Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.
7.2. Quick Reference
Risk Calculation Formulas
| Formula | Equation | Example |
|---|---|---|
| SLE | Asset Value × Exposure Factor | $500,000 × 0.4 = $200,000 |
| ALE | SLE × ARO | $200,000 × 0.5 = $100,000/year |
Cryptographic Algorithm Quick Reference
| Algorithm | Type | Key Size | Status |
|---|---|---|---|
| AES | Symmetric | 128/192/256-bit | ✅ Current standard |
| DES | Symmetric | 56-bit | ❌ Deprecated |
| 3DES | Symmetric | 168-bit | ❌ Phasing out |
| RSA | Asymmetric | 2048/4096-bit | ✅ Current |
| ECC | Asymmetric | 256/384-bit | ✅ Current (smaller keys) |
| Diffie-Hellman | Key exchange | Varies | ✅ Key exchange only |
| SHA-256 | Hashing | 256-bit output | ✅ Current |
| MD5 | Hashing | 128-bit output | ❌ Deprecated |
| SHA-1 | Hashing | 160-bit output | ❌ Deprecated |
Port Numbers
| Port | Protocol | Service |
|---|---|---|
| 20/21 | TCP | FTP (data/control) |
| 22 | TCP | SSH/SFTP/SCP |
| 23 | TCP | Telnet (insecure) |
| 25 | TCP | SMTP |
| 53 | TCP/UDP | DNS |
| 67/68 | UDP | DHCP (server/client) |
| 80 | TCP | HTTP |
| 88 | TCP/UDP | Kerberos |
| 110 | TCP | POP3 |
| 143 | TCP | IMAP |
| 389 | TCP/UDP | LDAP |
| 443 | TCP | HTTPS |
| 445 | TCP | SMB |
| 636 | TCP | LDAPS |
| 993 | TCP | IMAPS |
| 995 | TCP | POP3S |
| 1433 | TCP | MSSQL |
| 3306 | TCP | MySQL |
| 3389 | TCP/UDP | RDP |
Authentication Protocols
| Protocol | Use | Key Feature |
|---|---|---|
| RADIUS | Network access (Wi-Fi, VPN) | Encrypts password only |
| TACACS+ | Device administration | Encrypts entire payload, separates AAA |
| Kerberos | Windows domain auth | Ticket-based, SSO, requires NTP |
| SAML | Web-based SSO (enterprise) | XML-based, IdP and SP |
| OAuth | Authorization (API access) | Token-based, NOT authentication |
| OIDC | Authentication on top of OAuth | Adds identity token to OAuth |
Incident Response Order
Preparation → Detection → Analysis → Containment → Eradication → Recovery → Lessons Learned
Access Control Models
| Model | Who Decides | Best For |
|---|---|---|
| MAC | System (labels) | Military/government |
| DAC | Resource owner | General file systems |
| RBAC | Role assignment | Enterprise (most common) |
| ABAC | Policy engine (attributes) | Complex/granular requirements |
Shared Responsibility Model
| Layer | IaaS | PaaS | SaaS |
|---|---|---|---|
| Data | You | You | You |
| Applications | You | You | Provider |
| Runtime/OS | You | Provider | Provider |
| Infrastructure | Provider | Provider | Provider |
Backup Comparison
| Type | Backs Up | Create Speed | Restore Speed |
|---|---|---|---|
| Full | Everything | Slowest | Fastest |
| Incremental | Since last any backup | Fastest | Slowest |
| Differential | Since last full | Medium | Medium |
Agreement Types
| Agreement | Purpose | Binding? |
|---|---|---|
| SLA | Measurable performance requirements | Yes |
| NDA | Confidentiality protection | Yes |
| MOU | Mutual understanding/intent | Usually no |
| MOA | More formal mutual agreement | Usually yes |
| MSA | Overarching relationship terms | Yes |
| BPA | Business partner responsibilities | Yes |
Written byAlvin Varughese
Founder•15 professional certifications