The CIA Triad is a foundational model in cybersecurity that outlines the three core principles for

protecting information and systems. It stands for:

1. Confidentiality

• Ensures that sensitive information is accessible only to authorized users or systems.

• Protects data from unauthorized access or disclosure.

• Example: Using encryption or access controls to prevent outsiders from reading private
emails or financial data.

2. Integrity

• Ensures that data remains accurate, consistent, and unaltered throughout its lifecycle.

• Protects against unauthorized modifications, corruption, or tampering.

• Example: Using checksums or digital signatures to verify that a file hasn't been altered by an
attacker.

3. Availability

• Ensures that information and systems are accessible and usable when needed by authorized
users.

• Protects against downtime, service disruptions, or denial-of-service attacks.

• Example: Implementing redundancy, backups, or failover systems to ensure continued access

to services.

Feature Authentication Authorization

Verifying the identity of a user or Granting permission to access resources or

Definition
system. actions.

To ensure that the user is who To control what the authenticated user is allowed
Purpose
they claim to be. to do.

Question
"Who are you?" "What are you allowed to do?"
answered

Involves credentials like

Process Involves access rights, roles, and permissions.
passwords, biometrics, tokens.

Once logged in, accessing inbox folders, sending

Logging into an email account
Example messages, or changing settings based on
with a username and password.
permissions.

When it Happens first before

Happens after successful authentication.
happens authorization.

Security
Identity verification. Access control and enforcement.
focus
 Vulnerability

• Definition: A weakness or flaw in a system, application, or process that can be exploited.

• It’s like: An unlocked door or an outdated software version with known bugs.

• Example: A web application that doesn’t validate user inputs properly, allowing SQL injection
attacks.

Threat

• Definition: A potential danger or event that could exploit a vulnerability to cause harm.

• It’s like: A burglar targeting houses with unlocked doors.

• Example: A hacker trying to gain unauthorized access to sensitive data.

Attack

• Definition: An actual attempt to exploit a vulnerability by a threat actor.

• It’s like: A burglar breaking into a house through the unlocked door.

• Example: A cybercriminal using malware to exploit a system vulnerability and steal data.

Relationship between them:

1. Vulnerability – Weakness in the system.

2. Threat – A possible danger that could exploit the weakness.

3. Attack – A real action taken to exploit the weakness.

Example scenario:

• Vulnerability: A website has a weak password policy.

• Threat: A malicious user attempting to guess passwords.

• Attack: The attacker runs a brute-force attack to crack user accounts.

Passive Attack vs Active Attack

These are two broad categories of attacks based on how an attacker interacts with the system or
data.
Feature Passive Attack Active Attack

An attack where the attacker eavesdrops An attack where the attacker tries to alter,
Definition
or monitors data without altering it. disrupt, or manipulate data or systems.

To gain unauthorized access or gather To compromise integrity, availability, or

Objective
information stealthily. functionality of systems.

Harder to detect because no changes are Easier to detect as it causes noticeable

Detection
made. disruptions or alterations.

Affects integrity, availability, and

Impact Mainly on confidentiality (data privacy).
confidentiality.

- Denial of Service (DoS) - Man-in-the-middle

Methods - Packet sniffing - Traffic analysis
- Data modification

Listening to network traffic to capture Injecting malicious commands to change

Example
sensitive data like passwords. data or block services.

Key Points

• Passive attacks are about spying or listening. The attacker tries to remain unnoticed.

• Active attacks involve interfering, modifying, or corrupting the data or system.

Real-life analogy:

• Passive attack: Someone listening to your phone call from afar without you knowing.

• Active attack: Someone interrupting your phone call, speaking on your line, or cutting the
call deliberately.

Type of cipher

1. Substitution cipher: replacing characters with others

a. Mono alphabetic
Eg: Ceaser cipher
b. Simple substitution
c. Playfair:digraph
2. Transposition cipher: rearranging plain text to create cipher text
a. Rail fence cipher
b. Columnar cipher: writing PT in row and reading CT in column. Rev for decr
c. Hill Cipher: polygraphic sub cipher that uses matrix operation
Inv Matrix = transpose of cofactor matrix/det
C=pkmod26
P=ck_invmod26
 For decryption : find mod inverse of determinant of matrix
Then matrix is calculated as det iverse * inverse matrix mod 26
After that multiply with each CT block to get PT

d. Affine cipher
Y=a*x+b mod 26
X= a_inv * y-b mod 26
e. Vigenere cipher
CT = (PT +key)mod26
PT=(CT-key+26)mod26

Types of active attacks are as follows:

1. Masquerade Attack

2. Modification of Messages

3. Repudiation

4. Replay Attack

5. Denial of Service (DoS) Attack

Active and Passive attacks in Information Security - GeeksforGeeks

Types of Passive attacks are as follows:

1. The Release of Message Content

2. Traffic Analysis

https://chatgpt.com/share/68c21a20-f830-8007-b83a-ec63ca09cdc0