)

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 3/12
3/4/25, 10:39 AM UNIT 1

An information system (IS) is a system designed to collect, process, store, and

distribute information to support decision-making, coordination, analysis, and
control in an organization.
Components of an Information System:
1. Hardware:

• Physical devices and equipment that make up the system.

• Examples: Computers, servers, printers, storage devices, and networking

hardware like routers and switches.

• Role: Provides the infrastructure for data processing and communication.

2. Software:

• Programs and operating systems used to manage and process data.

• Examples: Applications (e.g., Microsoft Office, ERP systems), operating

systems (e.g., Windows, Linux), and database management systems (e.g.,
MySQL).

• Role: Transforms data into actionable information and automates tasks.

3. Database:

• Organized collections of data that can be easily accessed, managed, and

updated.

• Examples: SQL databases, NoSQL databases, and data warehouses.

• Role: Stores and retrieves data efficiently to support decision-making and

operations.
4. People:

• Users who interact with the system, including IT staff and end-users.

• Examples: Database administrators, developers, system analysts, and

customers.

• Role: Ensure the system is used correctly and effectively to meet

organizational goals.

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 4/12
3/4/25, 10:39 AM UNIT 1

5. Network:

• Connections that enable data sharing and communication between devices

and systems.

• Examples: Local Area Networks (LAN), Wide Area Networks (WAN), and the
Internet.

• Role: Facilitates communication and data exchange, linking all components

together.
How They Work Together:

• Hardware runs the software, which processes data stored in the database.

• People use the system to input and retrieve information.

• The network ensures seamless communication and access across all parts of the
system.
These components collectively form the backbone of any information system,
ensuring it functions efficiently and meets organizational needs.
Example: Online Shopping Platform (e.g., Amazon, Flipkart)

• A customer browses products on their device (hardware) using the app or

website (software).

• The system retrieves product details from the database.

• The network connects the customer to the backend servers and processes
payments securely.

Securing the Components of an Information System

To ensure the safety and reliability of an information system, each component must
be protected with specific security measures.
1. Hardware Security
Protects physical devices from theft, damage, or unauthorized access.
Measures:

• Physical Security: Lock servers in secure rooms and use surveillance cameras.

• Device Authentication: Use hardware locks or biometric devices.

• Maintenance: Regularly update hardware firmware to fix vulnerabilities.

• Redundancy: Use backup devices and power supplies to prevent downtime.

2. Software Security

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 5/12
3/4/25, 10:39 AM UNIT 1

Ensures that applications and systems are protected from vulnerabilities and
malicious activities.
Measures:

• Patching and Updates: Keep software updated to address known vulnerabilities.

• Access Controls: Use role-based permissions to limit access to critical software.

• Application Security: Conduct regular vulnerability testing and code reviews.

• Anti-Malware: Install antivirus and anti-spyware tools.

3. Database Security
Protects the data stored in the system from unauthorized access and corruption.
Measures:

• Encryption: Encrypt sensitive data both at rest and in transit.

• Access Management: Implement strong authentication and limit user

permissions.

• Data Backup: Schedule regular backups to prevent data loss.

• Audit Logs: Maintain logs to monitor and track database activities.

4. People Security
Prevents social engineering attacks and insider threats.
Measures:

• Training and Awareness: Educate employees about phishing, password security,

and safe practices.

• Access Policies: Ensure only authorized personnel can access sensitive systems.

• Background Checks: Verify the trustworthiness of employees handling critical

systems.

• Accountability: Implement logging to track individual actions.

5. Network Security
Safeguards data as it moves across the system.
Measures:

• Firewalls: Block unauthorized traffic and prevent external threats.

• Encryption: Secure data in transit using protocols like SSL/TLS.

• Intrusion Detection/Prevention Systems (IDS/IPS): Monitor and prevent

suspicious network activity.

• VPNs: Use virtual private networks for secure remote access.

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 6/12
3/4/25, 10:39 AM UNIT 1

• Network Segmentation: Isolate sensitive parts of the network to reduce risk.

Example: Online Shopping System
1. Hardware: Store servers in secure data centers with access control.
2. Software: Use firewalls and keep the platform patched against vulnerabilities.
3. Database: Encrypt customer data like payment details and restrict access.
4. People: Train employees to avoid phishing scams and secure their credentials.
5. Network: Use SSL/TLS encryption to secure communication between users and
servers.
By implementing these measures, the integrity, confidentiality, and availability of the
system are ensured.

