Chapter 12 revision

Descrição

This is the last chapter of the Information security book, and it is about maintaining and evaluating the implemented information security
zikisayena
FlashCards por zikisayena, atualizado more than 1 year ago
zikisayena
Criado por zikisayena mais de 9 anos atrás
35
0

Resumo de Recurso

Questão Responda
Affidavit sworn testimony that certain facts are in the possession of the investigating officer that they feel warrant the examination of specific items located at a specific place.
Auditing the process of reviewing the use of a system to determine if misuse or malfeasance has occurred.
Candidate vulnerabilities vulnerabilities logged during scanning.
Chain of evidence (chain of custody) defined as the detailed documentation of the collection, storage, transfer, and ownership of collected evidence from the crime scene through its presentation in court.
Difference analysis a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services).
Digital forensics the investigation of what happened and how.
Digital malfeasance crime against or using digital media, computer technology, or related components (computer as source or object of crime).
Evidentiary material (EM) also known as an item of potential evidentiary value, is any information that could potentially support the organization’s legal or policy-based case against a suspect.
External monitoring domain within the maintenance model; provides early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense.
Information security operational risk assessment (RA) A key component in the engine that drives change in the information security program.
Modem vulnerability assessment process designed to find and document any vulnerability that is present on dial-up modems connected to the organization’s networks.
Penetration testing a set of security tests and evaluations that simulate attacks by a malicious external source (hacker).
Planning and risk assessment domain the primary objective is to keep a lookout over the entire information security program, in part by identifying and planning ongoing information security activities that further reduce risk.
Platform security validation (PSV) process designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization.
Vulnerability assessment and remediation domain primary objective is to identify specific, documented vulnerabilities and re-mediate them in a timely fashion. Vulnerability instances: proven cases of real vulnerabilities.
War dialing scripted dialing attacks against a pool of phone numbers.
War games rehearsals that closely match reality.

Semelhante

Introduction
Soul Blaze
Security+ Penetration Testing Steps and Life Cycle
Lyndsay Badding
Cinemática Escalar: Conceitos fundamentais
Bruno Fernandes3682
Cronologia da história do Mundo
Alessandra S.
ADJETIVOS
Viviana Veloso
LICITAÇÕES
roberta.dams
Prazos – TJ – SP
andre.cuevas
LICITAÇÕES (visão geral)
Priscila Franco Andrade
Atualidades
GoConqr suporte .
Quiz (Interpretação Textual) - T6s
Rodrigo de Freit9506
2a Lei de Mendel
Andrea Barreto M. Da Poça