{"json_modified": "2016-03-28T08:44:05.166996", "uuid": "2ed97d37-be8d-4fce-b1e3-0dc1c9a3d30c", "title": "Security Controls", "url": "/en-US/docs/Web/Security/Information_Security_Basics/Security_Controls", "tags": ["Security", "Beginner", "Tutorial"], "translations": [{"uuid": "bbc37dec-1ec2-4700-a0fe-1dc944dfd29b", "title": "Contr\u00f4les de s\u00e9curit\u00e9", "url": "/fr/docs/Apprendre/Contr%C3%B4les_de_s%C3%A9curit%C3%A9", "tags": ["Security", "Beginner", "Tutorial"], "summary": "<em>Il n'y a pas encore de mat\u00e9riau interactif pour cet article. <a href=\"/fr/docs/MDN/D\u00e9buter_sur_MDN\">N'h\u00e9sitez pas \u00e0 contribuer</a>.</em>", "localization_tags": [], "locale": "fr", "last_edit": "2015-10-11T10:19:12", "review_tags": []}], "modified": "2016-03-02T10:57:57", "label": "Security Controls", "localization_tags": [], "locale": "en-US", "id": 145731, "last_edit": "2016-03-02T10:54:32", "summary": "Sensitive data should be protected based on the potential impact of a loss of confidentiality, integrity, or availability.\u00a0 Protection measures (otherwise known as<em> security controls</em>) tend to fall into two categories.\u00a0 First, security weaknesses in the system need to be resolved.\u00a0 For example, if a system has a known vulnerability\u00a0that attackers could exploit, the system should be patched so that the vulnerability is removed or mitigated.\u00a0 Second, the system should offer only the required functionality to each authorized user, so that no one can use functions that are not necessary.\u00a0 This principle is known as <em>least privilege</em>.\u00a0 Limiting functionality and resolving security weaknesses have a common goal: give attackers as few opportunities as possible to breach a system.", "sections": [{"id": "Original_Document_Information", "title": "Original Document Information"}, {"id": "Original_Document_Information", "title": "Original Document Information"}], "slug": "Web/Security/Information_Security_Basics/Security_Controls", "review_tags": []}