no more cubes

Category: Security & Privacy

  • Data Link Layer Protocols

    Synchronous data link control / SDLC: supports loop or hub go-ahead configuration used with bounded and unbounded media. High Level Data Link Control / HDLC: Provides an option for a 32bit checksum, maintains data integrity, and provides flow control. Link access procedure balanced / LAPB: Performs packet framing operations, using I-, S- and U-frames.

  • WAN Protocol Characteristics

    Frame Relay Provides point to point connections by creating virtual circuit paths. Forwards frames and performs error check only at the end points. X.25 Is designed to operate over unreliable network lines works with the physical, data link and network layers of the OSI model.

  • Packet Switching / WAN Technology

    X.25: defines communication between DTE and DCE devices. Switched multimegabit data services (SMDS): Is a connectionless protocol and can provide bandwidth for exchange of large amounts of data. A connectionless, high-speed, datagram-based WAN technology for communication over public data networks. Frame Relay: Forwards packets to their destinations and doesn’t unpack frames at each node. Link…

  • Change management process

    Submit the change Approve the change Document the change Test the change Implement the change Report the change

  • Reconnaissance Methods

    FIN Scan: Uses an IP-bases server’s error-handling mechanism against it. Operation System (OS) Identification: users an operating system’s weaknesses to obtain valuable information. Port sweep: Bombards a servers’s IP address with packets to identify active services. Evasive sweep: Identifies a server’s systems and services without ever completely connecting to it.

  • Components od a basic information system architecture

    Network architecture Protection mechanisms Platform architecture Security Models Enterprise architecture

  • Security Models

    Address security, integrity and information flow Graham-Denning: Defines the commands that a subject can execute to create or delete an object. Noninterference: Prevents covert channels and interference attacks. Brewer & Nash Address security and integrity Clark-Wilson State Machine: Is concerned with capturing a system’s state and ensuring its security. Bell-LaPadula (is a statemachine) Further Descriptions…

  • Operating System States

    Supervisory: A system routine, or highly privileged routine, is being executed by the system. Ready: Processing can be resumed for an application. Wait: A specific event must be completed before another process resumes. (Needs review: Problem: An application is being run by the system.(?))

  • Control Objects for Information and Related Technology (COBIT)

    Control Objects for Information and Related Technology (COBIT) can be used to as the basis for internal and external security audits. determines the security mechanisms to be implemented for a system.

  • ISO / IEC 27001:2005

    ISO / IEC 27001:2005 can be used for certifying a company’s ISMS and making comaprisons to other companies’ ISMSs. Defines a company’s ISMS and how it’s structured, controlled, run, and maintained.