Definition: The process of verifying the identity of an entity and verifying its legitimacy, applicable to users, processes, systems, network connections, etc.

effect:

Identify legal vs. illegitimate entities
It is the first line of defense for information systems
It is the basis for other security mechanisms such as access control

Question: Definition of identification/authentication? effect? Features?

ID:

Definition: Take an internal name that the system can recognize for each entity

Role: Track and control the behavior of entities in the system

Features: unique, usually public

Identification:

Definition: the process of entity identification and entity association

Role: Verify that the entity is authentic or valid

Features: The authentication process should be private

Question: List several commonly used authentication techniques

① Knowledge-based identity authentication (dynamic password technology)

② Token-based authentication

③ Identity authentication based on physiological characteristics

④ Identity authentication based on behavioral characteristics

⑤Manual interactive authentication

⑥Multi-factor and additional authentication technology

Question: Design a dynamic password authentication mechanism, explain the use and verification process of passwords, and analyze which password attacks it can resist

Password sequence (S/KEY):

① Design:

First, the user generates a secret password: SecretPASS (length greater than 8 characters); then the server sends a seed SEED (clear transmission) to the user; then the user preprocesses the password sequence: splicing the password and the seed to get The character string is encrypted with MD5, and then the encrypted result is divided into left and right parts, each part is 8 bytes, XOR operation is performed on the two parts, and the result is recorded as S

② Generate password sequence:

Do N times S/KEY security hash on S to get the first password;

......

Do 1 S/KEY security hash on S to get the Nth password;

③Use of passwords: The first password is sent to the server for storage, and the client uses the 2-N passwords sequentially

④Password verification: The server sends the received one-time password to the secure hash function for an operation . If it matches the last saved password, the authentication is passed and the received password will be saved for the next verification

⑤ Password attacks that can be resisted: the password sequence (S/KEY) can resist some password attacks based on dictionary attacks, brute force cracking, etc.

Dictionary attack means that the attacker uses a pre-prepared password dictionary to try to log in. If the password used by the user is in the dictionary, it will be successfully cracked by the attacker. However, S/KEY avoids the impact of dictionary attacks by encrypting the user password and matching it with the key stored on the server side.

Brute-forcing occurs when an attacker keeps trying different combinations of passwords to log in until the correct one is found. S/KEY prevents brute force attacks by limiting the length and complexity of each user's password and setting the maximum number of login attempts.

Problem: Pros and cons of biometric-based authentication

fill in the blank

User ID generation: provided by the user, provided by the system
Carrier of user identification: artificial memory, token, no carrier required
Common tokens: smart card, USB key

Chapter 3 Access Control

Question: What is a subject? object? authorized?

Question: What is Access Control?

Access control: restrict the subject's access to the object, so that the information system can be used within the scope of authorization; it is one of the most important core strategies to ensure the security of the information system

Essentially, many cyberspace security techniques can be viewed as access control. For example, cryptographic

Question: List several ways to implement discretionary access control

access password

access control matrix

Accessibility Table (Principal)

Access control list (object) (both Unix and Windows use this method for access control)

Authorization relationship table

Question: What are the limitations of discretionary access control policies?

①In the autonomous access control strategy, the owner participates in the authorization management, and the resource owner has the right to decide the resource access strategy, which has potential security risks

② Allows the transfer of access rights between subjects, and the access rights may be changed during the transfer process, bringing security risks

Security access rules (confidentiality rules) for BLP model? Fundamental security theorem? Usability issues?

①Security access rules: no reading, no writing, independent access control;

②Basic security theorem: If the initial state of the system is safe, and each change of the system state can satisfy SS-strategy, *-strategy and

DS-policy requirements, then the system will always be in a safe state

③ Usability issues:

*-The impact of policies on system availability: subjects with high security levels can only produce information with high security levels; some systems may not function properly;

Covert channel problem (a communication channel is said to be covert if it is neither designed for communication nor intended to pass information): can lead to the transfer of sensitive information from areas of high security to areas of low security

Definition of data integrity in the system?

Data quality meets expectations

Protection against incorrect modification of data

Protection against unauthorized modification of data

Prohibits modification of data, or detects any modification to data

Limit the one-way flow of information

Question: What are the security access rules (integrity rules) for the Biba model?

