Chapter 18: Security Assessments Flashcards
BAS
breach and attack simulations
breach and attack simulations
automated systems which launch simulated attacks against a target environment and generate reports on their findings
synthetic transactions
scripted events which mimic behaviors of real users and allow security professionals to systematically test the performance of critical services
misuse case
use case which includes threat actors and the tasks they want to perform on the system
test coverage
a measure of how much of a system is examined by a specific test (or group of tests)
interface testing
systematic evaluation of a given set of exchange points for data between systems and/or users
Internal audits are the preferred approach when …
the budget for security is limited or nonexistent
security audit process does not include
a management review
external audit
to ensure contractors are meeting contractual obligations
compliance audit
applies regulatory or industry standards and would almost certainly be a third-party audit
scanning hosts for malware
anti-virus not vulnerability scanning
to protect security event logs from tampering …
use remote logging over simplex communications media; the remote logger would have to be compromised to tamper with logs and the simplex channel hinders the attacker
synthetic transactions are …
a way to test the behavior and performance of critical services
misuse case testing allows ..
org to document an adversary’s desired actions on a system and the controls meant to thwart them
fuzzing
technique for detecting flaws in code by bombarding it with massive amounts of random data; not part of a code review, which focuses on analyzing the source code and not its response to random data
