|
Monitoring and Auditing
Monitoring:
Contains the mechanisms, tools and techniques which permit the identification of security events that could impact the operations of a computer facility.
Monitoring techniques -
- Intrusion detection
- Penetration testing
- Scanning and probing
- Demon Dialling
- Sniffing
- Dumpster Diving
- Social Engineering
- Violation processing using clipping levels
Auditing:
Is the foundation of operational security controls monitoring.
Audit Trails:
Enables a security practitioner to trace a transaction's history.
Problem Management Concepts:
- Reduce failures to a manageable level
- Prevent the occurrence or re-occurrence of a problem
- Mitigate the negative impact of problems on computing services and resources.
Threats and Vulnerabilities
Threats:
Accidential loss:
Is a loss that is incurred unintentionally, though either the lack of operator training or proficiency or by the malfunctioning of an application processing procedure.
- Operator input error and omissions
- Transaction processing errors
Inappropriate Activities:
Is computer behaviour that, while not rising to the level of criminal activity may be grounds for job action or dismissal.
- Inappropriate Content
- Waste of Corporate Resources
- Sexual or Racial Harassment
- Abuse of Privileges or Rights
Illegal Computer Operations and Intentional Attacks:
Computer activities that are considered as intentional and illegal computer activity for personal financial gain for destruction.
- Eavesdropping
- Fraud
- Theft
- Sabotage
- External Attack
Vulnerabilities:
- Traffic / Trend Analysis
- Maintenance Accounts
- Data Scavenging Attacks
- IPL Vulnerabilities
- Network Address Hijacking
|
|