SIP, RP, LWMPS comparison:

Comparison of SIP, LWMPO, and LWMIAP:

Problem: Ideas for Role-Based Access Control (RBAC)

Create corresponding roles for different positions in an organization
Assign different operation permissions to each role
Assign users to appropriate roles based on their responsibilities or tasks in the organization
Users obtain corresponding permissions through assigned roles to access information resources

Question: Briefly describe the principle of separation of duties

The execution authority and management authority of the role are separated, that is, the subject should not have the second type of authority at the same time, otherwise the authority management will be out of control
Assign different responsibilities to different subjects in order to achieve mutual containment and eliminate the risk of one subject performing two or more incompatible tasks

Question: What are privileges? What are the hazards of privileges to information system security? Why even have privileges?

Privileges: Permissions not restricted by access control policies

Hazard: abused; stolen; misused

Reason: easy system maintenance; improve system availability

Problem: The Principle of Least Privilege and the Need-to-Know Principle

Principle of Least Privilege: Subjects are only granted the privileges necessary to perform their tasks

Need-to-know principle: users only have access to the resources they need to perform their duties

The meaning of the principle of least privilege

If an access right is not necessary for the subject to perform its duties, then it should not be granted to him.
If a subject does require additional permissions to perform a task, the additional permissions must be revoked when the task is completed

fill in the blank

Security Policy: A statement that divides the system state into a secure state (authorized state) and a non-secure state (unauthorized state)
A secure system: starts in an authorized state, does not enter an unauthorized state
Reference monitor: an abstract device that arbitrates a subject's access to an object
Access control policy is a description of access control and related authorization, which determines what users can do, and also determines what programs or processes representing certain user interests can do
Need-to-know principle: users only have access to the resources they need to perform their duties
Security Goal of the BLP Model: Confidentiality
In the BLP model, the subject has four access rights to the object: read only, add, execute, read and write
Three strategies of the BLP model: SS-strategy, *-strategy, DS-strategy
In the BLP model, the strategies that affect the transmission of sensitive information from high-security areas to low-security areas are: *-strategy
Covert channel: A channel that allows a process to pass information in a manner that violates system security policies
The security goal of the Biba model: to protect the integrity of data in the system
In the Biba model, the integrity of data includes: preventing incorrect modification of data, preventing unauthorized modification of data, data quality meeting expectations, prohibiting modification of data, or detecting any modification of data, and restricting the one-way flow of information
Access methods defined by the Biba model: read, write, call
The concept of a role: a set of actions and responsibilities related to a specific work activity
The constrained RBAC model supports permission-role checks on the basis of RBAC with role inheritance
Separation of responsibilities: Execution authority and management authority of roles are separated, that is, the subject should not have the second type of authority at the same time, otherwise authority management will be out of control
RBAC models with role inheritance include restricted inheritance and multiple inheritance
The hazards of privileges to information system security: being abused, stolen, and misused
The basic idea of the principle of least privilege: decentralization

Chapter 4 Security Audit

Concepts: Basic concepts of security auditing

Question: What is the role of security audits?

Security audit is the last line of defense for system security and a necessary supplement to access control, which can:

reconstruction event
Monitor potential intrusions and provide raw data needed for intrusion detection
Perform fault monitoring
System deficiencies found
Linkage with other security mechanisms

Security audit helps to discover security problems or attacks in the system

Helps to understand the working status and credibility of the system security mechanism

It is an important security mechanism for information systems and the last line of defense for system security.

Analysis: Analyze the audit system model defined by the X.816 standard and the functions of each module

fill in the blank

Security auditing: the process of recording, checking, and reviewing security-related activities in an information system
An audit event is the most basic unit for an information system to audit user operations
An audit trail is a set of records about operating system, application, or user activity
Security audit is the last line of defense for system security and a necessary supplement to access control
The functional requirements of the security audit system model include: data generation, event selection, event storage, automatic response, audit analysis, and audit review
The security audit system needs to enable the system to configure different levels of audit granularity when selecting events
Four levels of the security audit model: audit data creation layer, audit record management layer, audit record reduction layer, audit record analysis application layer
In the audit system model defined by the X.816 standard, new auditable events can be defined, and the components that send audit messages include: event discriminator; audit analyzer; alarm processor
Security audit data is an important source of information for intrusion detection systems
Intrusion detection is mainly to detect the intrusion behavior of unauthorized users to the system
Intrusion detection is application software, security audit can be application program or system program
Audit trails can be divided into: system-level audit trails, application-level audit trails, user-level audit trails, and physical access audit trails
Audit records can be stored in log files or database

