What concept allows us to understand the relationship between prevention, detection, and response?

Home

Subjects

Expert solutions

Create

Log in

Sign up

Upgrade to remove ads

Only ₩37,125/year

• Flashcards

• Learn

• Test

• Match

• Flashcards

• Learn

• Test

• Match

Terms in this set (30)

Phreaking

Hacking of the systems and computers used by phone companies

Computer security

methods used to ensure that a
system is secure

Networking security

protection of multiple computers and
other devices that are networked together

Information Security/Information Assurance

refer to a security focus on the data

Confidentiality

ensure that only those individuals who have
authority to view information may do so

Integrity

only authorized individuals should be able to create, change, or delete info

Availability

data is available when needed

Authentication

individuals are who they claim

Nonrepudiation

verify that a message has been sent and
received, with sender identified

Auditability

a control can be verified to be operating correctly

Security Components

• Prevention
• Access controls
• Firewalls
• Encryption

• Detection
• Audit logs
• Intrusion detection systems
• Honeypots

• Response
• Backups
• Incident response teams
• Computer forensics

Operational Method of Computer Security

Protection = Prevention + Detection + Response

Time based security

The amount of time offered by a protection device should be greater than the time to detect the attack plus the reaction time of the organization

Allows us to understand the relationship between
prevention, detection, and response

Host Security

• Each computer is "locked down" individually.
• Maintaining an equal and high level of security for all computers is difficult and usually ends in failure

Network Security

Controlling access to internal computers from external entities

concerned with addressing vulnerabilities and threats in computer networks that may or may not be connected to the internet

Least Privilege

•A subject (user, application, or process) should have only the necessary rights and privileges to perform its task with no additional permissions

•By limiting an object's privilege, we limit the amount of harm that can be caused

Example
• Log in with a regular user account, and change your context to do administrative duties

Fail Safe Defaults

When something fails, it should do so in a safe state

Example
• Deny access by default (implicit deny)
• Rule based firewall
• Use of list of denied sites vs. list of accepted sites

Implicit Deny

• If a particular situation is not covered by any rules, then access can not be granted
•Any individual without proper authorization cannot be granted access
•The alternative to implicit deny is to allow access unless a specific rule forbids it (e.g., Web content filters)

Economy of Mechanism

•Keep security processes and tools simple and elegant

Security processes and tools should be:
• simple to use,
• simple to administer, and
• easy to troubleshoot

•A system should only run the services that it needs to provide and no more

Complete Mediation

• Check all access requests for permission
•Situation of Web sessions

Open Design

Protection of an object should not rely on the secrecy of the protection mechanism

• Example - public key crypto export control debate

Crypto

is security based on the crypto algorithm or the keys used

Security through obscurity

• Security is effective if the environment and protection mechanisms are
not generally known
• The concept's objective is to hide an object
• Usually not effective
• NIST recommends against this strategy

An approach to security using the mechanism of hiding information to protect it.

Least common mechanism

Mechanisms used to access resources should be
dedicated and not shared

Example
• Mechanism for employees to access their payroll information should be separate from mechanism to edit information
• DB sandbox for information-based companies
• Virtual machines

Psychological Acceptability

• Refers to users' acceptance of security measures
• If users see security as an impediment to their work, they will bypass the security measures

Defense in Depth

• Implements different access controls, utilizing various tools and devices within a security system on multiple levels

Example
• Firewall
• Intrusion detection system
• Packet filtering router
• Internal firewalls
• Database security

Diversity of Defense

• Complements the layered security approach
• Use dissimilar security at different layers

Example
• Penetrate a firewall
• Use packets not identifiable by intrusion detection system
• Circumvent a packet filtering router
• Penetrate an inner firewall
• Break DB access controls
• Locate Target data within DB

Encapsulation

lower layer protocol is encapsulated in the higher layer protocol

Isolation

separating items so that they cannot interfere
with one another

Trust relationships

identification of what level of access
is provided

Sets with similar terms

Security+ SY0-301 Chapter 1

33 terms

mbxray

Access Controls

99 terms

jqeverage

Windows Security Chapter 1-3

50 terms

clusterwhoops

Windows Security

51 terms

cwc39452

Sets found in the same folder

Ch 1 CIS 2337

15 terms

motiv8tion45

Principles of Computer security chapter 1-6, 9-10,…

216 terms

Tyl3r09

3408 Comp Security Exam 1

85 terms

ashton_arnold7

Ch. 1 - Info Sec.

19 terms

spencer_hendee

Other sets by this creator

Web Components

5 terms

conwabueze

Attacks

31 terms

conwabueze

Authentication and Attacks

8 terms

conwabueze

Infrastructure Security

17 terms

conwabueze

Verified questions

SOCIOLOGY

In hunting and gathering societies, resources are distributed equally. If one person eats, everyone eats. Is that the case in industrial and postindustrial societies? Should Americans be concerned whether everyone eats every day? Why might they not be concerned?

Verified answer

SOCIOLOGY

Why does the office of the president includes press and communications staff? a.the president uses mass media to speak to congress. b.the president uses mass media to gain support for policies. c.the president uses mass media to issue executive orders. d.the president uses mass media to speak to other countries.

Verified answer

SOCIOLOGY

Explain why blood relationships are less important in an industrial society than in a preindustrial society.

Verified answer

SOCIOLOGY

Using the Internet or your school or local library, find a murder case from the year 1900. Find a similar type of murder case from the year 2005. Consider how each murder, was reported and punished (i.e., the type of approach to crime control that was used). Design a database to illustrate similarities and differences between the two deviant acts. What can you conclude about society's view of deviance at the time tile crime was committed?

Verified answer

Other Quizlet sets

Principles of inf security final 1

30 terms

emmanuel_rosado

chapter 2

60 terms

aileen_morales5

Accounting Systems Ch. 9

24 terms

Christine_South

Acc 327 Chapter 8

39 terms

Grace_Freitag

Related questions

QUESTION

How is TCP able to reliably deliver messages over an unreliable IP network?

9 answers

QUESTION

60) Smart cards are convenient to use because they do not require a personal identification number for authentication. TRUE or FALSE

3 answers

QUESTION

Comparative Politics, International Relations, Public Administration, Political Philosophy, Political Economy, Public Law

4 answers

QUESTION

A backup of only the files on your computing devices that have been created (or changed) since the last backup is known as an

12 answers

What is prevention detection and response?

Which security principle refers to the concept that each and every request should be verified?

What is prevention in security?

Which security principle states that access should be based on more than one item of information?