CISSP培训 7运营安全

360 -
OPERATIONS SECURITY
360

OPERATIONS SECURITY

A.
A.1
A.2
A.3
A.4
A.5
A.6
B.
B.1
B.2
C.
C.1
C.2
C.3
C.4
C.5
D.
E.
F.
G.
Prevent
Detect Correct
Prudent man
Due care Re
asonable
Due diligence
Directive Controls
Preventative Controls
Detective Controls
Corrective Controls
Recovery Controls

Directive Controls
Security Legislations
Security Policies
Security Standards
Security Procedures
Security Baselines
Security Tips
Directive Controls
Compliance

Preventative Controls
Undesirable Events
Logical Physical
Access Control Systems
Storage Media
Separation of Duties Job
Rotation Mandatory Vacation
Training Awareness
Test Certification Accre
ditation
Quality Assurance System

Detective Controls
Undesirable Events
Audit Trails Logs

Integrity Check
Antivirus Systems
System Performance Monitoring
Internal Control Audit
Security Checklist
/ Correct/Recovery Cont
rols Respons
e Recovery
Strengthen Security Controls

Data Backup and Recovery
Business Contingency Plans
Incident Handling Capacity
Fire Suppression Systems
Deterrent Controls
Application Controls
Transaction Controls
Input Controls
Processing Controls
Output Controls
Change Controls
Test Controls
IT
LAN/WAN
QA QC QA
QC
Least privilege
Separation of duties
Job rotation
Mandatory vacation
Least privilege
Access Privil
eges
Need-to-know
Access
Control
Separation of Duties
Collusion Fraud
Excessive Control
Fraud

Job Rotation
Backup Redund
ancy
Mandatory Vacation
Au
dit
Unexpected
Fraud

Operator Role
s
Skills
Administrators
Trust levels

Security Administ
rators Security Operators
Account Administrators
Auditors Operators
System Programmers
Trusted Facility Managemen

t TCSEC Trusted Computer System Eval
uation Criteria B2 A1
Assurance Requirements
Configuration
Administration Operatio
n Procedures Roles
Functions
Privileges Databases
Trusted Facility Managemen

t B2 A
dministrator Operator
B3
Security-related Non Secu
rity-related
Errors
Omission System Failures
Impact
Administrative Functions
Console log
Operators
Retention Time
Read-only Media
Log Processing Software

Privileged Commands
Supervisors

high availability
performance

Implements maintains
assessments
access
control mechanisms
MAC se
curity labels
initial passwords
audit

,
, .

Operational Assurance
Product Evaluation
Access control mechanism

s
Separation of privi
leged and user program code
auditing and monitoring ca
pabilities
Covert channel analysis
Trusted recovery

Trusted Recovery Failure
s Discontinuity Subvert
Mechanisms Pro
cedures

Security Accountability

Predefined Expected
Secure State
Administrators
Unexpected
Secure State

Failure
Informal Specification
State Transition TCB
Media Failures
Discontinuity
Automated Mec
hanisms
Manual Recovery
Non-failure Mode
Automated Recovery
Automated
Automated Recovery With

out Undue Loss

Function Recovery

Rollback Secure State

System Reboot
Controlled Manner
Consis
tent State
Emergency System Restart

Inco
nsistent State Maintenance Mode
System Cold Start

Intervention of Administrative Personnel

Life cycle assurance
Product Evaluation
Architecture
Development Maintenance
Design specification
Clipping level configuration
Unit and integration testing
Configuration management
Trusted distribution

Configuration Management
Life Cycle
Firmware
Test Fixtures
Identifiable Controlled
Properties
Trusted System TCB
Security Policy
TCB E
valuated System Trust

Identification Automa
ted Data Processing ADP
Control Authorized Authorit

y
Review Approval
Status Accounting Recordin

g Reporting
Audit
Verify Sec
urity Policy
Change Control
Change Request Form CRF

Baseline
Configuration Item
Cutoff Point

Approved
Si
ze Complexity

Configuration Control Board CC
B ADP
CCB
CCB
Approved Change Priority
CCB Verify

Media Choice
Cost Benefit Analysis
Size Complexity
Frequency
Volatility
Access Method
Transportability

Paper Media
Versatile
Life Expectancy
Legally
Magnetic media
Micro film
Optical Media
Media Marking

(
Electronic label / machin
e-readable
Security Label
Physical/paper label /
human-readable
Colored labels
Banner pages

Controlled Area

Off-site Facility
Documentation
C
ontinuity Consistency
Security Plans
Contingency Plans Risk An
alysis Security Policies P
rocedures
Unauthorize
d Disclosure
Accessibility

Record Retention

Media disposition
Delete
Overwriting
Object reuse
Residual Data
Declassification Dow
ngrade Administrativ
e Action
Labels
Data remanence
Physical C
haracteristics
Reconstruct
Confidentialit
y
Information scavenging
Keyboard attack
Laboratory attack
Data Clearing Data

Purging
Reuse

Overwrite Computer Progra
ms
Clearing Keyboard Attac

k Purging Labor
atory Attack
Secured Physical Environment
Overwriting
Degaussing
Magnetic Media
Data encryption
Media destruction

RAID
0
1
3
4
5
6
10
394
32 7

POP
(Post Office Protocol, POP), , SMT
P ,
IMAP
Internet (Internet Message Access Protocol, IMAP)

(Browsing)
(shoulder surfing)
Loki
ICMP
snapshot in tim
e.

Personnel testing
Physical testing
System and network testing
Penetration testing
externally
internally
blind test
double-blind test stealth assessm

ent

Targeted tests
War dialing

penetration testing

reconnaissance phase
attack phase
occupation phase

IT
What security procedure forces an operator into collusion with an operato

r of a different category to have access to unauthorized data?
A Enforcing regular password changes
B Management monitoring of audit logs
C Limiting the specific accesses of operations personnel
D Job rotation of people through different assignments
a
B
c
D
Which of the following is not an Orange Book-defined life cycle assurance r

equirement?
A Security testing
B Design specification and testing
C Trusted distribution
D System integrity
A
B
C
D
Which of the following ensures that security is not breached when a syste
m crash or other system failure occurs?
A trusted recovery
B hot swappable
C redundancy
D secure boot
A
B
C
D
When it comes to magnetic media sanitization, what difference can be made betwee
n clearing and purging information?
A Clearing completely erases the media whereas purging only removes file he
aders, allowing the recovery of files.
B Clearing renders information unrecoverable by a keyboard attack and purgi
ng renders information unrecoverable against laboratory attack.
C They both involve rewriting the media
D Clearing renders information unrecoverable against a laboratory attack an
d purging renders information unrecoverable to a keyboard attack
A
B
C
D
Which of the following is not a valid reason to use external penetration ser
vice firms rather than corporate resources?
A They are more cost-effective
B They offer a lack of corporate bias
C They use highly talented ex-hackers
D They insure a more complete reporting
A
B
C)
D

CISSP培训 7运营安全

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CISSP培训 7运营安全

Uploaded by

Copyright:

Available Formats

360 -

Audit Trails Logs

Strengthen Security Controls

Trusted Facility Managemen

Trusted Facility Managemen

Log Processing Software

Access control mechanism

Automated Recovery With

Emergency System Restart

System Cold Start

Control Authorized Authorit

Status Accounting Recordin

Change Request Form CRF

Data Clearing Data

Clearing Keyboard Attac

double-blind test stealth assessm

What security procedure forces an operator into collusion with an operato

Which of the following is not an Orange Book-defined life cycle assurance r

You might also like