Chapter 5 Windows Operating System Security

Good TCB design:

Common concepts and what they mean:

Active Directory: It is a database containing network resources; it is also a distributed directory service system. In a distributed environment, network resources are allowed to be easily accessed and read by various authorized applications (users, programs)
Domain: The security boundary of the Windows network system ; the security management unit of the Active Directory is the domain, and all users and computers in the domain implement the same domain security policy

1. Windows clients use Active Directory for authentication when a user logs in with a domain account instead of a local account

SAS: Security Note; before performing sensitive operations, the user sends a "Security Note" to the secure kernel to trigger and build a trusted path between the user and the secure kernel
LSA: local security authentication; the core component of the security subsystem , responsible for loading the authentication package and managing the trust relationship between domains; confirming the data in the SAM, controlling various types of users to log in locally and remotely, providing user access permission confirmation, generate access token
Kerberos: Domain Authentication Protocol for Windows
MSV1.0 Authentication: Provides NTLM (NT LAN Manager) based authentication for Windows clients that do not support Kerberos authentication
SAM: Security Accounts Manager; stores accounts and related security information for local users and local groups

1. SAM files are in binary mode, not text, and passwords are stored using the MD4 hash algorithm

SRM: Security Reference Monitor ( kernel-mode component ); performs object access validity checks, generates audit log entries, provides user permissions
SID: security identifier; every time a user or a group is created, the system will assign it a unique SID

1. One-to-one correspondence between user name and SID
2. After a user is deleted, its SID is not reused
3. Creation of SID: The SID of a local user or group is generated by LSA and stored in the security area of the registry; the SID of a domain user or group is generated by the domain security agency and stored in the domain of the active directory as an attribute of the user or group object in service

SD: security descriptor;
ACL: Access Control List; is the core of the Windows access control mechanism, identifying the access rights of users and workgroups to an object
ACE: Access Control Item: It consists of the permissions of the object and the SID of the user or group; the contents include:

1. access denied
2. Allow read and write
3. allowed to execute

DACL: Discretionary Access Control List; controlled by the object owner, determines what operations a user or group of users can perform on that object

1. The type of DACE has allow/deny

SACL: system access control list; determines the audit policy of security resources; describes which types of access requests need to be recorded by the system

1. The type of SACE has success/failure

FAT: file allocation table; divided into FAT16 and FAT32
EFS: Encrypted File System ;
IPSec: network protocol security;
SA: Security Association; a network-layer logical connection established from the source host to the destination host

Question: Briefly describe the protection method of Windows operating system

①Memory protection: operating system process, user process: have different permissions (to prevent user process from interfering with the operating system)

②CPU operation mode is divided into system mode and user mode:

System mode can execute arbitrary instructions and access arbitrary memory addresses

User mode restricted memory access, some instructions cannot be executed

③The switch from user mode to system mode must be called through the system

Question: What is a system call? Can system calls be changed? The relationship between system calls and function libraries?

①The system call is a system program that enters the kernel mode from the user mode, and is the interface for the interaction between the user program and the kernel

②The system call cannot be changed!

③ From the perspective of the executor, there is a major difference between system calls and library functions; from the perspective of users, the difference is not important

What is object reuse? What is a trusted channel?

Object reuse: before the object is initially assigned, assigned or reassigned to a subject, all authorizations to the information contained in the object are revoked. When the subject obtains access to a released object, the current subject cannot obtain the information generated by the original subject’s activities . any information on

- Object reuse is a C2 level security feature

Trusted path: TCB should support a trusted communication path between itself and the user for initial login and authentication; it is mainly used when the user logs in or registers to ensure that the user is indeed communicating with the security core, preventing untrusted processes such as Trojan horses and other simulated system login process to steal passwords

- Trusted access is a level B security feature

Question: Briefly describe the architecture of Windows

The Windows operating system adopts an architecture that separates user mode and kernel mode :

