Page 35 - DCAP516_COMPUTER_SECURITY
P. 35

Unit 3: Assurance and Operational Issues




          vulnerabilities, patches, and other areas that impact security. The Forum of Incident Response  Notes
          Teams (FIRST) has an electronic mailing list that receives information on threats, vulnerabilities,
          and patches.



              Task  Differentiate between design and implementation assurance and Operational
            assurance.

          3.6 Human Issues

          There exist two main types of human issues: one relating to organizations and the other to
          people problems.

          3.6.1 Organizations

          The key here is that those responsible for security have the power to enforce security. Otherwise
          there is confusion, and the architects need not worry if the system is secure because they won’t
          be blamed if someone gets in. This arises when system administrators, for example, are
          responsible for security, but only security officers can make the rules. Preventing this problem
          (power without responsibility, or vice versa) is tricky and requires capable management. What’s
          worse is that security is not a direct financial incentive for most companies because it doesn’t
          bring in revenue. It merely prevents the loss of revenue obtained from other sources.

          3.6.2 People Problems

          People problems are by far the main source of security problems. Outsiders are attackers from
          without the organization; insiders are people who have authorized access to the system and,
          possibly, are authorized to access data and resources, but use the data or resources in unauthorized
          ways. It is speculated that insiders account for 80-90% of all security problems, but the studies
          generally do not disclose their methodology in detail, so it is hard to know how accurate they
          are. (Worse, there are many slightly different definitions of the term “insider,” causing the
          studies to measure slightly different things!) Social engineering, or lying, is quite effective,
          especially if the people gulled are inexperienced in security (possibly because they are new, or
          because they are tired).

          Self Assessment

          State whether the following statements are true or false:

          6.   People problems are by far the main source of security problems.
          7.   System performance monitoring analyzes system performance logs in real time to look
               for availability problems, including active attacks and system and network slowdowns
               and crashes.
          8.   Penetration testing can use only one method to attempt a system break-in.
          9.   Penetration testing can be done both manually as well as automatically.

          10.  Checksumming presumes that program files should change between updates.








                                           LOVELY PROFESSIONAL UNIVERSITY                                   29
   30   31   32   33   34   35   36   37   38   39   40