Operation Security Flashcards
Need to Know / Least Privilege
users get only access to resources required to do their job
Separation of duties
ensures no single person can compromise a system
Job rotation
enhances opportunities to discover unusual activty
sensitive information procedures
protect private information of customers and employees
record retention
retain and review auditing records
monitor special privileges
rights need to be used responsibly and ethically
Trusted Recovery
When application or OS suffered a failure. It’s important that system respond in a way that leaves system in a secure state
Trusted Paths
Communication channel between user or the program’s using, and the trusted computer base.
TCB provides the resources to protect the channel and prevent it from being compromised
IDS / IPS
update regularly
vulnerability management system
VMS - centralizes, automates monitoring network vulnerabilities