Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
28 Cards in this Set
- Front
- Back
When describing the system or process, you often focus on what two primary areas?
|
Operational Characteristics and Mission of the System
|
|
Define operational characterisics
|
how the system operates in your environment, you need to identify how the system is currently configured and operating
|
|
Define the mission of the system
|
what the system does
|
|
In reviewing previous findings, what three (3) items are worth investigating?
|
Recommendations
Current status of accpted recommendations Unapproved recommendations |
|
Management structure refers to?
|
how responsibilities are assigned
|
|
Define Asset Valuation
|
the process of determing the fair market value of an asset, one of the first priorities of risk management
|
|
Replacement value
|
the/ cost to purchase a new asset in its place
|
|
Recovery value
|
the cost to get the asset operaional after a failure
|
|
Elements to consider when determining the value of different assets
|
-system access and system availability
-system functions -hardware assets -software assets -personnel assets -data and information assets -facilities and supplies |
|
Access and availability
|
refers to how and when the asset needs to be available
|
|
Whitelist
|
a list of approved e-mail addresses or e-mail domains
|
|
Blacklist
|
automatically marked as spam
|
|
Define hardware assets
|
any assets that you can physically touch
|
|
Define software assets
|
include both the operating system and the applications
|
|
Define personnel assets
|
personnel that an organization is able to retain often has fewer problems than one witha high turnover rate
|
|
Define data and information assets
|
different levels of value based on the classification of the data:
-public data: freely available to anyone -private data: internal data, data on employees and customers -proprietary data: highly valuable data, deserves a lot of protection, if lost could seriously effect the company's profitability |
|
Define facilities and supplies
|
information needed when calculating your insurance needs
-hot site: a location that can take over the operations of another location within a short period -cold site: a building wth electricity and running water but little else -warm site: a compromise between a hot site and a cold site, may include all the hardware but the data may not be up to date |
|
In identifying and evaluating relevant threats, use what two (2) methods?
|
review historical data and modeling
|
|
Reviewing historical data, you should look for
|
attacks
natual events accidents equipment failures |
|
Define threat modeling
|
a process used to identify possbile threats on a system, which provide on:
-the system: background information -threat profile: list of threats -threat analysis: to determine if an asset is vulnerable |
|
Define vulnerability assessment
|
a process used to discover weakness in a system, with multiple goals such as:
-identify IP address -Identify names -identify operating systems -identify open ports -identify weak passwords -capture data |
|
Name some common vulnerability assessments tools
|
-Nmap: a network mapping tool that determines open ports
-Nessus: commercial product that can detect common vulnerabilities in the configuration of a system -SATAN: Security Administrator Tool for Analyzing Networks, not as popular as the other tools -SAINT: System Administrator's Integrated Network Tool, full suite of vulnerability tools |
|
Define exploit assessment
|
attempts to discover what vulnerabilities an attacker can exploit, aka "penetration tests"
|
|
Define countermeasures
|
a security control or a safeguard
|
|
Name the Control Categories
|
Administrative security controls, which are the controls in place in response to the rules and guidelines directed by upper-level management
-Technical security control, uses computers or software to protect systems -Physical security control, which controls the physical environment such as locked doors, guards and access logs, video cameras |
|
Name a common mistake needed to implement a control
|
underestimating the costs needed
|
|
Best practices for performing risk assessments
|
-ensure systems are fully described
-review past audits -review past risk assessments -match the RA to the management structure -identify assets with the RA boundaries -identify and evaluate relevant threats -identify and evaluate relevant vulnerabilities -identify and evaluate countermeasures -track the results |
|
What is used to track and monitor the controls and approved recommendations?
|
POAM: Plan of Actions or Milestones
|