IT 255 Review
Threat
Any action that could damage an asset
Gramm-Leach Bliley Act(GLBA)
Passed in 1999, requires that all types of financial institutions to protect private financial information
Standards
A detailed written definition for hardware and software and how it is to be used
White-hat hackers
Ethical hacking using various penetration tools to uncover vulnerabilities.
Data Classification Standards
Definition of different data types
Vulnerabilities and Threats
any weakness in a system that makes it possible for a threat to cause harm
Risk
Refers to the likely hood of exposure to danger
Causes of Security Gaps
A laps in a security control in a policy creates a gap
Cryptography
is the practice of hiding data and keeping it away from unauthorized users
Encryption
is the process of transforming data from clear text into ciphertext
Change control procedures
request-impact assessment-approval-build/test-implement-monitor
7 domains
user, workstation, LAN, LAN-to-WAN, WAN, remote access, and system/application domain
Hijacking
type of attack in which the attacker takes control of a session between two machines and masquerades as one of them
intimidation
using threats or harassment to bully another person for information
phishing
email or web pages that resemble the work of a reputable organization to capture sensitive information
social engineering
is deceiving or using people to get around security controls
black hat hacker
breaks IT security for the challenge and to prove technical powers, and poke holes in system
grey hat hacker
wannabe hacker, average abilities either becoming a black or white hat hacker
vulnerability
a weakness that allows a threat to be realized or to have an effect on an asset
risk management
process of identifying, assessing, prioritizing, and addressing risk
best password policies
A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly.
annual loss expectancy
estimated loss due to a specific realized threat.
to calculate ALE is ALE = SLE x ARO
Access Control Models
Methods used to restrict and allow access to resources.
parts of the access control model
Access Tokens-Security Descriptors-Access Control Lists-Access Control Entries-Access Rights and-Access Masks-Security Identifiers
policies
are high-level statements or rules about protecting people or systems
Baselines
Benchmarks used to make sure that a system provides a minimum level of security across multiple applications and across different products.
Phases of risk-response planning
Implementing BIA – Business Impact Analysis is a formal analysis of an organization’s functions and activities that classifies them as critical or noncritical. BCP Business Community Plan is a plan for a structured response to any events that result in an interruption to critical business activities or functions.– DRP –Disaster Recovery Plan which directs the actions necessary to recover resources after a disaster and is part of a BCP
types of attack tools used
Vulnerability scanners
Port scanners
Sniffers
Wardialers
Keyloggers
Malicious software and the types found
any software that gives partial to full control of your computer to do whatever the malware creator wants.
Malware, Spyware, Viruses, Worms, Trojans, Keyloggers, Dialer, and RootKits
Quantitative
a risk-analysis method that uses mathematical formulas and numbers to assist in ranking risk severity.
Components of access control
Authorization, Identification, Authentication, Accountability
Qualitative
a risk-analysis method that uses relatives ranking to provide further definition of the identified risks in order to determine responses to them.