Term
|
Definition
- structured process of denying advesaries to critical info
|
|
|
Term
|
Definition
- ID Critical Information
- Analyze Threat
- Analyze Vulnerabilities
- Assess risk
- Apply suitbale OPSEC measures
|
|
|
Term
|
Definition
- User safeguard info; protect credentials
- System Admin implement operational environment for applications & users; AVAILABILITY; backup & restore, maintenance
- Security Admin pw maintenance, review logs, FW admins, review SW updates, maintain audit logs
|
|
|
Term
| OPSEC Protection Areas (4) |
|
Definition
- Security Clearance
- PW/PW Mgt issue pw, how often change, enforce strong pw
- Account Characteristics usernames, pw, age limits, account status, user groups like Admin/Server Operators/Account Operators/Print Operators
- Special Privileges need to know & least privilege, advice from owners
|
|
|
Term
|
Definition
- description of security relevent elements about each user in system
- username
- group memberships
- PW strength, requirements
|
|
|
Term
|
Definition
- Redundancy
- Fault tolerance
- Backup and restore
- Material safeguarding safeguarding classified info; AC
- Material Destruction
- Material Reuse
|
|
|
Term
|
Definition
- Preventive
- Detective
- Corrective
- Directive
- Recovery
- Deterrent
- Compensating
|
|
|
Term
|
Definition
- SoD
- Need to Know
- Least Priv
- Job Rotation
- Mandatory Vacations
- Antivirus Mgt
- Audit
- Closed Shop
- Change Ctrl
|
|
|
Term
|
Definition
- practice of recording sec.-relevant events in audit file for future analysis
- internal/ext
- system/app/user-level
- admin enables
- admin selects events
- record in log
|
|
|
Term
|
Definition
- reduce log size
- eliminates more media storage
- set limit on # of logs for incident
|
|
|
Term
|
Definition
- ID Event
- Time of Event
- ID of individual/process causing event
System logs:
- login attempt
- login success/fail
- logouts
- applicatin accessing
- file creations/deletions/modificaitons
- account creation/modification/deletion
Application/DB Audit Logs:
- transaction processed
- data status before/after transactions
- transaction failures/backout
|
|
|
Term
|
Definition
- practice of monitoring operations controls to ID abnormal computer activity
- IDS/Penetration Testing/Violation Processing
|
|
|
Term
|
Definition
- tracks anomalies in user activity
- also known as violation processing/tracking
- uses clipping levels
|
|
|
Term
|
Definition
- source
- frequency
- severity
- response
|
|
|
Term
|
Definition
- disclosure
- destruction
- interruption of service
- corruption/modification
- theft
- espionage
- hacker/crackers
- malicious code
|
|
|
Term
| Unauthorized Access is . . . |
|
Definition
|
|
Term
| Security Violation Types (2) |
|
Definition
- Physical unauth access to facility/theft/damage/disconnect electric&com
- Logical pw crack/man-in-middle/insert virus/pw compromising/social engineering
|
|
|
Term
|
Definition
- System cleaning clean of attack to return to operational state (trusted recovery);virus removal/restore/reload SW & data
- Assessing training/awareness
- Evaluating protection updating security policies; testing current security
- Vulnerability testing ID system flaws
|
|
|
