ACRONYMS Flashcards
PDCA
Plan
Do
Check
Act
ISMS
information security management systems
Data Integrity
hashing that data.
STRIDE
Spoofing Tampering Repudiation Information disclosure Denial of service Elevation of privilege
Microsoft threat modeling / categorization - used in assessing threats against networks and / or O/S’s.
PASTA
Process for Attack Simulation and Threat Analysis.
PASTA is a risk-centric approach to THREAT MODELING countermeasures in relation to the value of the assets being protected.
Seven steps - each step / stage
VAST
Visual
Agile
Simple Threat
THREAT MODEL based on Agile development.
DREAD
Damage potential Reproducibility Exploitability Affected users Discoverability
NIST
National Institute of Standards and Technology (NIST)
is charged with the security management of all federal government computer systems that ARE NOT USED to process SENSITIVE national security information.
IDEAL
Initiate
Diagnose
Evaluate
Act
Learn
= software development life cycle
SW-CMM, CMM opr SCMM
Software Capability Security Model
I R D M O
Initial Repeatable Defined Managed - quantitative measures utilized Optimizing
RDBMS
Relational Database Management System
A relational database = two-dimensional tables made up of rows and columns.
Tables = relation Row = tuple Column = field
# of rows in RDBMS = cardinality # of columns in RDBMS = degree
3 Keys > to identify records
Candidate Keys = identify any record
Foreign Keys = two tables
Primary Keys = identify records in a table
RDBMS
ACID model
All database transactions
Atomicity —> if any part of transaction fails the entire trans must be rolled back
Consistency –> database must be consistent before / after
Isolation –> each transaction should be isolated
Durability –> committed transactions must be preserved.
