Let's look at some of the security fundamentals in the following subsections.
The IR team's members need to have a general understanding of the basic security principles, such as the following:
Confidentiality
Availability
Authentication
Integrity
Access control
Privacy
Nonrepudiation
To understand how any specific attack is manifested in a given software or hardware technology, the IR team's members need to be able to first understand the fundamental causes of vulnerabilities through which most attacks are exploited. They need to be able to recognize and categorize the most common types of vulnerabilities and associated attacks, such as those that might involve the following:
Physical security issues
Protocol design flaws (for example, man-in-the-middle attacks or spoofing)
Malicious code (for example, viruses, worms, or Trojan horses)
Implementation flaws (for example, buffer overflow or timing windows/race conditions)
Configuration...