① Software in user mode runs in an unprivileged state, with limited access to system resources

②All access to the kernel mode is protected to prevent out-of-control user processes from destroying low-level system drivers in kernel mode

Question: Briefly describe the workflow of NLTM

Step 1: The user logs in to the client host by entering the Windows account and password. Before logging in, the client caches a hash of the entered password, and the original password is discarded. If a user who successfully logs in to the client Windows tries to access server resources, he needs to send a request to the other party. The request contains a username in clear text

Step 2: After receiving the request, the server generates a 16-bit random number. This random number is called Challenge or Nonce. The server saves the Challenge before sending it to the client. Challenge is sent in clear text

Step 3: After receiving the Challenge sent back by the server, the client encrypts it with the password hash value saved in Step 1, and then sends the encrypted Challenge to the server

Step 4: After receiving the encrypted Challenge sent back by the client, the server will send a verification request for the client to the DC (Domain Controller). The request mainly includes the following three aspects: the client user name; the challenge encrypted by the hash value of the client password and the original challenge.

Step 5: The DC obtains the password hash value of the account according to the user name, and encrypts the original Challenge. If the encrypted Challenge is the same as the one sent by the server, it means that the user has the correct password and the verification passes, otherwise the verification fails. DC sends the verification result to the server, and finally feeds back to the client

Question: How to guarantee the uniqueness of SID?

SID is always unique, determined by the following three parameters to ensure uniqueness

1. Computer name

2. Current time

3. The sum of the CPU time spent by the current user mode thread

Question: Briefly describe the Windows local authentication process

Step ①: After the user presses the SAS key, it immediately causes a hardware interrupt and is captured by the operating system, which will activate the Winlogon process. The Winlogon process calls GINA immediately, and GINA displays a dialog box, which is convenient for the user to enter the account number and password

Step ②: GINA returns the account number and password entered by the user to the Winlogon process

Step ③: The Winlogon process sends the user name and password information to LSA for verification

Step ④: LSA invokes the Msv1_0.dll verification program package to generate a key after processing user information

Step ⑤: The Msv1_0.dll verification package sends the generated key to the SAM server process

Step ⑥: The SAM server process compares the received user key with the key stored in the SAM database

Step ⑦: If the user's identity is legal, the SAM process will send the user's SID, the SID of the user group to which the user belongs and related information to the Msv1_0.dll verification program package

Step ⑧: Msv1_0.dll verification program package returns the verification result information to LSA

Step 9: LSA creates a security access token based on the received SID information , and then sends the token handle and login information to the Winlogon process. The Winlogon process handles user login and completes the local identity authentication process

Question: Briefly describe the working principle of EFS and analyze its security;

Problem: Analyze the security of the IP protocol

Failure to provide good data source identification mechanisms for communications;

Does not provide strong integrity protection mechanisms for data;

No protection of confidentiality is provided for the data;

There are security holes in the design and implementation, so that various attacks can be exploited. For example: an attacker can easily construct an IP datagram containing a false address

Question: Briefly describe the two protocols of the IP security datagram format

Authentication Header AH (Authentication Header) protocol: Provide source authentication and data integrity, but not confidential.

Encapsulation Security Payload ESP (Encapsulation Security Payload) protocol: Provide source authentication, data integrity and confidentiality

Question: Briefly describe the two working methods of IP security datagrams

Transport mode: Add some control information before and after the entire transport layer segment , and add IP headers to form an IP security datagram. Protect the entire transport layer segment, suitable for secure transmission between hosts and hosts

Tunnel mode: Add some control information before and after the original IP datagram , and add a new IP header to form an IP security datagram. The tunnel mode is often used to implement virtual private network VPN (between the host and the route, between the route and the route)

