91 terms

Net Sec Final

Network Security Final
False Attack Stimulus
An event that triggers alarms and causes a false positive when no actual attacks are in progress.
Involves activities that gather information about the organization and its network activities and assets.
Centralized IDPS control strategy
All IDPS control functions are inplemneted and managed in a central location
Honey Pots
A decoy system designed to lure potential attackers away from critical systems.
is the organized research of the internet address owned or controlled by a target organization
Packet Sniffer
is a network tool that collects copies of packets form the network and analyzes them
a wireless security toolkit should include the ability to sniff wireless traffic, scan wirelss hosts, and assess the levl of privacy or confidentiality afforded on the wireless network.
the use of biometric based authentication is expected to have little impact in the future because of technical and ethical issues
are unique points of reference that are digitized and stored in an encrypted format when the user's system access credentials are created.
False reject rate
the percentage of identification instances in which authorized users are denied access a result of a failure in the bio metric device
many biometric systems that are highly reliable and effective are considered somewhat intrusive to users
Corporate security addresses the design, implementation, and maintenance of counter measures that protect the physical resources of an organization.
General Management
Is responsible for the security of the facility in which the organization is housed and the policies and standards for secure operations
Information Technology management Professionals
are responsible for environmental and accesss security in technology equipment locations and for the policies and standards of secure equipement
Information Security Management professionals
Perform risk assesments and implementation reviews for the physical security controls implemented by other groups
Secure Facility
A physical location that has been engineered with conrols designed to minimize the risk of attacks from physical threats
Proximity reader
reader does not requires the insertion of the keycard into the reader but relies on the placement of the card within the locks range to be recognized
Biometric Locks
Finger, palm, and hand readers, iris and retena scanners, and voice and signature readers are examples of
to record events within a specific area that guards and dogs might miss, or to record events in areas where other types of physical controls are not practical, is called electronic monitoring.
why type of control notes the occurance of some condition and then performs some type of notification activity
Flame point
the temperature at which a type of material will ignite is known as the
Photoelectric detection
use infrared light to detect an object or person passing through a beam.
Class A materials
fires that involve the ordinary combustibale fuel, such as wood, paper, textiles, rubber, cloth, and trash, belong to
Class B materials
Fires fueled by combustible liquids or gases, such as solvents, gasoline, paint, lacquer, and oil. Use carbon dioxide, multipurpose dry chemical, and halon fire extinguishers
Class C materials
Fires with energized electrical equipment or appliances. Use carbon dioxide, multi-purpose dry chemical, and halon fire extinguishers
Class D materials
Fires fueled by combustible metals, such as magnesium, lithium, and sodium. Use special extinguishing agents and techniques
Dry pipe
Fire suppression system is designed to work in areas where electrical equipmetn is used. instead of the system containing water it contains pressurized air
fire suppression system employs a 2 phase response to a fire. the system is normally maintained with nothing in the delievery pipes. when a fire has been detected the first phase is initiated and valves allow water to enter the system
Clean agent
a fire suppression agent that does not leave a residue when dry, nor does it interfere with operation of electrical or electronic equipment
Standby or offline UPS
when the power stops flowing to the equipment, what type of UPS activates a transfer switch, which provides power from the batteries through a DC-to-AC converter until the power is restored or the computer is shut down
True online UPS
Type of ups, the primary power source is the battery and the power feed from the utility constantly recharges this battery.
