chapter 2 part 2 Flashcards
what is top management of security?
means that the CEO communicated with the CSO Chief security officer and provides support through staffing, financial support and the CEO follows security practices.
how does the human resource department interact with the security department?
provides training for staff, hires and fires staff and is called when security rules are broken.
what are the top 3 auditing departments in a corp?
internal, financial and I.T. Auditing (sometimes contains security auditing as well)
what are the auditing departments (3) and what do they do?
internal auditing: controls and efficiency of organization
Financial auditing: efficiency and controls for fiances
I.T. auditing: audits Information Technology processed and sometimes has the Security auditing within its department… this allows the IT to blow the whistle on its own CSO chief security officer if needed without blow-back.
Due diligence?
closely auditing or checking the security of a competitor, business partner or other organization that will gain access to company resources before giving them access.
if a company outsources IT services what is common an why?
email: because email malware and spam is constantly changing and it is cost effective to have a company handle this for you.
what is email fingerprinting?
spam that is known is then scanned by a device for characteristics. these characteristics are then checked for in new emails and then if found those emails are discarded as spam: urls, etc. Very few false positives
Rate controls?
controls the rate emails can be sent from/out of an organization because sometimes servers are hacked and used to send spam to others causing bandwidth issues, etc.
sender and recipient verification?
reverse DNS lookup is used to make sure entries are verified senders/ receivers and are legit.
whitelisting?
an email outsourcing tool/server is used to scan all emails. this service deletes all known spam. any email that could be spam is then forwarded to a specific email/ user to be identified as spam or safe.
MSSP?
Managed Security Service Provider
MSSP detail
Managed Security Service Provider: a server is placed on company network but is remotely accessed by another company that looks at the logs of all events and rates each event in a tier number system as a security risk. these logs are both of employees and external threats. allows blowing of whistle on all threats regardless of internal or not. security alerts are sent to the security department via email/pager.,
TCI?
Total Cost of Incident: accounts for lawsuits, fines etc and is sometimes used in the classic risk analyst calculations.
ROI?
Return on Investment: often not shown well in IT security because it is hard to predict damage cost if not used.
Classic risk Analysis is what?
a mathematical calculation that checks the risk of a company’s resources vs the cost of implementing diff. security measures. numbers should not be taken at face value, lawsuits and fines are not always calculated.
