Computer Security - Exam II

Card Set Information

Computer Security - Exam II
2013-10-18 06:37:40
17 Computer Security

Human Resources Security
Show Answers:

  1. security awareness
    training - security basics and literacy
    training - roles and responsibilities relative to IT systems
    education and experience
    four layers of the information technology (IT) learning continuum
  2. security awareness
    layer of the IT learning continuum that seeks to inform and focus an employee's attention on issues related to security within the organization - explains the what but not the how of security
  3. training
    layer of the IT learning continuum designed to teach people the skills to perform their IS-related tasks more securely - teaches what people should and how to do it
  4. education
    the most indepth program in the IT learning continuum
  5. least priviledge - give each person the minimum access necessary to do his job
    separation of duties - so people checking for inappropriate use are not also capable of making such inappropriate use
    limited reliance on key employees - no one should be irreplaceable
    principles that should be followed for personnel security
  6. remove person's name from all lists of authorized access
    inform guards
    remove personal access codes
    if necessarychange lock combinations, reprogram access card systems, replace physical locks
    recover all assets
    notify all appropriate departments
    important actions upon employee termination
  7. artifact
    any file or object found on a system that might be involved in probing or attacking systems and networks or that is being used to defeat security measures - ex: viruses, trojan horse, worms, exploit scripts, toolkits, etc.
  8. Computer Security Incident Response Team (CSIRT) aka Computer Incident Response Team (CIRT) or a Computer Incident Response Center (CIRC)
    a capability set up for the purpose of assisting in responding to computer security-related incidents that involve sites within a defined constituency
  9. constituency
    the group of users, sites, networks, or organizations served by the CSIRT
  10. incident
    a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices
  11. triage
    the process of receiving, initial sorting, and prioritizing of information to facilitate its appropriate handling - the single point of contact for the whole incident handling service
  12. vulnerability
    a characteristic of a piece of technology which can be exploited to perpetrate a security incident
  13. incident
    any action that threatens one or more of the classic security services of confidentiality, integrity, availability, accountability, authenticity, and reliability in a system
  14. system integrity verification tools
    scan critical system files, directories, and services to ensure they have not been changed without proper authorization
  15. log analysis tools
    analyze the information collected in audit logs using some form of pattern recognition to identify potential security incidents
  16. network and host indrusion detection systems (IDS)
    monitor and analyze network and host activity and usually compare this information with a collection of attack signatures to identify potential security incidents
  17. intrusion prevention systems
    augment an intrusion detection system with the ability to automatially block detected attacks
  18. system integrity verivfication tools
    log analysis tools
    network and host intrusion detection systems (IDS)
    intrusion prevention systems
    tools that can detect incidents:
  19. denial-of-service attacks that prevent or impair normal use of systems
    malicious code that infects a host
    unauthorized access to a system
    inappropriate usage of a system
    multiple-component incidents - involve two or more of the above categories
    incident response policies should address