Security Flashcards
What are the 5 zones of the Purdue model?
Enterprise zone DMZ Operations Support Process control Safety
What are the 6 levels of the Purdue model?
level 5: enterprise network level 4: business planning and logistics level 3: operations and control level 2: supervisory control level 1: basic control level 0: process
What does OCTAVE stand for?
Operationally Critical Threat Asset and Vulnerability Evaluation
What are the 4 stages of the OCTAVE model?
Establish drivers
Profile assets
Identify threats
Identify and mitigate risk
What are the 8 steps of the OCTAVE model?
- establish risk measurement criteria
- develop information asset profile
- identify information asset containers
- identify areas of concern
- identify threat scenarios
- identify risks
- analyse risks
- mitigation approach
List the technical mitigations of risk?
Network monitoring and intrusion detection
Penetration testing
Protocol-aware firewalls
Secure by design
What are the two types of IDS?
Signature based
Detection based
What does IDS stand for?
Intrusion Detection System
Describe signature based IDS
Only known threats are detected
Describe detection based IDS
‘Normal’ behaviour is learned and anomalies are detected
What are the 3 main aspects of phased application of security?
Secure infrastructure and assets
Deploy security applications
Policy convergence
What are the 2 main aspects of secure by design?
Devices hardened against common attack vectors in hardware
Risk-based analysis to feature inclusion
What are the 4 principles of security?
Governance
Risk management
Asset management
Supply chain
What is node tampering?
Given physical access to a node an attacker can extract sensitive information
The node may also be altered or replaced to create a compromised node which the attacker controls
What is node jamming?
Interferes with the radio frequency used by network nodes
