Ethics
ISC2:
Code of Ethics Canons -
- Protect society, the commonwealth and the infrastructure
- Act honorably, honestly, justly, responsibly and legally
- Provide diligent and competent service to principals.
- Advance and protect the profession.
IAB - Internet Activites Board:
Unethical and unacceptable behaviour -
- Purposely seeking to gain unauthorized access to Internet resources
- Disrupting the intended use of the Internet.
- Wasting resources through purposeful actions
- Destroying the integrity of computer-based information.
- Compromising the privacy of others.
- Involving negligence in the conduct of Internet-wide experiments
GASSP - Generally Accepted System Security Principles:
Seeks to develop and maintain GASSP with guidance from security professionals, IT product developers, information owners and other organizations having extensive experience in defining and stating the principles of information security.
MOM - Motivations, Opportunities and Means:
Motivations - Who and why of a crime
Opportunities - Where and when of a crime
Means - The capabilities a criminal would need to be successful.

Operations security

Salami:

Involving subtracting a small amount of funds from an account with the hope that such an insignificant amount would be unnoticed
Data Diddling:
Refers to the alteration of existing data and many times this modi-fication happens before it is entered into an application or as soon as it completes processing and is outputted from an application
Excessive Privileges:
Occurs when a user has more computer rights, permissions and privileges than what is required for the tasks she needs to fulfill.
Password Sniffing:
Sniffing network traffic in the hopes of capturing passwords being sent between computers.
IP Spoofing:
Manually change the IP address within a packet to point to another address.
Denial of Service - DoS:
Denying others the service that the victim system usually provides.
Dumpster Diving:
Refers to someone rummaging through another person's garbage for discarded document, information and other precious items that could then be used against that person or company.
Emanations Capturing:
Eavesdropping of the electrical waves emitted by every electrical device.
Wiretapping:
Eavesdropping of communication signals.
Social Engineering:
The art of tricking people and using the information they know unknowingly supply in a malicious way.
Masquerading:
A method that an attacker can use to fool others of her real identity