• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/35

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

35 Cards in this Set

  • Front
  • Back
• Is Information Security a Process or a Project? Explain.
Information Security is a process, not a project. A process is something that evolves over time, whereas a project typically allows for a point of termination. Information Security should always be evolving because there will always be new vulnerabilities that will need to be addressed.
• Explain the 90/10 rule in Information Security.
• The 90/10 rule in Information Security is that 90% of Information Security is composed of people and processes and 10% is the actual technology. People are responsible for implementing, configuring, maintaining, and monitoring the technology. People are also responsible for establishing policy and compliance. And lastly, people comprise the collection of users the Information Security will affect.
• Explain the concept of Security Awareness.
• Security Awareness is the level at which a person is knowledgeable of the potential of risk of information being compromised accidentally, deliberately, through damage, or misuse and also the knowledge, skill, and attitude addressing the need to protect this information.
• Explain the term “Defense in Depth”.
“Defense in Depth” is the layers of defense in place against information vulnerability. Defenses include anti-spyware, anti-virus, encrypted communication, session controls, limitations of usage, strong passwords, keeping software updated (via patches), and physical security. In most instances, it is not necessary to have the “Fort Knox” level of protection, especially for home use – it’s important to be a more difficult candidate for attack than the next guy.
• When formulating a security report, what 6 questions should be asked?
The six questions that should be asked when formulating a security report are: who, what, when, where, why, and how.
• What are the 5 steps for quick incident handling?
identification and categorization
containment
eradication
recovery
follow-up
• Why is change control & change management a security issue?
Change control and change management are security issues because in most organizations, the integrity of their data can influence the success or failure of the organization. Should an unauthorized party manipulate the data, the system could fall victim to viruses, worms, malicious code, and data corruption, crippling the organization.
• What can change management uncover?
Change management can uncover policy violation by staff installing or manipulating software without proper authorization and/or procedures, possible hardware failure leading to data corruption, and viruses, malicious code, and worms infecting the system.
• What is required for change management to work successfully?
For change management to work successfully, you must have golden copies of the software (original installation discs) for comparison and database generation, and you must have a secure infrastructure by securely storing software on physically protected media.
• What are the DoD four classifications of data?
top secret
secret
confidential
unclassified
• What are the principles of Separation of Duties?
The principles of Separation of Duties are that no one has complete control of a project. This principle states that a minimum of two persons are required to complete sensitive jobs. This provides for checks and balance and lessens the risk of vulnerability.
• Who is responsible for Security Management and why?
Many people in an organization are responsible for Security Management. The Board of Directors, President, Chief Information Officer, Security Director, Audit Manager, Security Analysts, Security Architects, and System Auditors are the hierarchy of responsible parties for Security Management. Most of these positions are senior management, and they have the ultimate responsibility, since they are the last line of decision-makers in an organization. Senior managers and officers have a functional responsibility.
• What is a vulnerability?
A vulnerability is a flaw, weakness, or lack of control in the system.
• Describe the three pillars of Security?
The three pillars of Security are Availability, Integrity, and Confidentiality. Availability is providing the access of those authorized users when information is needed. Integrity is guarantee that information has not been destroyed or altered in any way -- inadvertently or maliciously. Confidentiality is the restriction of access to those with authorization.
• What are the objectives of Security Management process?
The objectives of Security Management process are complying with policy and following procedure, awareness and reporting incidents, offering suggestions to strengthen security, and mitigating risk.
• What is Data Security?
Data Security is the availability, integrity, and confidentiality of that data. This means that data is protected from corruption, it is available when needed by parties who have authorization to it, and it is protected from those without authorization.
• Why Is Data Security Such a Challenge?
Data Security is affected by hardware failures, software malfunctions, accidental deletion or overwriting, natural disasters, and disgruntled employees. Because these threats and vulnerabilities are extensive in scope, Data Security is a massive challenge.
• What is the definition of a security model.
A security model is a simplified representation outlining the security requirements for an organization
• What is the strength and weakness of the Bell LaPadula Model?
A strength of the Bell LaPadula Model is that it stresses confidentiality by not allowing users to read up or write down (prevention of secret leaks). However, because a user can write up, integrity is not guaranteed (a lower security user can overwrite information without knowing it even exists).
• Describe a Multi-Level security model.
A multi-level security model is a security model that divides users into a tiered system. Each tier provides a different degree of access to information, the lowest tier being the most restricted and the highest having the most access.
• What are the seven Assurance levels?
The seven Assurance levels are: functionally tested; structurally tested; methodically tested and checked; methodically designed, tested and reviewed; semiformally designed and tested; semiformally verified design and tested; and formally verified design and tested.
• What is a covert channel?
A covert channel is an unauthorized, hidden channel of communications that exists within a legitimate communications channel.
• What is a Delta threat?
A Delta threat is an attack that exploits the difference between time of security controls setup and time of service was authorized to be in use
• What are the three basic components of a system architecture?
The three basic components of a system architecture are the Central Processing Unit (CPU), Storage Devices (hard drive, memory, etc), and Peripherals (keyboard, printer, etc).
• Describe the protection rings of a system architecture?
The protections rings of a system architecture are Ring 0: operating system kernel, Ring 1: operating system, Ring 2: operating system utilities and file system drivers, and Ring 3: software, such as email client, word processor, and web browser.
• What are the principles of secure programming?
least privilege, economy of mechanism, complete mediation, open design, separation of privilege, least common mechanism, psychological acceptance, and fail-safe defaults.
• Name 3 famous worms?
Three famous worms are Code Red, Blaster, and SQL Slammer.
• What is the definition of a rootkit and describe what actually happens?
A rootkit is a set of software artifacts that attempts to hide its existence and execution from the rest of the operating system, all users, and any security tools
• In application security, what are agents?
Agents are standalone programs that are part of the larger application.
• What is an applet?
An applet is software that runs within the context of another program
• What are some reasons for security attacks on applications?
Some reasons for security attacks are industrial espionage, vandalism/disruption, denial of service, and political/religious reasons.
• What are some countermeasures to Malware?
Countermeasures to Malware are anti-malware software, patches, firewalls, intrusion detection systems, decreased privileges, and penetration testing.
• What is change management?
Change management is the organization and overseeing of changes within an organization.
• Why is change management important to security?
Change management verifies that there are no security holes during transition – such as change of employees, updating software with patches or new versions, or changing the requirements to a project in development. Without having change management to oversee changes, security can be compromised.
• Why is security usually overlooked during development?
Security is overlooked because software developers are not security specialists, and security can slow down production, causing a vendor to lose money because of a later release date.