Balancing Security and Access

Balancing security and access means protecting sensitive data or systems while
making it easy for the right people to use them. Too much security makes it hard for
users, and too little security makes the system vulnerable to hackers.
Example:
In this example, an online shopping website requires users to create a 128-character
password for account security. While this is highly secure, it makes it very difficult
for users to remember, leading to accessibility issues such as forgotten passwords
and frustration.
Problems:

• Hard to Remember: Users forget the long password.

• Locked Accounts: Multiple failed login attempts result in account lockout.

• Poor User Experience: Users may abandon the site due to difficulty accessing
their accounts.
Solution (Balancing Security and Access):

• Shorter Passwords: Use passwords that are strong (e.g., 8 characters) but easier
to remember.

• Password Recovery: Offer easy ways to reset passwords via email or SMS.

• Multi-Factor Authentication (MFA): Add an extra layer of security using codes

sent to the user’s phone or email.

• Account Lockout: Temporarily lock accounts after several failed attempts but
allow recovery.

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 7/12
3/4/25, 10:39 AM UNIT 1

Secure Software Development Life Cycle

Security should be built into every stage of software development, not added later.
Fixing security issues early is cheaper and more efficient than dealing with them
after deployment.
Each phase of development has different security tasks, but everyone on the team
must stay mindful of security throughout the process. By doing this, teams can
reduce risks, prevent vulnerabilities, and create safer software.

5 phases of Secure Software Development Life Cycle

The SDLC is the process of building software, and security should be a top priority at
every step. Let’s break it down using the example of building a membership renewal
portal:

Phase 1: Requirements
This is where you figure out what the software needs to do. Think about what the
user wants and how to keep it safe.

• Example:

◦ User need: Members should be able to check their contact info before
renewing.

◦ Security need: Members should only see their own info, not anyone else’s.

Phase 2: Design
Here, you plan how the software will work. Think about what it should do and what
it should NOT do to stay secure.

• Example:

◦ Design: The system will pull the user’s name, email, and address from the
database and show it on the screen.

◦ Security: Before showing anything, the system must check if the user is
logged in. If not, send them to the login page.

Phase 3: Development

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 8/12
3/4/25, 10:39 AM UNIT 1

This is where you write the code. Follow secure coding rules to avoid mistakes that
hackers could exploit.

• Examples of secure coding:

◦ Use safe database queries to prevent hackers from stealing data.

◦ Check all user inputs to block harmful data.

◦ Use tools to check if open-source libraries have known vulnerabilities.

Phase 4: Verification
Before releasing the software, test it thoroughly to make sure it works and is secure.
Use automated tools to help with this.

• Examples of testing:

◦ Run automated tests to check if the app works as expected.

◦ Use tools to scan for security issues in the code.

Phase 5: Maintenance
Even after the app is live, you need to keep it secure. Bugs or vulnerabilities might
show up later, so you’ll need to fix them.

• Examples:

◦ Update the app if a security flaw is found in the code or in an open-source

library.

◦ Fix issues reported by ethical hackers or users through bug bounty

programs.

Need for Security in Business

In today's digital world, businesses face numerous security threats that can disrupt
operations, harm their reputation, and lead to significant financial losses. To ensure
the protection of sensitive data, maintain customer trust, and comply with regulatory
requirements, security is a critical component for businesses. Below are key reasons
why businesses need security:
1. Protecting Sensitive Data

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 9/12
3/4/25, 10:39 AM UNIT 1

• Business Needs:

◦ Data Privacy: Businesses store sensitive information like customer data,

financial records, trade secrets, and intellectual property. Without adequate
security measures, this data is vulnerable to theft, misuse, or loss.

◦ Example: A retail company needs to protect customer credit card

information to prevent fraud or identity theft.
2. Ensuring Business Continuity

• Business Needs:

◦ Disaster Recovery: Security measures, such as regular backups, help ensure

that businesses can recover their systems and data after a cyber attack or
natural disaster.

