Chapter 12 revision

Beschreibung

This is the last chapter of the Information security book, and it is about maintaining and evaluating the implemented information security
zikisayena
Karteikarten von zikisayena, aktualisiert more than 1 year ago
zikisayena
Erstellt von zikisayena vor mehr als 9 Jahre
35
0

Zusammenfassung der Ressource

Frage Antworten
Affidavit sworn testimony that certain facts are in the possession of the investigating officer that they feel warrant the examination of specific items located at a specific place.
Auditing the process of reviewing the use of a system to determine if misuse or malfeasance has occurred.
Candidate vulnerabilities vulnerabilities logged during scanning.
Chain of evidence (chain of custody) defined as the detailed documentation of the collection, storage, transfer, and ownership of collected evidence from the crime scene through its presentation in court.
Difference analysis a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services).
Digital forensics the investigation of what happened and how.
Digital malfeasance crime against or using digital media, computer technology, or related components (computer as source or object of crime).
Evidentiary material (EM) also known as an item of potential evidentiary value, is any information that could potentially support the organization’s legal or policy-based case against a suspect.
External monitoring domain within the maintenance model; provides early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense.
Information security operational risk assessment (RA) A key component in the engine that drives change in the information security program.
Modem vulnerability assessment process designed to find and document any vulnerability that is present on dial-up modems connected to the organization’s networks.
Penetration testing a set of security tests and evaluations that simulate attacks by a malicious external source (hacker).
Planning and risk assessment domain the primary objective is to keep a lookout over the entire information security program, in part by identifying and planning ongoing information security activities that further reduce risk.
Platform security validation (PSV) process designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization.
Vulnerability assessment and remediation domain primary objective is to identify specific, documented vulnerabilities and re-mediate them in a timely fashion. Vulnerability instances: proven cases of real vulnerabilities.
War dialing scripted dialing attacks against a pool of phone numbers.
War games rehearsals that closely match reality.
Zusammenfassung anzeigen Zusammenfassung ausblenden

ähnlicher Inhalt

Introduction
Soul Blaze
Security+ Penetration Testing Steps and Life Cycle
Lyndsay Badding
Esperanto - Regeln der Grammatik
JohannesK
10 Fragen aus der Abiturprüfung Geschichte
barbara91
Funktionen Einführung und Geradenfunktionen
Tahir Celikkol
Klinische Psychologie-Grundlagen
evasophie
Pädagogik: Lernvokabeln zu Jean Piaget
Lena S.
FOST 4 - Inferenzstatistik 2 und qualitative Methoden
Kathy H
Para 2016
Anne Käfer
Vetie Virologie 2015
J R
Vetie - AVO 2018
Schmolli Schmoll