Operation Security Flashcards
What are the operations security triples?
threats, vulnerabilities, and assets
Security baselining
is the process of capturing a point-in-time understanding of the current system security configuration.
term vulnerability management
is used rather than just vulnerability scanning to emphasize the need for management of the vulnerability information.
Zero-day exploit
rather than vulnerability, refers to the existence of exploit code for a vulnerability that has yet to be patched.
zero-day vulnerability
The term for a vulnerability being known before the existence of a patch is zero-day vulnerability.
Configuration Management
is a process of identifying and documenting hardware components, software, and the associated settings.
Involves development of a security-oriented baseline configuration.
It involves tasks such as disabling unnecessary services; removing unnecessary programs; enabling security capabilities such as firewalls, antivirus, and IDS; and the configuration of security and audit logs.
Configuration Management process
o The change is requested. o The change is approved. o The change is documented in the change log. o The change is tested and presented. o The change is implemented.
Change management
purpose of the change control process is to understand, communicate, and document any changes with the primary goal of being able to understand, control,
and avoid direct or indirect negative impact that the changes might impose.
The general flow of the change management process includes:
- Identifying a change
- Proposing a change
- Assessing the risk associated with the change
- Testing the change
- Scheduling the change
- Notifying impacted parties of the change
- Implementing the change
- Reporting results of the change implementation
Fail-safe systems
provide the ability to automatically terminate the processes in response to a failure.
An example would be an automated locking system that defaults to unlock in case of power failure.
Fail-secure state
refers to the ability of a system to maintain and preserve implies that a system should be able to protect itself and its information assets if critical processes are terminated and if a system becomes unusable.
An example would be an automated locking system that defaults to lock in case of power failure.
active-active HA cluster
a load balancing - actively processes data in advance of a failure.
active-passive
hot standby, configuration in which the backup systems only begin processing when a failure is detected.
SANs
o Consists of dedicated block level storage on a dedicated network.
o Made of numerous storage devices such as tape libraries, optical drives and disk arrays.
o They utilize protocols like iSCSI to appear to operating systems as locally attached devices.
o Can provide warm or hot spares.
o Provide additional drive capacity.
o Commonly used in data centers and can occur over long distance.
NASs
o Used to serve and store files.
o Common used as FTP servers.
