# Principles of Security {% embed url="" %} {% endembed %} | Room Attributes | Value | | --------------------- | ---------------------------------------------------------------------- | | Subscription Required | False \[Free] | | Type | Walkthrough | | Difficulty | Info | | Tags | CIA Triad, Information Security, Incident Response, Threat Model | ## Task 1 Introduction ### Let's proceed! {% hint style="success" %} No answer needed {% endhint %} ## Task 2 The CIA Triad ### What element of the CIA triad ensures that data cannot be altered by **unauthorised** people?
Reveal Flag 🚩 :triangular\_flag\_on\_post:`integrity`
### What element of the CIA triad ensures that data is available?
Reveal Flag 🚩 :triangular\_flag\_on\_post:`availability`
### What element of the CIA triad ensures that data is only accessed by **authorised** people?
Reveal Flag 🚩 :triangular\_flag\_on\_post:`confidentiality`
## Task 3 Principles of Privileges ### What does the acronym "PIM" stand for?
Reveal Flag 🚩 :triangular\_flag\_on\_post:`Privileged Identity Management`
### What does the acronym "PAM" stand for?
Reveal Flag 🚩 :triangular\_flag\_on\_post:`Privileged Access Management`
### If you wanted to manage the privileges a system access role had, what methodology would you use? {% hint style="warning" %} **HINT:** I'm looking for the short acronym here (PIM/PAM) {% endhint %}
Reveal Flag 🚩 :triangular\_flag\_on\_post:`PAM`
### If you wanted to create a system role that is based on a users role/responsibilities with an organisation, what methodology is this? {% hint style="warning" %} **HINT:** I'm looking for the short acronym here (PIM/PAM) {% endhint %}
Reveal Flag 🚩 :triangular\_flag\_on\_post:`PIM`
## Task 4 Security Models Continued ### What is the name of the model that uses the rule "**can't** read up, can read down"? {% hint style="warning" %} **HINT:** Formatting: The x Model Look at the direction of the arrows and the text next to them to understand what directions can read up/down depending upon the model {% endhint %}
Reveal Flag 🚩 :triangular\_flag\_on\_post:`The Bell-LaPadula Model`
### What is the name of the model that uses the rule "**can** read up, can't read down"? {% hint style="warning" %} **HINT:** Formatting: The x Model Look at the direction of the arrows and the text next to them to understand what directions can read up/down depending upon the model {% endhint %}
Reveal Flag 🚩 :triangular\_flag\_on\_post:`The Biba Model`
### If you were a military, what security model would you use? {% hint style="warning" %} **HINT:** Formatting: The x Model {% endhint %}
Reveal Flag 🚩 :triangular\_flag\_on\_post:`The Bell-LaPadula Model`
### If you were a software developer, what security model would the company perhaps use? {% hint style="warning" %} **HINT:** Formatting: The x Model {% endhint %}
Reveal Flag 🚩 :triangular\_flag\_on\_post:`The Biba Model`
## Task 5 Threat Modelling & Incident Response ### What model outlines "Spoofing"? {% embed url="" %} {% endembed %}
Reveal Flag 🚩 :triangular\_flag\_on\_post:`STRIDE`
### What does the acronym "IR" stand for?
Reveal Flag 🚩 :triangular\_flag\_on\_post:`Incident Response`
### You are tasked with adding some measures to an application to improve the integrity of data, what [*STRIDE*](https://web.archive.org/web/20070303103639/http://msdn.microsoft.com/msdnmag/issues/06/11/ThreatModeling/default.aspx) principle is this?
Reveal Flag 🚩 :triangular\_flag\_on\_post:`Tampering`
### An attacker has penetrated your organisation's security and stolen data. It is your task to return the organisation to business as usual. What incident response stage is this?
Reveal Flag 🚩 :triangular\_flag\_on\_post:`Recovery`
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://thmflags.gitbook.io/thm-walkthroughs/difficulty-info/principles-of-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.