Off site computing that uses internet connections, dial up connections, conections over leased point to point links between offices and other connections mechanisms
Like other organizational resources computing equipment should be inventoried and inspected on a regular basis
Encryption is a process of hiding information and has been in use for a long time
Julius caesar was associated with an early version of the substitution chipher
process of converting an aoriginal message into a form that is unreadable to unauthorized individuals
is the information used in conjucntion with an algorithm to create the cipher text from the plain text or derive the plain text from cipher text
Is the Science of encryption
is the process of making and using codes to secure the transmission of information
Hashing functions require the use of keys
Message Digest
is a fingerprint of the authors message that is to be compared with the reciever's locally calculated hash of the same message
285 computers could crack a 56 bit key in one year, where as 10 times as many could do it in little over a month
Key Space
is the entire range of values that can possibly used to construct a individual key
RSA algorithm
was the first public key encryption algorithm developed in 1977 and published for commercial use
popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms
PKI systems are based on public key crypto systems and include digitial certificates and certificate athorities
Non repudation means that customers or partners can be held accountable for transactions such as online purchases which they cannot later deny
Process of hiding a message
is a hybrid cryptosystem originally designed in 1991 by phil zimmerman
Timing Attack
the attacker usually eaves drops during the victims session and uses statistical analysis of teh users typing patterns and inter key stroke timings to discern sensitive session information
if an organization deals successfully with change and has created procedures and systems that can be adjusted to the environment, the existing security improvement program can continue to work well
constant review
and effective information security governance program requires
Interconnecting systems
defined as the direct connection of 2 or more infromation systems for sharing data and other information resourses
indformation security technical controls are not affected by the same factors as most computer based technologies
Contingency planning
consists of a process for recovery and documentation of proceddures for conducting recovery
the first clue that an attack is underway often comes from reports by the observant users
repairing known vulnerabilities in any of the network system environment
the objective of the internal monotoring domain is to provide the early awareness of new and emerging threats, threat agents, vulnerabilities and attacks that is needed to mount an effective and timely defense
Internal Monitoring Domain
maintain an informed awareness of the state of all of the organizations network, information systems and informations security defenses
Planning Risk Assesment
Primary objective is to keep a look out over the entire information security program
Vulnerability assessments and remediation
identifies specific documented vulnerabilities and thier timely remediation
readiness and review
keeps the information security program functioning as designed and to keep it continuously improving over time
Platform security validation
process is designed to find and document the vulnerabilities that may be present because of misconfigured systems in use within the organization
is the coherent application of methodical investigatory techniques, to present evidence in crimes in a court or court like setting
evidentiary material
any information that could potentiall support the organizations legal or policy based case against a suspect
Offline Model
data aquisition is where the investigator removes the power source and then uses a utility or special device to make a bit streams sector by sector copy of the hard drives contained in the system
in information security most operations focus on
during the analysis phase a ___________ feasibility study should have been conducted that addressed the impact of the changes necessary for implementation
the best balance between compliance and security needs
whre should organizations place the infromation security organization
build administer define
according t schwartz erwin weafer and briney positions can be classified into one of three areaas those that ____ those that _____ and those that ______
Chief information security officer. typically the top information security employee in the organization
Security Manager
accountable for day to day operations of the infrormation security program
Security Technician
qualified individual who are tasked to configure firewalls deploy IDS implement security software, diagnose and troubleshoot problems and coordinate with systems and network administrators to ensure that security technology is operating to protect the organization
Security consultant
is typically an expert in some aspect of information security and may have been the CISO and have CISSP credentials
Personal secuirty addresses the isssues needed to protect items objects or areas
Personnel security
addresss the protection of individuals or groups authorized to access an organization
Communications security
emcompasses the protection of an organization communications media technology and content
ownership or control of information is called the characteristic of
if information has a state of being genuine or original and is not a fabrication is has the the characteristic of authenticty
characteristic of information that deals with preventing disclosure
is one of 2 certificates offered by the international information systems
Global Information Assurance Certification . Certifications require the applicant to complete a written practical assignment
CISA certification
Certified information systems auditor while not specifically a security certification contains many information security componants
Security consultant
can determine the level of trust the business places in the individual
once a candidate has accepted the job offer, the employment _______ becomes an inportant security instrument
Job descriptions, training sessions, performance evaluations
to heighten information security awareness and change workplace behavior organizations should incorporate information security components into employee ____
employees are typically hired usually under the arrangements with another company to perform specific services for the organization
Seperation of duties
is a control used to reduce the chance of an individual violation information security and breaching the confidentiality, integrity or availibility of the information
when 2 or more people comspire to steal
Job rotation
is the requirement that every employee be able to perform the work of another employee
Least priviliage
employees should be provided access to the minimal amount of information for the minimal amount of time necessary for them to perform thier duties