Shared Flashcard Set

Details

gg
gg
26
Other
11th Grade
10/12/2018

Additional Other Flashcards

 


 

Cards

Term

Risk

 

Definition

Likelihood that a threat will exploit a vulnerability

 

Term

Vulnerability

 

Definition

Weakness in the system

 

Term

Threat

 

Definition

Potential danger

 

Term

Threats

 

Definition

Threat vector: Means to carry out a threat

Threat types

Natural threats - natural disasters etc, such as fire, a storm

Malicious human threats (malicious insider for instance)

Accidental human threats (maybe the support guy forgot to close off a certain port or someone unintentionally propagates a worm)

Environmental threats (ESD, RFID) (Especially important in SCADA systems)

 

Term

Threat assessment

 

Definition

helps an organization identify and categorize threats

 

Term

Vulnerabilities

 

Definition

Sources of vulnerabilities

Lack of updates

Default configurations

Lack of malware protection or updating of definitions

Lack of firewalls

Lack of organizational policies

Lack of end user awareness

 

Term

Risk Management

 

Definition

Practices of identifying, monitoring, and limiting risks to a manageable level

Risk management methods

Risk avoidance - totally eliminating risk but consumes lots of resources and is not feasible for the end user

Risk transference - transfer some detriments of a threat occurring, for instance, insurance  

Risk acceptance - accepting that things will happen

Risk mitigation - most common method, mitigate some risks, so employing just enough risk management to make it both secure and feasible for the end user

Risk deterrence - deter risks, through security guards, etc

 

Term
Risk assessment
Definition

Quantitative risk assessment 

Measures the risk using a specific monetary amount  

Signal loss expectancy (SLE)

Cost of a single loss

Annual rate of occurrence (ARO) (Amount of times a loss will occur in a year)

Annual loss expectancy

Cost of losses over a year

ALE = SLE x ARO

 

Term

Qualitative risk assessment

 

Definition

Uses judgement to categorize risk based on probability and impact

Difficult to measure

Arbitrary figures are generally used

 

Term

Metrics

 

Definition

MTBF (mean time between failures) (want this to be high as possible)

MTTF (mean time to failure) (want this to be high as possible)

MTTR (mean time to recover) (want this to be as low as possible)

 

Term

Risk Registers

 

Definition

Detailed entries on the information regarding identified risks

Category

Specific risk

Likelihood of occurrence

Impact

Risk score

Security controls

Contingencies 

Action assigned to

Action deadline

 

Term

Supply Chain Assessment 

 

Definition

Evaluates every resource needed to produce and sell a product

Risk assessments should be taken concurrently

 

Term

Vulnerability Assessment

 

Definition

Assesses the security posture of a system

Passive test, contrary to a pentest, which is intrusive

Identifies vulnerabilities passively

Key steps

 

Term

Vulnerability scan

 

Definition

Identifies vulnerabilities

Identifies misconfigurations

Passively tests security controls

Identifies lack of security controls

You can perform a vulnerability scan by, for instance, an IDS

Unlike a pentest, security controls are tested passively

 

Term

Credentialed vulnerability

 

Definition

Runs a scan with the credentials of an authorized user

More official vulnerability scan with slightly more validity

 

Term

Other assessment techniques

 

Definition

Baseline reporting

Code review (input validation, fuzzing, etc)

Attack surface review

Architecture review (topologies) 

Design revie

 

Term
Black box testing
Definition

Testers have no knowledge of the system prior to the test

 

Term

White box testing

 

Definition
Testers have knowledge of the system prior to the tes
Term

Gray box testing

 

Definition

Testers have limited knowledge of the system prior to the test

Continuous monitoring and routine auditing is imperative

Protecting a system against vulnerabilities must be an ongoing process

 

Term
Packet sniffe
Definition

AKA protocol analyzer

Captures, displays, and analyzes packets sent over a network

 

Term

Auditing tools

 

Definition

Logs

IDSs

 

Term
User reviews
Definition

Assess the rights and permissions allocated to users

 

Term

Passive reconnaissance

 

Definition

Uses open source and public knowledge

 

Term

Active reconnaissance

 

Definition
Uses sniffers and network monitors to gain information
Term
Pivoting
Definition

Gaining access to other resources through an initial vector

 

Term

Commands

 

Definition

tcpdump - linux

Nmap - Windows (Zenmap is a GUI version of nmap)

Netcat - linux

 

Supporting users have an ad free experience!