General Security 1 Flashcards
Which Security Control Categories are there?
-
Technical
Controls implemented using systems
Automated mechanisms and Technology
Firewall, Anti-Virus -
Managerial
Implemented by Manager / Administrator
Security Controls, Standard operating procedures, Access Control, Incident response plan -
Operational
Implemented by people instead of systems
Security Guards, Awareness Training -
Physical
Limiting physical access
Fences, Guard Check, Walls, Badge Readers
Which Control Types are there?
-
Preventive
Limitation of access to resource
Firewall Rule, Fence, Badge -
Deterrent
Discourage Intrusion
Warning signs, Front desk reception -
Detective
Identify and log an intrusion atempt
Collect and review of system logs, login reports, patrol of property -
Compensating
Countermeasures to mitigate risk
May be temporary -
Directive
Designed to establish desired outcome
File storage policies, compliance policies, signs
What describes non-repudiation?
-
The Integrity of Data
Nothing has been changed -
Proof of Origin
Where does the Data comes from?
Can be achieved via:
Hashing
Digital Signature
What are Planes of Operation?
- Splitting Network into Funtional Planes
Data Plane
* Everything related that helps processing data within Network
* Frames, packets, network data
Control Plane
* Manages Control of processed Data
* Defines Rules and Policies
* How packets should be forwarded
* Routing table, session tables, NAT table
What are Security Zones?
- Zones following different rule sets of access
- Trusted, untrusted
- internal, external
- differentiated by departments
How to Evaluate or Control Security Controls?
Adaptive Identity
* Approach that can change and adjust how it verifies or recognises a persons identity based on different circumstances or behavior
* Multiple Risk indicators: Physical location, Type of connection, IP Address
* Result: Make authentication stronger if needed
Threat Scope Reduction
* Decrease possible entry points to a system
Policy driven Access Control
* Combination of adaptive Identity with predefined rules
How are Security Zones enforced?
Policy Enforcement Points (PEP)
* Gatekeeper of all traffic traversing the network
* Gathers all information of traffic
Policy Decision Point (PDP)
* Examines authentication provided by PEP and makes decision if communication should be allowed or not
Consists of:
Policy Engine
* Evaluates each accewss decision based on policy
* Grant, Evoke, Revoke
Policy Administrator
* Communicates with Policy Enforcement Point
* Generates tokens, credentials
How does a typical change approval process looks like?
- Complete Request form
- Determine Purpose of change
- Determine affected systems and impact
- Analyze Risks accociated with it
- Approval from change control board
- Get end-user acceptance after change is completed
What is ownership in change management?
- Individuals or entity need to make a change, but they usually dont perform the actual change
- Owner manages actual change
What is Impact Analysis?
- Risk Value assignes to change
- Also risks involved if change is not done
What is a Backout Plan?
- Plan to revert back to original configuration
- Should be planned before change is done