Deliberate vs. Non-deliberate
Internal vs. External
Identify the threats
Likelihood of occurence estimation
System failures (HW, SW, infrastructure)
Malicious acts & software
Error:most common threat
training: most cost-effective security program
least privileges user given only the minimum authorizations and time necessary to preform task. Limits extent of damage.
Disaster recovery: offsite storage of info. Backups critical. Alernate site.
Hardware failure is solvable: redundancy e.g. disk mirroring: copies
of data on multiple disks
failover: group of systems monitor each other, take over function of failed system.
Software quality concerns:
complexity is largest factor of SW reliability
testing for correctness, not for security (test the unexpected)
Infrastructure: electricity, communications, AC, network. Service level agreement contracted level of availability.
Malicious attack: need, greed, revenge
external: get publicity. Random or specific
internal: more damaging.
who you are is prime contributor to being a target
PR and employee satisfaction are biggest steps to reduce being a target.
Malicious software (malware): creates or exploits a vulnerability
logic bomb unauthorized program dormant until triggered
sniffer intercepts network traffic
spoof assume identity of another person or process
email spoof (forge sender address)
trojan horse real program contains hidden program, becomes independant when real program runs once.
virus largest impact of any malware. Only executes when host program does.
worm transports itself across a network