Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
42 Cards in this Set
- Front
- Back
|
system reliability
|
information generated by systems must be reliable in order to be useful in decision making
|
|
|
1) security
2) confidentiality 3) privacy 4) processing integrity 5) availability |
trust services framework 5 components of system reliability
|
|
|
security
|
access to system and data is controlled; FOUNDATION
|
|
|
confidentiality
|
sensitive company information is protected from unauthorized disclosure
|
|
|
privacy
|
personal data about customers is collected, used, and stored in an appropriate way
|
|
|
processing integrity
|
data in systems is processed accurately, timely, completely, with proper authorization
|
|
|
availability
|
system can be accessed when needed
|
|
|
time based model of security
|
used to determine how effective a company's security procedures are; used to determine the appropriate mix of detective/corrective controls
|
|
|
P - time it takes to break thru preventive controls
D - time it takes to recognize that there is a breach C - time it takes to respond to the attack |
3 variables in time based model of security
|
|
|
P > D+C
|
effective security procedures equation
|
|
|
1. difficult to reasonably estimate values
2. changes in technology make estimates quickly obsolete |
main problems/disadvantages with the time based model of security
|
|
|
defense in depth
|
used for day-to-day management of security procedures; employing multiple layers of controls; redundant
|
|
|
1. access
2. physical access 3. training 4. encryption |
4 preventive controls for security
|
|
|
1. authentication
2. authorization |
2 aspects of access controls
|
|
|
authentication
|
process of verifying the identity of the person/device attempting to access the system
|
|
|
authorization
|
limiting where authenticated users can go in the system and restricting what actions can be performed
|
|
|
1. passwords
2. smart card/id badge 3. biometric identifiers |
3 authentication controls
|
|
|
1. length
2. random 3. combination 4. changed frequently 5. secret |
5 characteristics of a strong password
|
|
|
biometric identifier
|
physical characteristics used to authenticate someone
|
|
|
multifactor identification
|
using more than one authentication control technique
|
|
|
access control matrix
|
authorization control - matrix of user/access - compatibility test used to match authentication credentials
|
|
|
physical access controls
|
access controls for buildings/rooms (keeping all doors locked except one)
|
|
|
training
|
preventive control for security for employees
|
|
|
social engineering
|
tricks that a fraudsters use to get employees to divulge confidential information
|
|
|
phishing
|
act of attempting to acquire information (usernames, passwords) using thru fake webpages
|
|
|
piggybacking
|
social engineering technique here an unauthorized user follows an authorized user thru a locked door
|
|
|
encryption
|
process of taking normal language plain speak --> unreadable gibberish (cipher text)
|
|
|
1. log analysis
2. security testing |
2 detective controls for security
|
|
|
log
|
system tracking who has access to the system and what action they have performed
|
|
|
log analysis
|
process of regularly reviewing logs to identify potential attackers
|
|
|
1. failed login attempts
2. failed attempts to perform some action |
log analysis searching for: (2 things)
|
|
|
1. legitimate user not remembering password
2. legitimate user attempting to perform an unauthorized action 3. external intruder trying to gain access |
possible reasons for things found in log analyses (3)
|
|
|
penetration test
|
aspect of security testing - authorized attempt by internal audit team or external security consulting firm to break into the system
|
|
|
1. CIRT team
2. patch management system |
2 correct controls for security
|
|
|
computer incident response team CIRT
|
team responsible for dealing with all major security issues
|
|
|
1. recognition
2. containment 3. recovery 4. follow up |
incident response process
|
|
|
recognition
|
incident response process - understand/recognize that there is a problem; result of log analysis
|
|
|
containment
|
incident response process - isolate damage, prevent spread to other parts of the system
|
|
|
recovery
|
incident response process - fix damage caused by the breach
|
|
|
follow up
|
incident response process -
1. understand/analyze problem 2. modify security procedures |
|
|
patch management system
|
correct control for security - fix known vulnerabilities in security software, operating systems, other application programs
|
|
|
patches
|
the most recent fix; code that repairs
|