◦ Example: If a business's database is attacked and data is lost, security

protocols ensure that it can be restored quickly with minimal disruption.
3. Preventing Financial Loss

• Business Needs:

◦ Financial Protection: Cyberattacks, such as ransomware or fraud, can result

in huge financial losses. By securing systems, businesses can reduce the risk
of such losses.

◦ Example: A bank needs strong security to protect against online fraud and
ensure that customers’ transactions and account details are secure.
4. Maintaining Customer Trust

• Business Needs:

◦ Reputation Management: A business’s reputation can be severely damaged

if its security is compromised, leading to loss of customer trust. Strong
security measures help maintain a positive image.

◦ Example: If a company’s e-commerce site is compromised, it could lose

customer trust, and people may avoid making future purchases.
5. Compliance with Legal and Regulatory Requirements

• Business Needs:

◦ Regulatory Compliance: Many industries have strict regulations around data

security (e.g., GDPR, HIPAA, PCI-DSS). Ensuring security helps businesses
comply with these laws and avoid legal penalties.

◦ Example: Healthcare providers must follow security regulations to protect

patient data as per HIPAA.

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 10/12
3/4/25, 10:39 AM UNIT 1

6. Protecting Intellectual Property

• Business Needs:

◦ Innovation Protection: Companies often have proprietary technologies,

patents, and business strategies. Ensuring these assets are protected from
theft or espionage is crucial for competitive advantage.

◦ Example: A software company needs to protect its source code from being
stolen or copied by competitors.
Security is no longer optional for businesses; it is essential for protecting valuable
assets, maintaining customer trust, ensuring compliance with regulations, and
enabling smooth operations. Investing in strong security systems and protocols
minimizes risk, enhances business continuity, and ensures long-term success in an
increasingly digital world.

Threats

A threat is anything that has the potential to harm an organization's systems, data,
or operations. Threats can be intentional (like hacking) or unintentional (like a
natural disaster).

• Example: A hacker trying to steal data, a virus infecting systems, or a fire in a

data center.
1. Malware: Malicious software designed to harm or exploit any device, network, or
service. Examples include viruses, worms, and Trojans.

• Example: A ransomware attack encrypts your files and demands a ransom

for the decryption key.
2. Phishing: A method where attackers trick users into revealing sensitive
information by pretending to be trustworthy entities, usually through emails,
phone calls, or websites.

• Example: An email from a "bank" asks you to click a link and enter your
personal details.
3. Denial of Service (DoS) Attack: Overloading a server or network with traffic to
make it unavailable to legitimate users.

• Example: A website is bombarded with fake traffic until it crashes.

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 11/12
3/4/25, 10:39 AM UNIT 1

4. Social Engineering: Manipulating people into divulging confidential information

by exploiting trust or human psychology.

• Example: An attacker calls posing as tech support and asks for your login
credentials.
5. SQL Injection: An attack that exploits vulnerabilities in a web application's
database layer by injecting malicious SQL code to gain unauthorized access to a
database.

• Example: Entering malicious SQL code into a login form to bypass

authentication and access sensitive data.

Attacks
An attack is an intentional action taken to exploit vulnerabilities in a system to cause
harm. It is how a threat materializes into an actual event.

• Example: A phishing email tricking an employee into revealing their login

credentials, or a Distributed Denial of Service (DDoS) attack making a website
inaccessible.
1. Brute Force Attack: A method of breaking into a system by systematically trying
all possible combinations of passwords or encryption keys until the correct one
is found.

• Example: Attempting to guess a password by trying every combination until

the correct one is discovered.
2. Man-in-the-Middle (MitM) Attack: An attacker intercepts and potentially alters
the communication between two parties without their knowledge.

• Example: A hacker intercepts communication between a user and a website

to steal login credentials or inject malicious code.
3. Cross-Site Scripting (XSS): An attack where malicious scripts are injected into
websites, which then run on the browsers of unsuspecting users.

• Example: A website vulnerability allows attackers to insert a script that steals

session cookies of users visiting the site.
4. Ransomware: Malicious software that locks or encrypts a victim's files and
demands payment (ransom) for their release.

• Example: An organization’s files are encrypted by ransomware, and the

tt k d d t f th d ti k

https://helix-stamp-628.notion.site/UNIT-1-14939aa0e1ad80b19c01fefd4bf42f87 12/12