Tryhackme - Principles of Security

Tryhackme – Principles of Security

In this walk through, we will be going through the Principles of Security room from Tryhackme. This room will teach us about the principles of information security that secures data and protects systems from abuse. On that note, let’s get started.

Principles of Security

Task 1 – Introduction

Tryhackme - Principles of Security

Task 2 – The CIA Triad

Question 1 – What element of the CIA triad ensures that data cannot be altered by unauthorised people?

Integrity

Question 2 – What element of the CIA triad ensures that data is available?

Availability

Question 3 – What element of the CIA triad ensures that data is only accessed by authorised people?

Confidentiality

Tryhackme - Principles of Security

Task 3 – Principles of Privileges

Question 1 – What does the acronym “PIM” stand for?

Privileged Identity Management

Question 2 – What does the acronym “PAM” stand for?

Privileged Access Management

Question 3 – If you wanted to manage the privileges a system access role had, what methodology would you use?

PAM

Question 4 – If you wanted to create a system role that is based on a users role/responsibilities with an organisation, what methodology is this?

PIM

Tryhackme - Principles of Security

Task 4 – Security Models Continued

Question 1 – What is the name of the model that uses the rule “can’t read up, can read down”?

The Bell-LaPadula Model

Question 2 – What is the name of the model that uses the rule “can read up, can’t read down”?

The Biba model

Question 3 – If you were a military, what security model would you use?

The Bell-LaPadula Model

Question 4 – If you were a software developer, what security model would the company perhaps use?

The Biba model

Tryhackme - Principles of Security

Task 5 – Threat Modelling & Incident Response

Question 1 – What model outlines “Spoofing”?

STRIDE

Question 2 – What does the acronym “IR” stand for?

Incident Response

Question 3 – You are tasked with adding some measures to an application to improve the integrity of data, what STRIDE principle is this?

Tampering

Question 4 – An attacker has penetrated your organisation’s security and stolen data. It is your task to return the organisation to business as usual. What incident response stage is this?

Recovery

Tryhackme - Principles of Security

Also Read: Tryhackme – Pickle Rick

So that was “Principles of Security” for you. In this room, we have learned the principles of information security that secures data and protects systems from abuse. We have covered topics like the CIA triad, Principles of privileges, Security Models, Threat Intelligence and Incident Response and more. On that note, i will take your leave and meet you in next one. So stay tuned and till then, “Hack the planet”.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top