Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security > Gary's > Flashcards

Gary's Flashcards

1
Q

Security Model

A

Formal description of Security Policy. Abstraction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Security Model ensures:

A

Confidentiality. Integrity. Availability. Non-Repudation. Authenticity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Static Security Model

A

Treasure kept safe with defence, encrypted. Guard protects entrance for owner to access, keeps out foe Layered Defense method.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Information Passing Security Model Description+Threat:

A

When info is transferred and processed resulting in an action. Threat: Hacker being able to manipulate information to influence action to perform.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Information Passing Security Model Components:

A
  • Information.
  • Communication
  • Processing
  • Action
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Information Passing Security Model Potential attacks:

A
  • Original data manipulated
  • Data manipulated in transit
  • Disruption of communication
  • Interference with Processing
  • Nullification of Action
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Security Administration. Contains:

A
  • Planning
  • Risk Analysis
  • Policy
  • Physical Control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Planning :Contains

A
  • Security Plan
  • Incident Response Plan
  • Business Continuity Plan
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Planning. Purpose:

A
  • Stop & Contain: Events quickly dealt with. Categorise and classify incidents.
  • Eradicate: Minimise effects of incident.
  • Report: Assess and deal with security vulnerabilities.
  • Follow-up: Learn lessons, review Action plan.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Security Plan: Aim

A
  • Stop and contain the incident
  • eradicate the effects of the incident
  • Review what went wrong and how the incident happened
  • Follow up by changing the security plan
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Security Plan contains

A
  • Requirements: Check they are: Correct, Consistent, Complete, Realistic, Need, Verifiable, Traceable.
  • Constraints: Budget, schedule, performance, regulations.
  • Reccomendations for implementations
  • Accountability: Who is accountable for each req?
  • Timetable
  • Update Policy - to dictate when to be updated
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Incident Response Plan defines

A
  • What an incident is
  • Assign a person to handle it
  • Describe plan of action
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Incident Response Plan. Contents:

A
  • Advance Planning - Everybody trained and know what to do.
  • Triage - First assessment of damage
  • Managing Incident. Who is in the team. What actions to do - Preserve evidence, react legally, record.
  • Review - What went wrong? Did the security plan work as planned?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Business Continuity Plan

A

Documents used by a company to continue to function during a computer security incident. Used to help how to cope during the incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Business Continuity Plan. Must:

A
  • Assess Impact to Business

- develop strategy to deal with the problems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions