Usable Sec Midterm Reviewer

Risk management

The process of identifying, assessing, and reducing risks facing an organization.

Risk identification

The enumeration and documentation of risks to an organization’s information assets.

Risk control

The application of controls that reduce the risks to an organization’s assets to an acceptable level.

Risk appetite

The quantity and nature of risk that organizations are willing to accept as trade-offs between perfect security and unlimited accessibility.

Residual risk

The risk that has not been completely removed, shifted, or planned for.

Threat assessment

The process that identifies and quantifies the risks facing each asset.

Vulnerability

Specific avenues threat agents can exploit to attack an information asset.

Risk assessment

Evaluates the relative risk for each vulnerability by assigning a risk rating or score.

Loss frequency

An assessment of the likelihood of an attack combined with the expected probability of success.

Loss magnitude (asset exposure)

The amount of an information asset that could be lost in a successful attack.

Annualized Loss Expectancy (ALE)

The expected loss per risk per year.

ALE formula: ALE = Single Loss Expectancy (SLE) × Annualized Rate of Occurrence (ARO)

Single Loss Expectancy (SLE)

The cost of a single loss event.

SLE formula: SLE = Asset Value × Exposure Factor (EF)

Annualized Rate of Occurrence (ARO)

Estimated frequency with which a threat is expected to occur within a year.

Cost-Benefit Analysis (CBA)

Determines if an alternative being evaluated is worth the cost to control the vulnerability.

CBA formula: CBA = ALE(prior) – ALE(post) – ACS (Annualized Cost of Safeguard)

Defense

A risk control strategy that attempts to prevent exploitation of the vulnerability.

Transfer

A risk control strategy that shifts risk to other assets, processes, or organizations.

Mitigate

A risk control strategy that reduces the impact of an attack rather than its likelihood.

Acceptance

A risk control strategy where the organization accepts the outcome of a vulnerability being exploited.

Termination

A risk control strategy that involves discontinuing the activity introducing uncontrollable risk.

Quantitative assessment

Risk control practices that use actual numerical values or estimates.

Qualitative assessment

Risk control practices using non-numerical measures or characteristics.

Benchmarking

The process of seeking out and studying practices in other organizations to duplicate them.

Metrics-based measures

Benchmarking measures based on numerical standards.

Process-based measures

Benchmarking measures that are strategic and less focused on numbers.

Standard of due care

Demonstrating that an organization has taken reasonable measures to protect information assets.

Due diligence

Ongoing effort to maintain proper security controls and standards over time.

Best business practices

Security efforts that provide a superior level of information protection.

Baselining

Comparison of past security activities and events against future performance.

Organizational feasibility

Assesses how well IS alternatives contribute to organizational goals.

Operational feasibility

Assesses user/management acceptance and stakeholder requirements.

Technical feasibility

Assesses if the organization can implement/support the proposed controls.

Political feasibility

Defines what can/cannot occur based on consensus among stakeholders.

Access control

Method by which systems determine whether and how to admit a user into a trusted area of the organization.

Mandatory access controls (MACs)

Use data classification schemes to enforce access rules.

Discretionary access controls (DACs)

Allow users to control access to resources they own.

Nondiscretionary controls

Strictly enforced version of MACs managed by a central authority.

Identification

Mechanism where unverified entities provide a label by which they are known to the system.

Authentication

Process of validating a supplicant’s identity.

Password

A private word or character combination known only to the user.

Passphrase

A longer series of characters used to derive a virtual password.

Dumb card

ID or ATM card with a magnetic stripe.

Smart card

Contains a chip that verifies and validates user information.

Synchronous token

Generates login codes based on time synchronization.

Asynchronous token

Generates login codes in response to a challenge.

Biometrics

Uses measurable human traits to authenticate identity.

Authorization

Matching of an authenticated entity to information assets and access levels.

Authorization tickets

Tokens used to grant access to resources.

Accountability (Auditability)

Ensures actions on a system can be traced to an authenticated identity.

Trusted computing base (TCB)

Enforces system security policy; part of TCSEC Rainbow Series.

Storage channels

Covert channels based on system storage mechanisms.

Timing channels

Covert channels based on system timing.

ITSEC

International criteria for evaluating computer system security.

The Common Criteria

Successor to TCSEC and ITSEC for evaluating IT security.

Bell-LaPadula Model

Confidentiality model based on access control.

Biba Integrity Model

Prevents “write up” and “read down” to preserve data integrity.

Clark-Wilson Integrity Model

Ensures no unauthorized changes to data or programs.

Graham-Denning Model

Access control model using objects, subjects, and rights.

Harrison-Ruzzo-Ullman Model

Defines method to manage access rights and subjects/objects.

Brewer-Nash Model (Chinese Wall)

Prevents conflicts of interest in access control.

Firewall

Device or software that prevents unauthorized data transfer between networks.

Packet filtering

Examines packet headers to allow or deny data based on IPs and ports.

Application gateways

Proxy firewalls operating at the application layer.

Circuit gateways

Manage connections based on session information.

MAC layer firewalls

Filter traffic based on MAC addresses at data link layer.

Hybrid firewalls

Combine features from multiple types of firewalls.

Static filtering

Uses fixed rules for filtering traffic.

Dynamic filtering

Updates filtering rules in response to events.

Stateful inspection

Tracks active connections using a state table.

Application layer firewall (proxy server)

Filters application-specific traffic; often in DMZ.

Packet-filtering router

Router that filters traffic based on header information.

Bastion host

Dual-homed firewall with two NICs acting as a network defender.

Screened host firewall

Combines packet filtering and proxy servers for double-layered protection.

Screened subnet firewall (with DMZ)

Uses multiple bastion hosts and routers to create a DMZ.

SOCKS server

Circuit-level proxy using the SOCKS protocol to handle TCP traffic.

Firewall rules

Logical conditions used by firewalls to allow or block traffic.

Content filter

Software that restricts access to specific web content or protocols.

War dialer

Automated tool that scans phone numbers for modem connections.

RADIUS

Central server for authenticating user credentials remotely.

Diameter

Advanced alternative to RADIUS for authentication.

TACACS

Centralized access control system validating credentials.

Kerberos

Secure third-party authentication using symmetric encryption.

Authentication server (AS)

First component in Kerberos for initial validation.

Key Distribution Center (KDC)

Issues keys for secure communications in Kerberos.

Ticket Granting Service (TGS)

Issues service tickets in Kerberos.

SESAME

European authentication system using public key encryption and privilege certificates.

Virtual Private Network (VPN)

Secure connection over a public network.

Trusted VPN

Uses leased lines; relies on trust between partners.

Secure VPN

Uses encrypted tunnels over public networks.

Hybrid VPN

Combines trusted and secure VPN technologies.

Encapsulation

Wrapping data into a secure format for transmission.

Encryption

Converts data into an unreadable format for unauthorized users.

Transport mode

Encrypts data within IP packet, not the header.

Tunnel mode

Encrypts the entire packet for secure tunneling between servers.

Microsoft ISA Server

Example of tunnel-mode VPN server.

Intrusion Detection System (IDS)

A security tool that monitors network or system activities for malicious actions or policy violations.

Network-based Intrusion Detection System (NIDS)

An IDS that monitors network traffic for suspicious activity across the entire network.

Host-based Intrusion Detection System (HIDS)

An IDS that monitors and analyzes the internals of a computing system rather than the traffic on its network.