fill in the blank

A good TCB (Trusted Computing Base) design is divided into four parts: hardware, operating system kernel, operating system, user tasks
The isolation control of the operating system includes: physical isolation, time isolation, logical isolation, encryption isolation
By restricting a program's access to objects outside its permissible domain, users feel as if they are executing their own process without the presence of other processes. This isolation control method is: logical isolation
The CPU operation mode is divided into: user mode and system mode
The kernel implementation methods of the operating system are: single-core, micro-kernel
From the perspective of the kernel implementation method of a secure operating system, the least privilege can be achieved, and the device driver failure/error tolerance is: the microkernel method
The backup strategies of the Windows operating system include: overall backup, incremental backup, real-time backup, and differential backup
The backup strategy with the least data loss is: real-time backup
According to the Trusted Computer System Evaluation Criteria TCSEC, the security level of the operating system that must have a security administrator is: B3
According to TCSEC, the trusted computer system evaluation criterion, the security level of the current Windows and Linux operating systems is: C2
Realization of trusted channel: before performing sensitive operations, the user sends a "safety note" to the secure kernel
In the Windows security subsystem, what provides user access permission confirmation and generates access tokens is: local security authentication LSA
In the Windows Security Subsystem, accounts for local users and local groups and related security information are stored: SAM database
SID is generated by LSA
In the Windows Security Subsystem, the kernel-mode component is: Security Reference Monitor SRM
ACL is the core of Windows access control mechanism
ACE consists of the object's permissions and the SID of the user or group
The log files in Windows security audit include: system log, application log, security log
Windows file system types include: FAT, NTFS, etc.;
NTFS partitions support discretionary access control and ownership
The so-called "secure datagram" means that the data part of the datagram is encrypted and can be identified
The data portion of a datagram is usually referred to as the payload of the datagram

Chapter 6 Linux Operating System Security

1. Security threats of Linux system:

Privileged Program Vulnerabilities
Malicious code
Network Listening and Data Capture
Software Setup and Interaction

Question: What is a privileged program in a Linux system? Privileged programs will have description loopholes?

A privileged program is a program that can temporarily gain administrator privileges and perform some functions with administrator privileges . If the privileged program fails to ensure complete control over the use environment, or does not consider some error handling well, the program will exit into the privileged environment , or the attacker can use buffer overflow and other means to transfer the program flow to malicious code. , allowing users or intruders to gain administrator privileges

2. The local security mechanism of Linux:

User and Group Security
file system security

- The Linux file system is a Linux system module
- Linux file system supports Owner/Group/Other access control mechanism

Process Management Security
log management

- Unix and Linux operating systems mostly use Syslog for system log management and configuration

Question: In the Linux system, user group information is not necessary for access control (√)

The Linux system adopts a permission-based access control model instead of an identity-based access control model;

In the permission-based access control model, each file and directory has a unique permission bit indicating which users or processes can perform which operations on the file or directory. These permission bits consist of three components: read (r), write (w), and execute (x). Through these permission bits, you can determine which users or processes can access the file or directory

Problem: Access permissions for Linux files and directories:

Question: What is a zombie process in a Linux system? Problems with zombie processes?

① Zombie Process (Zombie Process) refers to the process that has ended but its parent process has not yet processed its termination information

The zombie process gives up almost all memory space , does not have any executable code , and cannot be scheduled. It only reserves a position in the process table to record the exit status of the process and other information for other processes to collect.

②The number of processes in the Linux system is limited; if there are too many zombie processes, it will occupy memory resources, affect system performance and the generation of new processes, and even cause system paralysis

3. Linux network security mechanism

Web service security
Netfilter/Iptables firewall
intrusion detection
DNS service security
DHCP service security
xinetd

fill in the blank

All processes in the Linux system are derived from the init process, and its process number is 1
The access control of files and programs in Linux system is based on user (UID) and user group (GID)
In the Linux system, user information is saved as an ordinary text file, which is readable by all users
In the Linux extended file system, Ext2 supports automatic repair of damaged file systems and undelete
Unix and Linux operating systems mostly use Syslog for system log management and configuration
The five chains of Netfilter/Iptables firewall are: PREROUTING, INPUT, FORWARD, OUTPUT, POSTROUTING

Chapter 7 Database System Security

1. Security requirements of the database system:

confidentiality
integrity

- Prevent illegal access and modification of DBMS
- Protect the security of stored data and files

Consistency: Two figures representing the same fact should be the same
Auditability: the database can be restored after being damaged, maintaining integrity

- Prevent users from accumulating access to protected data
- Audit, track user access records, and infer user intent

Question: What is the meaning of data integrity in database security?

