Chapter 12 HW
List the four steps to developing a CM plan.
- Establish baselines - Identify configuration - Describe configuration control process - Identify schedule for configuration audits
List the five domains of the recommended maintenance model.
- External monitoring - Internal monitoring - Planning and risk assessment - Vulnerability assessment and remediation - Readiness and review
Why should agencies monitor the status of their programs?
- Ongoing information security activities are proving appropriate support - Policies and procedures are current - controls are accomplishing their intended purpose
List and describe the choices an organization has when setting policy about how to employ digital forensics.
- Use a dedicated forensic workstation to examine a write-protected hard drive or image of the suspect hard drive - Boot the system using a verified, write-protected CD or other media with kernel and tools - Build a new system that contains an image of the suspect system and examine it - Verify the software on the suspect system, and then use the verified local software to conduct the examination - Examine the suspect system using the software on it, without verifying the software
____________________ is the process of reviewing the use of a system, not to check performance but to determine if misuse or malfeasance has occurred.
Auditing
__________ is the coherent application of methodical investigatory techniques to present evidence of crimes in a court or similar setting.
Forensics
The ____________________ vulnerability assessment is designed to find and document vulnerabilities that may be present in the organization's public network.
Internet
____________________ interconnections are the network devices, communications channels, and applications that may not be owned by the organization but are essential to the organization's cooperation with another company.
Partner
A performance ____________________ is an expected level of performance against which all subsequent levels of performance are compared.
baseline
The process of collecting detailed information about devices in a network is often referred to as ____________________.
characterization
A(n) ____________________ analysis is a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services).
difference
An attacker's use of a laptop while driving around looking for open wireless connections is often called war ____________________.
driving
Almost all aspects of a company's environment are ____________________, meaning threats that were originally assessed in the early stages of the project's systems development life cycle have probably changed and new priorities have emerged.
dynamic
Proven cases of real vulnerabilities can be considered vulnerability ____________________.
instances
The primary goal of the ____________________ monitoring domain is an informed awareness of the state of all the organization's networks, information systems, and information security defenses.
internal
In an online or __________ data acquisition, forensic investigators use network-based tools to acquire a protected copy of the information.
live
Digital ___________ is a crime against or using digital media, computer technology, or related components; in other words, a computer is the source of the crime or the object of it.
malfeasance
The objective of the external ____________________ domain within the maintenance model is to provide early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense.
monitoring
As each project nears completion, a(n) ____________________ risk assessment group reviews the impact of the project on the organization's risk profile.
operational
The ____________________ tester's ultimate responsibility is to identify weaknesses in the security of the organization's systems and networks and then present findings to the system owners in a detailed report.
penetration
The primary goal of the vulnerability assessment and ____________________ domain is to identify specific, documented vulnerabilities and remediate them in a timely fashion.
remediation
The primary goal of the readiness and ____________________ domain is to keep the information security program functioning as designed and improve it continuously over time.
review
The primary objective of the planning and ____________________ domain is to keep a lookout over the entire information security program.
risk assessment
Rehearsals that use plans as realistically as possible are called ____________________ games.
war
The ____________________ vulnerability assessment is designed to find and document vulnerabilities that may be present in the organization's wireless local area networks.
wireless
