







Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A comprehensive overview of various information security controls, including preventative, detective, and corrective measures, as well as common security vulnerabilities and attacks. It covers topics such as security policies, access control, cryptographic hashes, denial-of-service attacks, network security, firewalls, intrusion detection and prevention systems, and malware protection. The document also discusses best practices for securing client-server environments, virtualization, and voip systems. Additionally, it covers incident response, evidence protection, and physical security measures like fire suppression systems. This information is valuable for understanding the fundamental principles of information security and the strategies used to mitigate risks in an organizational setting.
Typology: Exams
1 / 13
This page cannot be seen from the preview
Don't miss anything!








to each of them to be the other side. Or the attacker interferes while the devices are establishing a connection. Can be used against WPAN networks
incoming message is in response to the request that went out. This is done by mapping the source IP address of an incoming packet with the list of destination IP addresses that is maintained and updated. Advantages is that stateful inspection control the flow of IP traffic by matching information contained in the headers of connection-oriented or connectionless IP packets at the transport layer, against a set of rules specified by the admin. This provides a greater degree of efficiency when compared to typical CPU intensive full time application firewall systems' proxy servers. Disadvantages include that stateful inspection firewalls can be relatively complex to administer compared to other types of firewalls.
known and new malware, on the basis of malware masks or signatures. Second type is heuristic scanners. They analyze the instructions in the code being scanned and decide on the basis of statistical probability whether it could contain malicious code. They tend to generate a high level of false positive errors. Active Monitors - interpret DOS and red only memory (ROM) BIOS calls, looking for malware like actions. Can be problematic because they cannot distinguish between a user request and a program or malware request. Integrity CRC Checkers - compute a binary number on a known malware free program that is then stored in a database file. The number is called a CRC. On subsequent scants, when that program is called to execute, it checks for changes to the files as compared to the database.
Establish strong physical security Lock critical hardware with anti-tamper devices Remote Access: A dial back scheme Careful scrutiny and proper authentication of requests to open the remote control Maintenance: Ask the manufacturer or maintenance company if any such features exist. Attempt to learn about undocumented usernames/passwords Attempt to search the system's programmable read only memory or disks for evidence of such features