Sunday, November 30, 2014

Chapter 11: Change Control Process

  1. Request for a change to take place
    • present to individual or group responsible for approving changes and overseeing activities of changes within an environment
  2. Approval of the change
    • justify reason for change and clearly show benefits and possible pitfalls of change
  3. Documentation of the change
    • after approval of change, enter it into a log and update it according to changes
  4. Tested and presented
    • changes have to be fully tested, this uncovers unforeseen results
  5. Implementation
    • schedule that outlines projected phases of changes being implemented
  6. Report change to management
    • full report summarizing changes, and submit it to management


Posted by at No comments:
Chapter 11: After a System Crash

  • Steps to take when a system crashes:
    1. Enter into single user or safe mode:
      • System cold start takes place when the system's is unable to automatically recover itself to a secure state. This is when an administrator gets involved.
      • The systems will have two options:
        1. Automatically boot up to a "single user mode"
        2. Manually boot up to a "recovery console"
      • The administrator must physically be at the console or have deployed external technology such as secured dial-in/dial-back modems attached to serial console ports or remote keyboard video mouse [KVM] switches attacked to graphic consoles.
    2. Fix issues and recover files:
      • Single user mode:
        • Admin salvages file systems from damage that may have occurred as a result of the unclean, sudden shutdown of the system, and attempts to identify cause of the shutdown to prevent it from recurring.
    3. Validate critical files and operations:
      • If the shutdown suggests corruption then the admin must validate the contents of configuration files and ensure system files are consistent with their expected state.
Posted by at No comments:
Chapter 11: Assurance Level

  • Two types of assurance:
    1. Operational Assurance:
      • Concentrates on the product's architecture, embedded features, and functionality that enable a customer to continually obtain the necessary level of protection when using the product
      • Examples:
        • Access control mechanisms
        • Separation of privileged and user program code
        • Auditing and monitoring capabilities
        • Covert channel analysis
        • Trusted recovery (when product experiences unexpected circumstances)
    2. Life-Cycle Assurance:
      • How product was developed and maintained because each stage of the product life cycle has standards and expectations it must fulfill before it can be deemed a highly trusted product.
        • Examples:
          • Design specifications
          • Clipping-level configurations
          • Unit and integration testing
          • Configuration management
          • Trusted distribution
Posted by at No comments:

Sunday, November 16, 2014

Chapter 11: Security and Network Personnel

  • The security administrator should not report to the network administrator of their responsibilities have different focuses. Network administrators have a focus on high availability and performance of the network and resources. The focus on performance and user functionality is usually a trade-off for security. 
  • The following tasks are tasks that should be carried out my security administrators:
    • Implements and maintains security devices and software
      • security products require monitoring and maintenance to get their full value, this includes version updates and upgrades.
    • Carry out security assessments
      • security administrator identify vulnerabilities in the system, networks, software, and in-house developed products used by a business
      • assessments enable business to understand risks it faces in order to make sensible business decisions about products and services it considers purchasing, risk mitigation strategies i chooses to fund vs. risks it chooses to accept.
    • Creates and maintains user profiles and implements and maintains access control mechanisms
    • Configures and maintains security labels in mandatory access controls (MAC) environments
      • MAC environments are mostly found in government and military agencies.
      • Access decisions are based on comparing object's classification and subject's clearance.
    • Sets initial passwords for users
      • New accounts must be protected from attackers who might know patterns used for passwords.
    • Reviews audit logs
Posted by at No comments:

Friday, November 14, 2014

Chapter 11: Administrative Management

  • One aspect of administrative management is dealing with personnel issues which include separation of duties and job rotation. 
  • Separation of duties:
    • The objective is to ensure that one person acting alone cannot comprise the company's security in any way.
    • High-risk activities are broken up into different parts and distributed to different individuals or departments this prevents any one person from having too much authority. 
    • This decreases the changes of fraud unless collision is committed. Collision is when more then one person is needed to commit an act against policy. 
    • Separation of duties can help prevent mistakes and minimize conflict of interest that can take place if one person is performing a task from beginning to end. 
      • E.g. a programmer should not be the only one testing her own code. 
  • Job rotation:
    • Over time, more then one person fulfills the tasks of one position within the company. 
    • How job rotation is helpful for the company is that this allows the company to have more then one person who understands the tasks and responsibilities of a specific job title. This allows for backup and redundancy when a person leaves a company or is absent. 
    • Job rotation also helps identify fraudulent activities.
Posted by at No comments:
Chapter 11: Security Operations

  • Operation security is about configuration, performance, fault tolerance, security, and accounting and verification management to ensure that proper standards of operations and compliance requirements are met (Harris, 1234).
  • Operations security is also about ensuring people, applications, equipment, and overall environment are properly and adequately secured. 
  • Another large part of operations security includes ensuring the physical and environmental concerns are adequately addressed. This includes things such as temperature and humidity controls, media reuse, disposal, and destruction of media containing sensitive information. 
Posted by at No comments:

Tuesday, November 11, 2014

Chapter 10: Software Development Models Overview

  1. Break and Fix:
    1. No real planning up front
    2. Flaws are reactively dealt with after release with the creation of patches and updates
  2. Waterfall:
    1. Sequential approach that requires each phase to complete before the next one can begin.
    2. Difficult to integrate changes
    3. Inflexible model
  3. V-model:
    1. verification and validation is emphasized at each phase
    2. Testing takes place throughout the project, not just at the end
  4. Prototyping:
    1. A model or sample is created from the code for proof-of-concept purposes
  5. Incremental:
    1. Multiple development cycles carried out on a pice of software throughout its development stages
    2. Each stage provides a usable version of software
  6. Spiral:
    1. Interactive approach
    2. Emphasizes risk analysis per iteration
    3. Allows for customer feedback to be integrated through a flexible evolutionary approach
  7. Rapid Application Development:
    1. combines prototyping an d iterative development procedures with goal of accelerating software development process
  8. Agile:
    1. Iterative and incremental development processes that encourages team-base collaboration
    2. Flexible and adaptive


Posted by at No comments:
Subscribe to: Comments (Atom)