Quantitative Analysis (ALE=SLE x ARO) ALE = Annualized Loss Expectancy (A dollar amount that estimates the loss potential from a risk in a span of year) SLE = Single Loss Expectancy (A dollar amount that is assigned to a single event that represents the company’s potential loss) ARO = Annualized Rate of Occurrence (Frequency of… Read more »
Posts Categorized: CISSP
CISSP Security & Risk Management-The After-Action Review
After-action review (AAR): a detailed examination of events that occurred from incident detection to recovery Identify areas of the BC/DR plans that worked, didn’t work, or need improvement AAR’s are conducted with all participants in attendance AAR is recorded for use as a training case AAR brings the BCP/DRP teams’ actions to a close
CISSP Security & Risk Management-Results from the BIA
Result contains: Identified critical functions and required resources
CISSP Security & Risk Management-Business Impact Analysis (BIA)
Identify organization’s critical business functions
CISSP Security & Risk Management-Disaster Recovery (DR)
Review the BIA BIA contains the prioritized list of critical business functions Should be reviewed for compatibility with the BC plan
CISSP Security & Risk Management- Business Continuity (BC) & Disaster Recovery (DR) Requirements
Project Initiation and Management Develop and Document Project Scope and Plan
CISSP Security & Risk Management- Global Legal and Regulatory Issues
Computer/Cyber Crime CryptoLocker Ransomware – Spreads via email and propagates rapidly. Encrypts various file types and then a pop-up window appears to inform user about the actions performed on computer and, therefore demand a monetary payment for files to be decrypted.
CISSP Security & Risk Management- Computer Crimes
Computer as incidental to other crimes Involves crimes where computers are not really necessary for such crimes to be committed. Instead computers facilitate these crimes and make them difficult to detect. Examples of crimes in this category may include money laundering and unlawful activities on bulletin board systems.
CISSP Security & Risk Management-The Complete & Effective Security Program
Oversight Committee Representation
CISSP Security & Risk Management-Security Governance
Organizational or corporate governance has existed since time immemorial to ensure the efficient running via control structures.
CISSP Telecommunications and Network-Wireless Technologies
Wireless Communications WAP (Wireless Applications Protocol) –Developed for wireless (PDA’s, mobile phones, pagers, etc. devices to communicate)
CISSP Telecommunications and Network-Tunneling Protocols
Tunneling is a method of transferring data from one network to another by encapsulating the packets in an additional header. The additional header provides routing information so that the encapsulating payload traverse the intermediate networks.
CISSP Telecommunications and Network Security-IPSec
IPSec IPSec is an architecture or framework for security services for IP networks. It works at the Network Layer of the OSI Model. It is actually a standard for secure data transmission. It provides mechanisms for authentication and encryption. Defined by RFC 4301 and carries a set of functions, it is mandatory in IPv6. IPSec… Read more »
CISSP Telecommunications and Network Security
Open Systems Interconnect (OSI) Model
CISSP WANS and Their Components
WANS and Their Components Wide area networks (WANs) are considerably different than LANs. Organizations usually own their own LANs, but WAN services are typically leased; it’s not feasible to have your network guy run a cable from New York to Dallas.
CISSP LANs and Their Components
A local area network (LAN) is a critical component of a modern data network. A LAN is comprised of one or more computers, a communication protocol, a network topology, and cabling or a wireless network to connect the systems.
CISSP System Validation
No system or architecture will ever be completely secure; there will always be a certain level of risk.
CISSP Security Models of Control
Security Models of Control Security models of control are used to determine how security will be implemented, what subjects can access the system, and what objects they will have access to. Simply stated, they are a way to formalize security policy.
CISSP Security Mechanisms
Although a robust architecture is a good start, real security requires that you have security mechanisms in place to control processes and applications. Some good security mechanisms are described in the following sections.
CISSP Computer System Architecture
Computer System Architecture At the core of every computer system is the CPU and hardware that make it run.
CISSP Penetration Testing
Penetration testing is a series of activities undertaken to identify and exploit security vulnerabilities.
CISSP Single sign-on
Single sign-on is an attempt to address a problem that is common for all users and administrators.
CISSP Access Control Models
Data access controls are established to control how subjects can access data, what they can access with it, and what they can do with it once accessed. Three primary types of access control are discussed in this section. [bs_icon name=”glyphicon glyphicon-chevron-right”] Mandatory Access Control (MAC)
CISSP Legal Systems
The two law systems that form the basis of legal systems in most countries are:
Kerberos is a network authentication protocol created by the Massachusetts Institute of Technology (MIT) that uses secret-key cryptography. Kerberos has three parts: a client, server, and trusted third party (KDC) to mediate between them.
[bs_icon name=”glyphicon glyphicon-chevron-right”] Types of Attacks Denial of Service (DoS) Smurf Fraggle SYN Flood Teardrop Distributed Denial of Service (DDoS) Ping Sweep Port Scan Salami attack Man-in-the-Middle Session or TCP Hijacking Replay Buffer Overflow Scareware and Ransomeware Password attack Covert channels [bs_icon name=”glyphicon glyphicon-chevron-right”] Web Attacks SQL Injection – An injection of SQL query through input… Read more »
CISSP Asymmetric Systems
Asymmetric Systems –Uses a pair of keys (private and public) for encryption and decryption
CompTIA Sec+ | Microsoft MTA Security: CIA
CISSP Intrusion-Detection Systems (IDS)
An IDS is designed to function as an access-control monitor. It can monitor network or host activity and record which users attempt to access specific network resources.