Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
9 Cards in this Set
- Front
- Back
|
What is NIDES?
|
Next Generation Intrusion Detection Expert System. Draws info from variety of Audit logs and notifies
|
|
|
What is Assurance
|
Formalized process by which trust is built into life cycle of a system
|
|
|
What is TCSEC?
|
Trusted Computer System Evaluation Criteria - Orange book
|
|
|
Limit Checks and Sequence checks
|
To avoid buffer overflow attacks. Manages data type, formats, data length, and sequence
|
|
|
Fail-Secure / Fail-safe
|
Fail-secure failure puts system into high level of security or disables it entirely.
|
|
|
What should happen in fail-secure state?
|
System should continue in this state and admin manually reboots, or system auto reboots using password.
|
|
|
Fail-Open
|
Allows users to bypass security control on system fail.
|
|
|
Compiled languages
|
C++, Java, Fortran. Less prone to manipulation. Easy to install backdoor and malicious code w/o user knowledge
|
|
|
Interpreted languages
|
Javascript, VB script. End user can see the code. But anyone can modify it and possibly embed malicious code
|
