Compare and Contrast Information Security Roles Topic 1A and 1B
what is a Security operations center?
+ is a location where security professionals monitor and protect critical information assets across another business function. + Difficult to establish, maintain and finance. Usually for larger companies
Security Control Function Types - Preventative
- Acts to eliminate or reduce that an attack can succeed. - Preventative operates before an attack can take place Ex. Access Control List configured on fire walls Ex. Standard Operating Procedure (SOP) act as administrative versions of preventative controls
what is DevSecOps
-the principle that security is a primary consideration at every stage of software development and deployment. -Security considerations need to be made during requirement and planning phases, not grafted at the end
what is Development and Operations (DevOps)
A set of practices, tools, and a cultural philosophy that automates and integrates developers and system administrators. + IT personnel and developers can build, set and release software faster and more reliably
what is a cyber security framework?
A tool to organize & improve your cyber security program. Helps organizations build & improve their cyber security posture.
what is an incident response team?
Acts as a single point-of-contact for the notifications of security incidents. + can be handled by the SOC or established Independent business Cyber Incident Response Team (CIRT), Computer Security Incident response team (CSIRT), Computer emergency Response Team (CERT.
Security Control Function Types - Corrective
Acts to eliminate or reduce the impact of an intrusion event. - Used after an attack Ex. Backup system can restore data that was damaged during an intrusion Ex. Patch management systems
What is defense in depth?
An attacker must get past multiple security controls to fully compromise a network.
Non-repudiation
Assurance someone cannot deny the validity of so something.
the ___ requires federal agencies to develop security policies for computer systems that process confidential information
Computer Security Act
Security Control Function Types - Deterrent
Control may not physically or logically prevent access, but psychologically discourages an attacker from attempting an intrusion. Ex. Signs, warnings of legal penalties against trespass or intrusion
Security Control Function Types - Physical
Controls such as alarms, gateways, locks, lighting, security cameras and guards that terror and detect access to premises and hardware are often classed separately.
What are security control?
Designed Items to give a system or data asset the properties of confidentiality, integrity, availability and non-reputation.
What are the parts of the NIST Cybersecurity Framework?
Identify Protect Detect Respond Recover
Cybersecurity Framework - Protect
Implement appropriate safeguards to ensure protection of the enterprises assets.
Security Controls - Technical Controls
Implemented as systems. Firewalls, anti-virus software, and logical controls, etc.
What is a security policy?
Is a formalized statement that defines how security will be implemented within an organization
what is a Cybersecurity Framework (CSF)?
Is a list of activities and objectives undertaken to mitigate risks. Focuses solely on IT Security
Cybersecurity Framework - Respond
Is to identify, analyze, contain, and eradicate threats to systems and data security.
Security Control Function Types - Detective
May not prevent or deter access, but it will identify and record any attempted or successful intrusion. - Operates during the progress of an attack Ex. Logs provide detective Control
Confidentiality
Means that certain information should only be known to certain people.
Availability
Means that informations is accessible to those authorized to view or modify it.
Integrity
Means the data is stored and transferred as intended and that any modification is authorized.
What is NIST and what is it responsible for?
National Institute for Standards and Technology, responsible for issuing the Federal Information Processing Standards (FIPS).
What is NIST Risk Management Framework (RMF)?
Pre dates the CSF, focuses on practical cybersecurity for businesses. RMF is more prescriptive and principle intended for use by federal agencies.
What are the security control function types?
Preventive, Detective, Corrective, Physical, Deterrent and Compensating
What is Information Security?
Refers to the protection of data resources from unauthorized access, attack, theft and damage.
Security Control Function Types - Compensating
Serves as a substitute for principal control as recommended by a security standard and afford the same level of protection but used a different methodology or technology.
What are the categories of security control?
Technical, Operational, and managerial
What describes a security policy?
The means the organization will take to protect the confidentiality, availably and integrity of sensitive data and resources.
Cybersecurity Framework - Recover
To implements cybersecurity resilience to restore systems and data if other controls are unable to prevent attacks.
Cybersecurity Framework - Detect
To preform ongoing, proactive monitoring to ensure that controls are effective and capable of protecting against new types of threats.
Cybersecurity Framework - Identify
What process and assess need protection. Is used to evaluate risks, threats, and vulnerabilities and reccomend security control to mitigate them
Security Controls - Operational Control
is implements primary by people rather than systems. Security guards, training programs, policies, etc. "Controls People"
What is cyber security?
the process of protecting network, devices and data from unauthorized access and practice of ensuring confidentiality, integrity, availability of information.