Update documentation

2021-12-13 20:28:43 +01:00 · 2021-12-13 20:28:43 +01:00 · 51c007c545
commit 51c007c545
parent 5089c107ba
5 changed files with 12 additions and 12 deletions
--- a/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_availability.adoc
+++ b/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_availability.adoc
@ -19,6 +19,6 @@ Availability is "the property of being accessible and usable on demand by an aut
 ** network traffic control
 ** firewalls
 ** physical security of hardware and underlying infrastructure
-*** protections against fire, water, and other elements
+*** protection against fire, water, and other elements
 ** hardware maintenance
 ** redundancy
--- a/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_confidentiality.adoc
+++ b/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_confidentiality.adoc
@ -1,15 +1,15 @@
 == Confidentiality

-Confidentiality is "the property, that information is not made available or disclosed to unauthorized individuals, entities, or processes." In other words, confidentiality requires that unauthorized users should not be able to access sensitive resources. Confidentiality must be balanced with availability; authorized persons must still be able to access the resources they have been granted permissions for. 
+Confidentiality is "the property that information is not made available or disclosed to unauthorized individuals, entities, or processes." In other words, confidentiality requires that unauthorized users should not be able to access sensitive resources. Confidentiality must be balanced with availability; authorized persons must still access the resources they have been granted permissions for.

-Although confidentiality is similar to "privacy", these two words are not interchangeable. Rather, confidentiality is a component of privacy; confidentiality is implemented to protect resources from unauthorized entities.
+Although confidentiality is similar to "privacy," these two words are not interchangeable. Instead, confidentiality is a component of privacy; confidentiality is implemented to protect resources from unauthorized entities.

 {nbsp} +

 === Examples that compromise confidentiality:

 ** a hacker gets access to the password database of a company
-** a sensitive emails is sent to the incorrect individual
+** a sensitive email is sent to the incorrect individual
 ** a hacker reads sensitive information by intercepting and eavesdropping on an information transfer

 {nbsp} +
@ -22,4 +22,4 @@ Although confidentiality is similar to "privacy", these two words are not interc
 *** multi-factor authentication (MFA)
 *** biometric verification
 ** minimizing the number of places/times the information appears
-** physical security controls such as properly secured server rooms
+** physical security controls such as properly secured server rooms
--- a/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_integrity.adoc
+++ b/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_integrity.adoc
@ -1,6 +1,6 @@
 == Integrity

-Integrity is "the property of accuracy and completeness." In other words, integrity means maintaining the consistency, accuracy and trustworthiness of data over its entire life cycle. Data must not be changed during transit and unauthorized entities should not be able to alter the data.
+Integrity is "the property of accuracy and completeness." In other words, integrity means maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle. Data must not change during transit, and unauthorized entities should not alter the data.

 {nbsp} +

@ -13,9 +13,9 @@ Integrity is "the property of accuracy and completeness." In other words, integr

 {nbsp} +

-=== Examples of methods ensuring integrity
+=== Examples of methods ensuring the integrity

 ** well functioning authentication methods and access control
 ** checking integrity with hash functions
 ** backups and redundancy
-** auditing and logging
+** auditing and logging
--- a/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_intro.adoc
+++ b/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_intro.adoc
@ -1,7 +1,7 @@
 == The CIA Triad

 The CIA Triad (confidentiality, integrity, availability) is a model for information security.
-The three elements of the triad are considered the most crucial information security components and should be guaranteed in any secure system. +
-Serious consequences can result if even one these elements is breached.
+The three elements of the triad are considered the most crucial information security components and should guarantee in any secure system. +
+Serious consequences can result if even one of these elements is breached.

-The CIA Triad was created to provide a baseline standard for evaluating and implementing security regardless of the underlying system and/or organization.
+The CIA Triad was created to provide a baseline standard for evaluating and implementing security regardless of the underlying system and/or organization.
--- a/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_quiz.adoc
+++ b/webgoat-lessons/cia/src/main/resources/lessonPlans/en/CIA_quiz.adoc
@ -1,3 +1,3 @@
 Now it's time for a quiz! Answer the following question to check if you understood the topic.

-Today, most systems are protected by a firewall.A properly configured firewall can prevent malicious entities from accessing a system and helps protect an organization's resources. For this quiz, imagine a system that handles personal data but is not protected by a firewall:
+Today, most systems are protected by a firewall. A properly configured firewall can prevent malicious entities from accessing a system and helps protect an organization's resources. For this quiz, imagine a system that handles personal data but is not protected by a firewall: