PIA AY1819 Chapter 12

Ø configuration

A collection of components that make up a configuration item.

Ø software library

A collection of configuration items that is usually controlled and that developers use to construct revisions and issue new configuration items.

Ø digital malfeasance

A crime against or using digital media, computer technology, or related components; in other words, a computer is the source of the crime or the object of it.

Ø configuration item

A hardware or software item that will be modified and revised throughout its life cycle.

Ø build list

A list of the versions of components that make up a build.

Ø minor release (update or patch)

A minor revision of a version from its previous state.

Ø difference analysis

A procedure that compares the current state of a network segment against a known previous state of the same network segment (the baseline of systems and services).

Ø penetration testing

A set of security tests and evaluations that simulate attacks by a hacker or other malicious external source.

Ø major release

A significant revision of a version from its previous state.

Ø build

A snapshot of a particular version of software assembled or linked from its component modules.

Ø war game

A type of rehearsal that seeks to realistically simulate the circumstances needed to thoroughly test a plan.

Ø evidentiary material (EM)

Also known as "items of potential evidentiary value," any information that could potentially support an organization's legal or policy-based case against a suspect.

Ø configuration and change management (CCM)

An approach to implementing system change that uses policies, procedures, techniques, and tools to manage and evaluate proposed changes, track changes through completion, and maintain systems inventory and supporting documentation.

Ø intranet vulnerability assessment

An assessment approach designed to find and document selected vulnerabilities that are likely to be present on the organization's internal network.

Ø platform security validation (PSV)

An assessment approach designed to find and document vulnerabilities that may be present because misconfigured systems are used within the organization.

Ø Internet vulnerability assessment

An assessment approach designed to find and document vulnerabilities that may be present in the organization's public network.

Ø wireless vulnerability assessment

An assessment approach designed to find and document vulnerabilities that may be present in the organization's wireless local area networks.

Ø digital forensics

Investigations that involve the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and root cause analysis. Like traditional forensics, digital forensics follows clear, well-defined methodologies but still tends to be as much an art as a science.

Ø search warrant

Permission to search for evidentiary material at a specified location and/or to seize items to return to an investigator's lab for examination. An affidavit becomes a search warrant when signed by an approving authority.

Ø chain of custody

See chain of evidence.

Ø configuration management (CM)

See configuration and change management (CCM).

Ø affidavit

Sworn testimony that certain facts are in the possession of an investigating officer and that they warrant the examination of specific items located at a specific place. The facts, the items, and the place must be specified in the affidavit.

Ø forensics

The coherent application of methodical investigatory techniques to present evidence of crimes in a court or similar setting. Forensics allows investigators to determine what happened by examining the results of an event—criminal, natural, intentional, or accidental.

Ø vulnerability assessment and remediation domain

The component of the maintenance model focused on identifying specific, documented vulnerabilities and remediating them in a timely fashion.

Ø external monitoring domain

The component of the maintenance model that focuses on evaluating external threats to the organization's information assets.

Ø planning and risk assessment domain

The component of the maintenance model that focuses on identifying and planning ongoing information security activities and identifying and managing risks introduced through IT information security projects.

Ø internal monitoring domain

The component of the maintenance model that focuses on identifying, assessing, and managing the configuration and status of information assets in an organization.

Ø revision date

The date associated with a particular version or build.

Ø chain of evidence

The detailed documentation of the collection, storage, transfer, and ownership of evidence from the crime scene through its presentation in court.

Ø vulnerability assessment (VA)

The process of identifying and documenting specific and provable flaws in the organization's information asset environment.

Ø remediation

The processes of removing or repairing flaws in information assets that cause a vulnerability or removing the risk associated with the vulnerability.

Ø version

The recorded state of a particular revision of a software or hardware configuration item. The version number is often noted in a specific format, such as "M.N.b." In this notation, "M" is the major release number and "N.b" can represent various minor releases or builds within the major release.

Ø auditing

The review of a system's use to determine if misuse or malfeasance has occurred.

Ø war driving

The use of mobile scanning techniques to identify open wireless access points.