Erstellt von zikisayena
vor mehr als 9 Jahre
|
||
Frage | Antworten |
Affidavit | sworn testimony that certain facts are in the possession of the investigating officer that they feel warrant the examination of specific items located at a specific place. |
Auditing | the process of reviewing the use of a system to determine if misuse or malfeasance has occurred. |
Candidate vulnerabilities | vulnerabilities logged during scanning. |
Chain of evidence (chain of custody) | defined as the detailed documentation of the collection, storage, transfer, and ownership of collected evidence from the crime scene through its presentation in court. |
Difference analysis | a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services). |
Digital forensics | the investigation of what happened and how. |
Digital malfeasance | crime against or using digital media, computer technology, or related components (computer as source or object of crime). |
Evidentiary material (EM) | also known as an item of potential evidentiary value, is any information that could potentially support the organization’s legal or policy-based case against a suspect. |
External monitoring domain | within the maintenance model; provides early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense. |
Information security operational risk assessment (RA) | A key component in the engine that drives change in the information security program. |
Modem vulnerability assessment process | designed to find and document any vulnerability that is present on dial-up modems connected to the organization’s networks. |
Penetration testing | a set of security tests and evaluations that simulate attacks by a malicious external source (hacker). |
Planning and risk assessment domain | the primary objective is to keep a lookout over the entire information security program, in part by identifying and planning ongoing information security activities that further reduce risk. |
Platform security validation (PSV) process | designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization. |
Vulnerability assessment and remediation domain | primary objective is to identify specific, documented vulnerabilities and re-mediate them in a timely fashion. Vulnerability instances: proven cases of real vulnerabilities. |
War dialing | scripted dialing attacks against a pool of phone numbers. |
War games | rehearsals that closely match reality. |
Möchten Sie mit GoConqr kostenlos Ihre eigenen Karteikarten erstellen? Mehr erfahren.