Chapter 12 revision

zikisayena
Flashcards by zikisayena, updated more than 1 year ago
zikisayena
Created by zikisayena almost 6 years ago
10
0

Description

This is the last chapter of the Information security book, and it is about maintaining and evaluating the implemented information security

Resource summary

Question Answer
Affidavit sworn testimony that certain facts are in the possession of the investigating officer that they feel warrant the examination of specific items located at a specific place.
Auditing the process of reviewing the use of a system to determine if misuse or malfeasance has occurred.
Candidate vulnerabilities vulnerabilities logged during scanning.
Chain of evidence (chain of custody) defined as the detailed documentation of the collection, storage, transfer, and ownership of collected evidence from the crime scene through its presentation in court.
Difference analysis a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services).
Digital forensics the investigation of what happened and how.
Digital malfeasance crime against or using digital media, computer technology, or related components (computer as source or object of crime).
Evidentiary material (EM) also known as an item of potential evidentiary value, is any information that could potentially support the organization’s legal or policy-based case against a suspect.
External monitoring domain within the maintenance model; provides early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense.
Information security operational risk assessment (RA) A key component in the engine that drives change in the information security program.
Modem vulnerability assessment process designed to find and document any vulnerability that is present on dial-up modems connected to the organization’s networks.
Penetration testing a set of security tests and evaluations that simulate attacks by a malicious external source (hacker).
Planning and risk assessment domain the primary objective is to keep a lookout over the entire information security program, in part by identifying and planning ongoing information security activities that further reduce risk.
Platform security validation (PSV) process designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization.
Vulnerability assessment and remediation domain primary objective is to identify specific, documented vulnerabilities and re-mediate them in a timely fashion. Vulnerability instances: proven cases of real vulnerabilities.
War dialing scripted dialing attacks against a pool of phone numbers.
War games rehearsals that closely match reality.
Show full summary Hide full summary

Similar

Introduction
Soul Blaze
FCE Practice Quiz - B2
miminoma
Creating Mind Maps with GoConqr
Andrea Leyden
SISTEMAS NERVIOSO Y REPRODUCTIVO
Gerardo Corona García
Teoria del Consumidor y del Mercado: Oferta, Demanda y Precio
Camila Nicole Quijano Escobar
PERFIL PROFESIONAL DE LA ESCUELA DE OBSTETRICIA
Pamela Roman Nontol
New GCSE Maths required formulae
Vicki Causer
Mapa Mental para Resumir y Conectar Ideas
Humberto Navas
Enfermedades cerebrales
EDUARDO JOSELO BARRAGAN VERDEZOTO
MAPA CONCEPTUAL DE POLITICAS PUBLICAS
mica mksssad
GCSE AQA Physics - Unit 3
Jeffrey Piggott