All Flashcards
LOIC
Low Orbit ION Canon - Create large-scale
denial-of-service attacks with little knowledge required.
Reconnaissance Attacks and Tools
IP Probes, Port Scans, Vulnerability SCans
Nmap, Saint, Satan
Federal Sentencing guideline
Formalised the prudent man rule and applied it to informaton security
Federal Information security management act (FISMA)
Secuirty program that covers Agency & contractors
National Information Infrastructure protection attack
Amend Computer Fraud and Abuse Act to include protections for the portions of national infrastructure
CCTV
Technical Physical Control and also detective and deterrent
Screen Scraping
Used in 2 instances:
The idea is that the screen on the target machine is scraped and shown to the remote operator.
Second, screen scraping is a technology that can allow an automated tool to interact with a human interface. For example, Google requires that all searches be performed
through a Google web search form field.
Disaster - Restoration
Returns Business facilities and environments to a working state
Disaster -Recovery
Returns Business Operations and process to a working state
Phreaker tools
Black Box - Manipulate line voltages to steal long distance call
Red Box - Simulates tones of coins deposited in pay phone
Blue Box - simulate 2600 Hz tones to interact directly with telephone network trunk systems (that is, backbones). This could be a whistle, a tape recorder, or a
digital tone generator.
White Box - used to control the phone system. A white box is a dual-tone multifrequency (DTMF) generator (that is, a keypad)
Internal Investigation
Gather most variety of your information with voluntary surrender
Polymorphic Virus
Changes the code as they travel from system to system. Destruction and propagation technique is the same but signature is slightly different.
Fourth Amendment
protect individuals against wiretapping and invasions of privacy
Admissible Evidence
Material, Relevant and Competent
Administrative law
Form of policies, procedures, and regulations that govern the daily operations of the agency.
Procedures to be used within a federal agency to obtain a desk telephone to more substantial issues such as the immigration policies that will be used to enforce the laws passed by Congress.
Code of Federal Regulations
Encrypted Virus
Use “Virus decryption routine” which has cryptographic information.
Uses different cryptographic keys to make the code different.
But they have telltale signature so that antivirus can identify it,
Code Of ethics
1) Protect Society, the common good, necessary public trust, and confidence and infrastructure.
2) Act honorably, justly, responsibly and Legally
3) provide diligent and competent services to principals
4) Advance and Protect profession
Family Education Rights and privacy Act (FERPA)
Rights of students and parents of minor students
Security Triple
Relationship between Asset, Vulnerability and threat
Real/Conclusive Evidence
Things that canbe brought to the court - murder weapon, clothing or physical object
Documentary Evidence
Written items brought into court to prove a fact at hand and should be authenticated.
Best Evidence Rule
Only original document and no copies are accepted
Parol Evidence Rule
When agreement between parties is put into written form, the written document is assumed to contain all the terms of the agreement and no verbal agreements may modify the written agreement
Chain of Evidence
■General description of the evidence
■ Time and date the evidence was collected
■ Exact location the evidence was collected from
■ Name of the person collecting the evidence
■ Relevant circumstances surrounding the collection
Industrial Espionage
Business attack
