Chapter 8 Flashcards
What is the idea of employing multiple layers of controls to avoid a single-point-of-failure?
Defense-In-Depth. Foir example - using not only firewalls but also multiple authentication methods (passwords, tokens, and biometircs)
ExplAin the time-based model of security
Implementing a combination of preventive, detective, and cocrective controls that protect information assets long enough to enbale an organization to recognize tht an attack is occuring and take steps to thwart it before any information is lost or compromised.
Explain the P > D+C model in time-based security
P = Time is takes an attacker to break through an organization’s preventive controls. D is the time it takes to detect that attack is in prgress. C is the time it takes to respont and take corrective action, if P> D + C, then we good
Basic steps used by criminals to attack system?
- Conduct reconnaisance (learn as much as possible to identify weknesses)
- Attempt social engineering (deception to gain unauthorizaed access to information.
- Scan and map the target (if socialk engineeing didnt work, do more recon ton find potential points of remtoe entry)
- Research - (once identified targets, conduct research to see what programs sued, then find weaknesses)
- Execute attack
- Cover the tracks (create “back dorrs” that can be sued to obtain access if initial attack is discovered
See table 8-1 p. 233 for a summary of predictive, detective, and corrective IS controls
See table 8-1 p. 233 for a summary of predictive, detective, and corrective IS controls
Examples of social engineering
over telephone (pretending to be an employee), spear phishing (sending e-mails as a relative and the employee opens a link to a virus), spreading USB’s around the driveway
NIC’s are
Network Interface Cards - Unique identifiers on printers, workstations, or any computing device. They connects to the organizations internal network.
A ___ ___ matrix is often used to implement authorization controls
Access control matrix - see figure 8-4 p 237. It should be updated regularly to reflect changes in job duties due to promotions or transfers, so a n employee wont accumulate rights and privileges not right for segregation
What is the compatibility test
matching user’s authentication credentials against the access control matrix to determine
Preventive Controls in regards to people?
Creation of a “securty-aware” culture
Training
a limit check would be a
corrective control
three types of credentials to uniquely identify users
- biometic indentifiers
- smart cards or ID badges
- PIN’s and Passwords
preventive controls from training people consists of
teaching people things like never divulging passwords, no piggybacking (letting people in), , teaching senior employees new things about teachnology. However, security training will only be effective if management clearly demonstrates that it supports employees who follow prescribed policies.
Multifactor authentication vs multimodal authentication
Multifactor - used two or more TYPES of authentication in conjunction.
Multimodal - use the same type to achieve a greater level of security
Authentication vs. Authorization
Authentication - Verifying the
identity of the person or device attempting to access the
system.
Authorization - the process of restricting access of authenticated users to specific portions of the system and limiting what actions they are permitted to perform.