Physical database integrity: avoid database damage; ensure data can be physically read

Logical database integrity: protecting the structure of the database

Element Integrity: Data elements can only be changed by authorized users

2. The security protection level of the database system

network environment level

- The security of the network system is the first barrier to the security of the database system

Host OS Hierarchy

- Prevent illegal access and modification of DBMS
- Protect the security of stored data and files
- System login authentication for database users

Database Management System Hierarchy

- Protect the confidentiality of data
- Protect Data Integrity
- Protect Data Consistency
- Availability of protection system
- concurrency control

Database Application System Hierarchy

- User Management
- Authentication
- User/Role Management
- Access control
- business audit
- input check

3. The security mechanism of the database system

Authentication
Access control
security audit
View mechanism : By defining different views, the data that users do not have access to is hidden
database encryption
Inference control: use the relationship between data to deduce the content protected by high security level in the database from legally obtained low security level data, thus causing the leakage of sensitive information

Question: What are the database encryption techniques? What are the pros and cons?

①Encryption outside the library: the encryption/decryption process occurs outside the DBMS , and the DBMS manages the ciphertext

Advantages: less requirements for DBMS

Disadvantages: low efficiency; data encryption/decryption requires a lot of time and space

②In-library encryption: The encrypted object is the data stored in the database, such as tables, records, fields, etc.; in-library encryption is implemented at the DBMS kernel layer . The encryption/decryption process is transparent to users and applications, and the data is encrypted before physical access. /decryption work

Advantages: the granularity of encryption can be refined; higher efficiency

Disadvantages: DBMS performance is reduced; key management risks are greater

Question: What are the limitations of database encryption technology?

① It is not suitable to encrypt the entire database file as a unit

Reason: The decryption operation cannot start from the middle of the file; due to the need for data sharing, key management is difficult

② Some fields cannot be encrypted (index fields cannot be encrypted; connection code fields between tables cannot be encrypted)

Conditions that can be encrypted: DBMS must be able to recognize the condition field;

4. SQL Server data control:

integrity control
concurrency control
Data Recovery
Security control: authorization and access control for users
stored procedure management

fill in the blank

The composition of DBMS mainly includes storage manager and query processor
The confidentiality of the database system requires the confidentiality of the following information: data value, possible value, range of data value, negative query result
The security protection of the database system can be divided into four levels: network environment, host operating system, database management system, and database application system
The security of the network system is the first barrier to the security of the database system
The authentication modes supported by SQL Server include Windows authentication mode and mixed authentication mode
The permissions of SQL Server include statement permissions (permissions to create objects), object permissions (permissions to operate objects) and implicit permissions (permissions obtained through role transfer)

Chapter 8 Information System Security Evaluation

1. my country's information security level protection standard: "Computer Information System Security Protection Level Classification Guidelines"

User autonomous protection level
System Audit Protection Level
Security Mark Protection Level (beginning to compromise national security)
Structured Protection Level
access authentication protection level

Question: What are the two rating elements that determine the security protection level of an information system?

① The object that is violated when the protected object is destroyed

②The degree of damage caused to the object

2. Information security risk assessment technology

Assets: Resources in an organization that have a certain value and need to be protected
Asset value: the attribute of the asset, indicating the importance and sensitivity of the asset
Threat: It is a potential factor that may cause a security incident and cause direct or indirect damage to the organization and assets
Vulnerability (vulnerability): The weakness of an asset. Vulnerabilities may be exploited by threats to cause security incidents and damage assets
Risk: A potential impact that enables a threat to exploit a vulnerability, causing direct or indirect damage to an asset
Risk assessment (security assessment): It is the process of assessing the threat, vulnerability, impact and the possibility of occurrence of the three, determining the risk level of assets and determining the priority control order

Principles of information security risk assessment:

controllability principle
Integrity principle (full assessment)
The principle of least impact (to minimize the possible impact of risk assessment on the normal operation of information systems)
confidentiality principle

The basic process of information security risk assessment:

assessment preparation
Identify and evaluate assets
Identify and assess threats
Identify and assess vulnerabilities
Identify security measures
Analyze Likelihood and Impact
risk calculation
risk management
Compile information security risk assessment report

Question: How to calculate risk using matrix method?

Determining the probability value of security incidents from threats and vulnerabilities

Determining the damage value of a security incident by asset and vulnerability

Risk calculation process:

Calculate the probability of a security incident:

1. