Chapter 12 revision

Description

This is the last chapter of the Information security book, and it is about maintaining and evaluating the implemented information security
zikisayena
Flashcards by zikisayena, updated more than 1 year ago
zikisayena
Created by zikisayena over 9 years ago
30
0

Resource summary

Question Answer
Affidavit sworn testimony that certain facts are in the possession of the investigating officer that they feel warrant the examination of specific items located at a specific place.
Auditing the process of reviewing the use of a system to determine if misuse or malfeasance has occurred.
Candidate vulnerabilities vulnerabilities logged during scanning.
Chain of evidence (chain of custody) defined as the detailed documentation of the collection, storage, transfer, and ownership of collected evidence from the crime scene through its presentation in court.
Difference analysis a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services).
Digital forensics the investigation of what happened and how.
Digital malfeasance crime against or using digital media, computer technology, or related components (computer as source or object of crime).
Evidentiary material (EM) also known as an item of potential evidentiary value, is any information that could potentially support the organization’s legal or policy-based case against a suspect.
External monitoring domain within the maintenance model; provides early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense.
Information security operational risk assessment (RA) A key component in the engine that drives change in the information security program.
Modem vulnerability assessment process designed to find and document any vulnerability that is present on dial-up modems connected to the organization’s networks.
Penetration testing a set of security tests and evaluations that simulate attacks by a malicious external source (hacker).
Planning and risk assessment domain the primary objective is to keep a lookout over the entire information security program, in part by identifying and planning ongoing information security activities that further reduce risk.
Platform security validation (PSV) process designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization.
Vulnerability assessment and remediation domain primary objective is to identify specific, documented vulnerabilities and re-mediate them in a timely fashion. Vulnerability instances: proven cases of real vulnerabilities.
War dialing scripted dialing attacks against a pool of phone numbers.
War games rehearsals that closely match reality.
Show full summary Hide full summary

Similar

Introduction
Soul Blaze
Security+ Penetration Testing Steps and Life Cycle
Lyndsay Badding
STI's
Pip Barton
A level Henry VIII: Foreign policy
avocadolover
GCSE Biology, Module B4
jessmitchell
Maths Revision- end of year test
hannahsquires
GCSE AQA Chemistry - Unit 3
James Jolliffe
Key Biology Definitions/Terms
jane zulu
GCSE REVISION TIMETABLE
Joana Santos9567
Hard hearing
Fatima Alkhateeb
Účto Fífa 5/6
Bára Drahošová