Looks like no one added any tags here yet for you.
Risk
Likelihood that something bad will happen to an asset
Threat
Any action that could damage an asset
Vulnerability
A weakness that allows a threat to be realized or to have an effect on an asset
Cryptography
Practice of hiding data and keeping it away from unauthorized users
Encryption
The process of transforming data from cleartext into ciphertext
Ciphertext
The scrambled data that is the result of encrypting cleartext
Cleartext
Regular
Integrity
Maintain valid
Availabioolity
The amount of time users can use a system
Uptime
Measure of how long a computer system has been operating without restarting.
Downtime
Refers to a period of time when a system is unavailable
Availability formula
A = (Total Uptime)/(Total Uptime + Total Downtime)
Mean time to failure (MTTF)
The expected time until the first failure of a piece of equipment
Mean Time to Repair (MTTR)
The average time required to repair a system or piece of equipment
Mean Time Between Failures (MTBF)
the average length of time between failures of a product or component
Recovery Time Objective (RTO)
The overall length of time an information system's components can be in the recovery phase before negatively impacting the organization's mission or processes
Recovery Point Objective (RPO)
Maximum amount of data that can be lost without substantial impact
What is the weakest link in the security of an IT Infrastructure
The user
Policy
A short written statement that defines a course of action that applies to entire organization
Standard
A detailed written definition of how software and hardware are to be used
Procedures
Written instructions for how to use policies and standards
Guidelines
Suggested course of action for using policy
Private data
Classification standard: Data about people that must be kept private
Confidential
Classification standard: Information or data owned by the organization
Internal use only
Classification standard: Information or data shared internally by an organization
Public domain data
Classification standard: Information or data shared with the public
Minimum level of classification levels
Three
Real-time
Occurs instantaneously
Store-and-forward
Acceptable delay in transmitting communication
E-commerce
Sale of goods and services on the internet
Business-to-consumer (B2C)
Customers purchase goods and services directly from their website
Business-to-business (B2B)
Businesses conduct sales with other businesses
Payment Card Industry Data Security Standard (PCI DSS)
Protects private customer data
Black-hat
A hacker who attacks systems and exposes vulnerabilities with malicious intent most often for monetary gain
White-hat
A hacker who exposes security flaws in applications and operating systems so manufacturers can fix them before they become widespread problems.
Gray-hat
A skilled hacker who falls in the middle of white hat and black hat hackers. The gray hat may cross the line of what is ethical
Crackers
A type of hacker who specializes in breaching copy protection on software allowing it to be pirated
What is a Security Breach?
Any event that results in a violation of any of the CIA security tenets
Denial of Service Attack
A coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks
Unacceptable Web Browsing
Defined in an acceptable use policy (AUP)
Backdoors
Hidden access included by developers
Disclosure threats
Sabotage
Alteration threats
Unauthorized changes
Denial or destruction threats
DoS attack
Virus
-Attaches itself to or copies itself into another program on a computer -Tricks the computer into following instructions not intended by the original program developer -Infects a host program any may cause that host program to replicate itself to other computers -User who runs infected program authenticates the virus
Worm
-A self-contained program that replicates and sends copies of itself to other computers without user input or action -Does not need a host program to infect -Is a standalone program
Trojan Horse
-Malware that masquerades as a useful program -Trojans can: -Hide programs that collect sensitive information -Open backdoors into computers -Actively upload and download files
Logic Bomb
Malware which wats for a particular condition to exist (e.g. no input for a certain time period
a certain time and date
etc.) and then does something malicious.
Rootkit
-Modifies or replaces one or more existing programs to hide traces of attacks -Many different types of rootkits -Conceals its existence one installed -Is difficult to detect and remove
Spyware
A type of malware that specifically threatens the confidentiality of information
Firewall
-Program or dedicated hardware device -Inspects network traffic passing through it -Denies or permits traffic based on a set of rules
Business Impact Analysis (BIA)
An analysis of an organization's functions and activities that classifies them as critical or noncritical
Business Continuity Plan (BCP)
A written plan for a structured response to any events that result in an interruption to critical business activities or functions
Disaster
An event that affects multiple business processes for an extended period
Disaster Recovery Plan (DRP)
A written plan including specific steps and procedures to recover from a disaster
Hot site
Has environmental utilities
Warm site
Has environmental utilities and basic computer hardware
Cold site
Has basic environmental utilities but no infrastructure components
Mobile site
Trailer with necessary environmental utilities
Security gap
Difference between the security controls in place and controls you need to address vulnerabilities
Gap analysis
Comparison of the security controls in place and the controls you need to address all identified threats
Sarbanes-Oxley Act (SOX)
requires all financial reports to include an internal controls report
Health Insurance Portability and Accountability Act (HIPAA)
a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed with the patient's consent or knowledge
Gramm-Leach-Bliley Act (GLBA)
Requires organizations to explain their information-sharing practices to their customers and to safeguard sensitive data
Federal Information Security Modernization Act (FISMA)
Requires stricter guidelines for how data is handled in order to reduce risk of a cyberattack
Government Information Security Reform Act (Security Reform Act) of 2000
a federal law requiring offices of the U.S. government to develop a security program to assess its risk to security threats and ways to protect from them
Authentication
verifying the identity of the person or device attempting to access the system
Authorization
Controlling what the user is allowed to do on a system
Physical Access Control
Controls entry into buildings
Logical Access Controls
Controls access to a computer system or network
Intrusion Detection System (IDS)
A program responsible for identifying attacks
Network-Based Intrusion Detection System (NIDS)
A system for examining network traffic to identify suspicious
host-based intrusion detection system (HIDS)
Software processes or services designed to run on server computers
Demilitarized zone (DMZ)
A physical or logical subnetwork which contains and exposes an organization's external-facing services to an untrusted
MAC (Media Access Control) address
Unique 48-bit address assigned to each network card. IEEE assigns blocks of possible addresses to various NIC manufacturers to help ensure that the address is always unique. The Data Link layer of the OSI model uses MAC addresses to locate machines.
Black-box testing
Uses test methods that aren't based directly on knowledge of a program's architecture or design
White-box testing
Is based on knowledge of the application's design and source code
Gray-box testing
Lies somewhere in between black-box and white-box testing
Event
A measurable occurrence that has an impact on the business
Incident
Any event that violates or threatens to violate your security policy
Control
Includes both safeguards and countermeasures
Countermeasure
Counters or addresses a specific threat
Single Loss Expectancy (SLE)
The expected monetary loss every time a risk occurs.
Annualized Rate of Occurrence (ARO)
The number of incidents per year
Annualized Loss Expectancy (ALE)
How much monetary loss is expected every year
Critical Business Functions (CBF)
Activities that are vital to your organization's survival and to the resumption of business operations.
Maximum Tolerable Downtime (MTD)
The maximum period of time that a business process can be down before the survival of the organization is at risk.
Emergency Operations Center (EOC)
Physical location identified for coordination of information and resources to support incident management activities.
Decryption
The process of unscrambling ciphertext into plaintext
Alogorithm
A repeatable process that produces the same result when it receives the same input
Cipher
An algorithm to encrypt or decrypt information
Symmetric Encryption
the same key is used to encode and decode
Assymetric Encryption
used in public key encryption
Keyspace
The number of possible keys to a cipher
Open ciphers
Make it possible for experts around the world to examine the ciphers for weaknesses
Data Encryption Standard (DES)
The most scrutinized cipher in history
Cryptanalysis
the study and practice of finding weaknesses in ciphers
Nonrepudiation
Enables you to prevent a party from denying a previous statement or action.
Transposition ciphers
Rearranges characters or bits of data