[CISSP] Domain Operations Security

Domain Operations Security

Basic forms of electronic vaulting

• Online tape vaulting
• Remove transaction journaling
• Database shadowing

Due dilligence is going through the necessary steps to know what a company or individual's actural risks are.

Due care is carrying out responsible actions to reduce those risks.

A user should have a need-to-know to access particular resources; least privilege should be implemented to ensure she only accesses the resources she has a need-to-know.

Three primary types of recovery procedures for computers:

1. System reboot - Restarts in a controlled manner.

2. Emergency reboot - Restarts when normal procedures cannot be initiated.

3. System cold start - User administered-restart due to the system being unable to properly recover.

Fingerprinting

Network mapping tools perform fingerprinting functions within networks. The responses received from ping commands and port scans can help provide useful information to the requestor, such as clarifying what type of device it is connected to. The attacker can also learn about what operating system software and applications are running.

Port scanning is used by attackers to identify open ports in a victim's network

Configuration management is a process to control the changes that take place while a system or application is being developed. This control takes place throughout the life time of the system or application, so any changes to it in production also fall under configuration management. Configuration management does not ensure that changes take place, but controls the changes to make sure they are carried out properly.

Change management policy

1. Request a change

2. Approve a change

3. Document a change

4. Test a change

5. Implement a change

6. Report a change to management

Deviation from standards

Performing at a different level than the standard set baseline of security and functionality

Juggernaut and Hunt are two programs used to accomplish session hijacking.

Authorization creep violates both the least privilege and need-to-know concepts.

Slamming is when a user's telephone service provider has been chnaged without that user's consent.

Cramming is adding on charges that are bogus in nature that the user did not request or receive.

The basic features and architecture of a system are the focus of operational assurance.

Tursted recovery refers to the right procedures following a system failure and can be classified as either a system reboot, emergency system restart, or a cold start. Trusted recovery is carried out so that even if a system fails for one reason or another, it is not put into an insecure state.