Term
| Info for Mgmt must satisfy 7 Key Criteria: |
|
Definition
| EECIACR: Effective, Efficient, Confidential, Integrity, Available, Compliance, Reliance |
|
|
Term
| 4 Domains of COBIT Framework |
|
Definition
1. PO - Plan & Organize
2. AI - Acquire & Implement
3. DS - Deliver & Support
4. ME - Monitor & Evaluate |
|
|
Term
| The COBIT Cycle is an ______ process. |
|
Definition
| Ongoing - It constantly repeats |
|
|
Term
| 5 Categories of the Trust Services Framework |
|
Definition
1. Security
2. Confidentiality
3. Privacy
4. Processing Integrity
5. Availability
All --> Systems Reliability |
|
|
Term
| What is the foundation of the Trust Services Framework/Systems Reliability? |
|
Definition
|
|
Term
| Security is a _____ issue, not a _____ issue! |
|
Definition
|
|
Term
|
Definition
Have multiple layers of controls to avoid having a single point of failure
Ex) Use firewalls and multiple authorization methods (PW, tokens, biometrics)
Involves a combo of P,D,C controls |
|
|
Term
| Time-Based Model of Security |
|
Definition
Combo of D & C controls
P > D + C |
|
|
Term
| What is P in the Time-Based Model of Security? |
|
Definition
| P = time it takes an attacker to break through the org's preventive controls |
|
|
Term
| What is D in the Time-Based Model of Security? |
|
Definition
| D = time it takes to detect that an attack is in progress |
|
|
Term
| What is C in the Time-Based Model of Security? |
|
Definition
| C = time it takes to respond to the attack |
|
|
Term
| For an EFFECTIVE information security system, |
|
Definition
|
|
Term
| 6 Steps in an IS System Attack |
|
Definition
1. Conduct Reconnaissance
2. Attempt Social Engineering
3. Scan and map the target
4. Research
5. Execute the attack
6. Cover tracks
**I do not think we covered this in class! |
|
|
Term
| 3 ways to mitigate risk of attack |
|
Definition
|
|
Term
|
Definition
1. Training
2. Physical Access
3. Remote Access
4. Hardening
5. Encryption |
|
|
Term
|
Definition
|
|
Term
| 3 Things needed for Authorization |
|
Definition
Something person knows: user name, pw, PIN
Something person has: smart card, badge, USB device
Biometric characteristic: fingerprint, palm voice, retina |
|
|
Term
|
Definition
|
|
Term
| Authentication is implemented by: ___ & ___ |
|
Definition
| Access control matrix & Compatibility Test |
|
|
Term
P Control, Network Access
What is a Border Router? |
|
Definition
| Connects an org's info system to the Internet |
|
|
Term
P Control, Network Access
What is a Firewall? |
|
Definition
| SW or HW sued to filter info |
|
|
Term
P Control, Network Access
What is a DMZ? |
|
Definition
Demilitarized Zone
Separates network that permits controlled access from the internet to selected resources |
|
|
Term
P Control, Network Access
What is a IPS? |
|
Definition
Intrusion Prevention Systems
Monitors PATTERNS in the traffic flow, rather than only inspecting individual packets, to identify & automatically block attacks
**Issues an alert and automatically takes steps to stop a suspected attack (An IDS just issues a warning alert) |
|
|
Term
D Control
What is Log Analysis? |
|
Definition
An audit trail of system access
Process of examining logs to identify evidence of possible attacks
*Only beneficial is ROUTINELY examined
*Analyze logs of FAILED attempts b/c they could rep. an attempted attack by an ex. intruder
*Requires human judgment to interpret the reports & identify situations that are 'not normal' |
|
|
Term
|
Definition
CIRT: Computer Incident Response Team
*Deals w major incidents
1. RECOGNIZE that a prob exists
2. CONTAIN the prob
3. RECOVERY
4. FOLLOW-UP |
|
|
Term
|
Definition
CISO: Chief Information System Officer
-Independent of other IS functions
-Reports to CEO
-Works closely w person in charge of physical security
-Responsible for info security |
|
|
Term
| What are the 3 corrective controls? |
|
Definition
| CIRT, CISO, Patch Management |
|
|
Term
C Control
What is Patch Management? |
|
Definition
Process for regularly applying patches and updates to all SW used by the org
Prob w/ patches: can create new probs b/c unanticipated side effects |
|
|
Term
|
Definition
| Virtualization & Cloud Computing |
|
|
Term
|
Definition
-Multiple systems are run on one computer
-Dec maintenance costs
-Dec utility costs |
|
|
Term
|
Definition
| -Remotely accessed resources (SW apps, data storage, HW) |
|
|
Term
| Cloud Computing -Risks & Opportunities |
|
Definition
Risks - Inc risk of threats
Risk - Inc exposure if breach occurs
Risk - Reduced authentication standards
Opp - offer opp to improve overall security |
|
|
