Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
44 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
Risk assessments |
Deals with the threats, vulnerabilities, and impacts of a loss of information-processing capabilities or a loss of info itself. |
|
|
|
Key Components of Risk Assessment |
1. Risks to which the organization is expised 2. Risks that need addressing 3. Coordination with BIA |
|
|
|
Risks to which the organization is exposed |
Allows you to develop scenarios that can help you evaluate how to deal with these risks of they occur. Creating a plan if something goes wrong you know the best way to respond. |
|
|
|
Risks that need addressing |
Allows an organization to provide a reality check on which risks are real and which are unlikely. Focuses on problems that are more likely to occur and shifts more resources to prevent that problem. Example- industrial espionage and theft are likely, but the risk of a hurricane damaging a server room in Indiana is very low. |
|
|
|
Coordination of BIA |
Provides an organization with an accurate picture of the situation facing it. Allows the organization to make intelligent decisions about how to respond to various scenarios. |
|
|
|
Risk assessment formula |
SLE × ARO = ALE Example- if you can reasonably expect that every SLE, which is equal to asset value times exposure factor, will be equivalent of $1,000 and that there will be 7 such occurrences a year, then ALE is $7,000. Conversely, if there's only a 10% chance of an event occurring within a year time period ( ARO= 0.1), then the ALE drops to $100. |
|
|
|
ALE |
Annual Lost Expextancy- monetary measure of how much loss you could expect in a year |
|
|
|
SLE |
Single Loss Expectancy- represents how much you expect to lose at any one time. It can be divided by two components AV- asset value EF- exposure factor |
|
|
|
ARO |
Annualized Rate Occurrence- Likelihood often drawn from historical data, of an event occurring within a year. |
|
|
|
Qualitive, risk assessments |
Opinion based, objective. |
Anytime you see the word quantitative, think of the goal as determining a dollar amount. Anytime you see the word qualitive, think of a best guess or opinion of the loss, including reputation, goodwill, and irreplaceable info, pics, or data that get you to a subjective loss amount. |
|
|
Quantitative, risk assessments |
Losses that can be calculated by the amount of business lost.
Based upon facts, subjective. |
Anytime you see the word quantitative, think of the goal as determining a dollar amount. Anytime you see the word qualitive, think of a best guess or opinion of the loss, including reputation, goodwill, and irreplaceable info, pics, or data that get you to a subjective loss amount. |
|
|
Likelihood |
There are actual values that can be assigned to likelihood. The National Institute of Standards and Technology recommends viewing likelihood as a score representing the possibility of threat initiation. In this way, it can be expressed in qualitive or quantitative terms. |
|
|
|
Threat Vectors |
Is the way in which an attacker loses a threat. Example- fake emails that lure you into clicking a link or an insecure hotspot and everything in between. |
|
|
|
MTBF |
Mean Time Between Failures- is the measure of the anticipated incidence of failure for a system or component. The measurement determines the components anticipated lifetime. Example- if the MTBF of a cooling system is 1 yr, you can anticipate that the system will last 1 yr period. Be prepared to replace it in 1 yr. |
|
|
|
MTF |
Mean Time Failure- is the average time to failure for a nonrepairable system. But if the system can be repaired the MTBF is the measurement to focus on. |
|
|
|
MTR |
Mean Time to Restore- is the measurement of how long it takes to repair a system or component once a failure occurs. |
|
|
|
RTO |
Recovery Time Objective- Is the maximum amount of time that a process or service is allowed to be down and the consequences still be considered acceptable. |
|
|
|
RPO |
Recovery Point Objective- similar to RTO, but it defines the point at which the system needs to be restored. |
|
|
|
SLA |
Service Level Agreement |
|
|
|
FTP (data channel) |
Port 20 |
|
|
|
FTP (control channel) |
Port 21 |
|
|
|
SSH and SCP |
Port 22 |
|
|
|
Telnet |
Port 23 |
|
|
|
SMPT |
Port 25 |
|
|
|
TACACS authentication service |
Port 49 |
|
|
|
HTTP |
Port 80 |
|
|
|
POP3 |
Port 110 |
|
|
|
SFTP |
Port 115 |
|
|
|
NNTP |
Port 119 |
|
|
|
NetBIOS name service |
Port 137 |
|
|
|
NetBIOS datagram service |
Port 138 |
|
|
|
NetBIOS session service |
Port 139 |
|
|
|
IMAP |
Port 143 |
|
|
|
LDAP |
Port 389 |
|
|
|
HTTPS |
Port 443 |
|
|
|
FTPS data channel |
Port 989 |
|
|
|
FTPS control channel |
Port 990 |
|
|
|
MS WBT Server |
Port 3389 |
|
|
|
DNS name queries |
Port 53 |
|
|
|
TFTP |
Port 69 |
|
|
|
HTTP |
Port 80 |
|
|
|
EAP |
Extensible Authentication Protocol- provides framework for the authentication that is often used with wireless networks. |
|
|
|
LEAP |
Lightweight Extensible Authentication Protocol- created by Cisco as an extension to EAP, but it's being phased out in favor of PEAP. Requires mutual authentication to improve security, but it's susceptible to dictionary attacks. It's considered a weak EAP protocol, and Cisco doesn't curse you recommend using it. |
|
|
|
PEAP |
Protected Extensible Authentication Protocol- more secure bc it establishes channel between the server and the client. Replaced LEAP, and there's native support for it in Windows, beginning with Windows XP. Supports all Windows operating systems. |
|
