Mitigation Techniques - CompTIA Security +
Hola!
I'm finding that building the past tables had being useful as personal wiki. At least, if your info is not very personal, get it "out the box"༼ ʘ‿ʘ༽.
I had obsidian and joplin, and yhea... they are cool, and private etc... but if you are in a silo you can be missing out right?
maybe... you read any other article from my blog and say...
wait a min! this is not like that or oh wait!? ( ͡°👅 ͡°) Doesn't he ever hear about...
well let me know is a quick as let the world know you are cool Bluesky
Strategies and Mitigation Methods:
| Technique / Strategy | Description | Purpose / Benefits |
|---|---|---|
| Hardening | Strengthening systems by closing unnecessary ports, disabling services, configuring permissions, etc. | Transform vulnerable systems into secure fortresses |
| Examples: encryption, endpoint protection, host firewalls, host-based intrusion prevention systems (HIPS), etc. | ||
| Patching | Regularly updating software, firmware, and applications to fix known vulnerabilities. | Keeps systems up-to-date and resilient |
| Segmentation | Dividing networks into separate segments with unique security controls. | Limits lateral movement of attackers and impact scope |
| Access Control | Restricting access to authorized users only; enforcing least privilege and role-based access control (RBAC). | Prevents unauthorized data modification or access |
| Isolation | Creating secure, self-contained environments to confine critical systems or sensitive data; limits malware spread. | Controls damage and protects sensitive resources |
| Monitoring | Continuous surveillance to detect threats early and support faster incident response. | Enhances detection and mitigation capabilities |
| Encryption | Converting data into unreadable code, protecting confidentiality of data at rest and in transit. | Prevents unauthorized access to sensitive information |
| Decommissioning | Removing unnecessary systems/assets that pose security risks. | Reduces attack surface |
| Configuration Enforcement | Ensuring devices comply with secure configurations through standardization and automation. | Mitigates vulnerabilities from misconfigurations |
| Compensating Controls | Alternative controls when primary controls are not feasible or effective. | Provides layered security and flexibility |
| Security Awareness Training | Educating users about threats, best practices, and social engineering tactics. | Mitigates human factor risks like phishing |
| Deception and Disruption | Technologies like honeypots, honeynets, honeyfiles to mislead attackers and detect threats. | Diverts attacks and helps study attack methods |
| Validating Remediation | Confirming vulnerabilities are fixed via rescanning and audits. | Ensures mitigation effectiveness and prevents regressions |
| Quarantining | Isolating suspected compromised systems/networks to prevent threat spread. | Limits impact of infections or breaches |
| Incident Response | Structured process to handle security incidents; includes containment, eradication, and recovery phases. | Supports mitigation and rapid recovery |
| Risk Management Strategies | Mitigation is one among transfer, acceptance, and avoidance strategies for managing risk. | Comprehensive approach to risk |
| Application Security | Techniques to protect software, including input validation, memory management, sandboxing, and secure coding. | Prevents exploitation of application vulnerabilities |
| Secure Protocols | Using secure communication protocols like HTTPS, SFTP, SSH to protect data in transit. | Ensures data confidentiality and integrity |
| Data Security Methods | Techniques for protecting data at rest, in transit, and in use, such as hashing, masking, tokenization, and obfuscation. | Safeguards sensitive information |
| Physical Security Measures | Controls like locks, fences, security personnel, and surveillance systems to protect assets and personnel physically. | Prevents physical breaches |
Supporting Concepts
| Concept | Description | Purpose |
|---|---|---|
| Vulnerability Management | Systematic process of identifying, analyzing, responding to, and reporting vulnerabilities. | Crucial for proactive risk reduction |
| Threat Intelligence Feeds | Sources of information about current and emerging threats and attacker tactics (TTPs). | Informs mitigation planning and prioritization |
| Root Cause Analysis | Investigating incidents to identify underlying causes to prevent recurrence. | Helps implement effective, long-term fixes |
Discuss this post: Bluesky
