Misc. CISSP Tables/Equations (Secondary) Flashcards
Total Risk (TR)
TR=(AV)(threats)(vulnerabilities)
TR=AV*R
TR=CG+RR
AV -Asset Value
R -Risk
CG -Controls Gap
RR -Residual Risk
Risk (R)
R=Threat*vulnerability
Single Loss Expectancy (SLE)
Describes how much it would cost you if it happened just ONE time
SLE=AV*EF
AV -Asset Value
EF -Exposure Factor
Annualized Loss Expectancy (ALE)
How much will you lost per year
ALE=AVEFARO
AV -Asset Value
EF -Exposure factor
ARO -Annualized rate of Occurance
Annualized Rate of Occurrence (ARO)
Expected frequency with which a specific threat or risk will occur
Seven steps of NIST Risk Management Framework
1) Prepare
2) Categorize
3) Select
4) Implement
5) Assess
6) Authorize
7) Monitor
*People Can See I am Always Monitoring
OSI Model
1) Application
2) Presentation
3) Session
4) Transport
5) Network
6) Data Link
7) Physical
Forwards: All People Seem To Need Data Processing
Backwards: Please Do Not Toss Security Processes Asside
Steps of the data lifecycle
1) Create
2) Classify
3) Store
4) Use
5) Share
6) Archive
7) Destroy
Consultants Can Send Use Some Attack Data
Five Steps of “Common Criteria” Validation
1) Describe Assets
2) Identify Threats
3) Analysis & Rating of Threats
4) Determination of Security Objectives
5) Selection of Functional Security Requirements
Don’t Insult Any Data Scientists
The incident Response Process
1) Detection
2) Response
3) Mitigation
4) Reporting
5) Recovery
6) Remediation
7) Lessons Learned
DRMRRRL (Drum Roll)
Process for Quantitative Risk Analysis
1) Inventory the Assets (use asset value)
2) Identify the Threats (use exposure factor)
3) Analyze the Threats (use single loss expectancy)
4) Estimate the potential loss (use annualized loss expectancy)
5) Research Countermeasures for each threat
6) Cost-Benefit Analysis
I Imagined An Enormous Rosiere Chicken
Exposure factor (EF)
The percentage (%) of value an asset lost due to an incident, represented in a decimal
Safegaurd Evaluation
The process of determining whether a safeguard is cost effective
Controls Gap (CG)
The amount of risk reduced by implementing safeguards
CG=TR-RR
This is subtracted from the total risk to calculate the residual risk…
And vice versa (This can be added to the residual risk to calculate the total risk)
Residual Risk (RR)
The risk that remains even with all conceivable safeguards in place. Often the deducible on an insurance policy)
RR=TR-CG
Value a safeguard
(ALE-ALE_SG)-ACS
ALE -Annualized Loss Expectancy (with no safegaurds/controls)
ALE_SG -Annualized Loss Expectancy with the safegaurd in place
ACS -Annual Cost of Safeguard
Class A Fires
Caused by combustibles
Recommended suppression material: Water, soda acid (dry powder)
Class B Fires
Caused by Liquids
Recommended suppression material: CO2, halon, soda acid
Class C Fires
“Electrical Fires”
Recommended suppression material: CO2, halon
Class D Fires
Burning Metals
Recommended suppression material: Dry Powder
Class K fires
“Kitchen Fires”
Recommended suppression material: Wet Chemicals (not water)
CO2 as fire suppression material
Does not require clean up after use
Puts out fires by removing oxygen, not heat
Recommended for Class B fires “Burning Liquids” and for Class C fires “Electrical fires”
Halon as fire suppression material
any of a number of unreactive gaseous compounds of carbon with bromine and other halogens, used in fire extinguishers
Recommended for Class B fires “Burning Liquids” and for Class C fires “Electrical fires”
Dangers of using water as a fire suppressant
In Kitchen fires (Class K) it can allow grease to splash, allowing the fire to spread
In metal fires (Class D) it can separate into hydrogen and hydroxide. The hydrogen gas is combustible
In liquid fires (Class B) it can allow the burning liquid to splash, allowing the fire to spread
Static voltage required to destroy sensitive circuits and components
40 Volts
Static voltage required to scramble monitor displays
1 kV
Static voltage required to destroy harddrive data
1.5 kV
Static voltage required to cause an abrupt system shutdown
2 kV
Static voltage required to cause permanent damage to a circuit
17 kV
The only wiring type the is impervious to EMI
Fiber Optic
Wiring types in order of their susceptibility to EMI
MOST effected to LEAST effected
10BaseT (UTP)
100BaseT
1000BaseT
10Base2
STP
10Base5
Fiber Optic
*As a general rule, the easier the cables are to install, the more effected they are going to be by EMI
*UTP is unshielded twisted pair
Wiring types in order of their cost/difficulty to install
LEAST difficult/expensive to MOST difficult/expensive
10BaseT (UTP)
100BaseT
1000BaseT
10Base2
STP
10Base5
Fiber Optic
*As a general rule, the easier the cables are to install, the more effected they are going to be by EMI
*UTP is unshielded twisted pair
Wiring types in order of the length you can use
Fiber-optic (2 km)
10Base5 (500 m)
10Base2 (185 m)
10BaseT (100 m)
STP (100 m)
100BaseT (100 m)
1000Base (100 m)
Wiring types in order of the max speed you can get
Fiber-optic (2 Gbps)
1000BaseT (1 Gbps)
STP (155 Mbps)
100BaseT (100 Mbps)
10Base2 (10 Mbps)
10Base5 (10 Mbps)
10BaseT (10 Mbps)
*The names are based on how many Mbps you get from that cable
File Transfer Protocol Details
TCP
Ports 20/21
Secure Shell
TCP
Port 22
Examples of Logical Controls in Physical security
These are technical controls
-Intrusion Detection
-Alarms
-CCTV
HVAC
-Fire Detection and Supression
Examples of Administrative controls in physical security
Facility construction
Facility Selection
Site Management
Personnel Controls
Awareness Training
Emergency Response
Physical Controls in physical security
-fencing
-lighting
-locks
-construction matrtials
-mantraps
-dogs
-gaurds
The importance of physical security
*there is no security without physical security
The technology is not enough
If you don’t control the physical environment, then an attacker can walk in and place a wire tap, destroy your hardware, or cut the power to your systems
Importance of Humidity controls
Should be between 40% and 60%
Too much humidity can cause corrosion. Too little humidity causes static electricity.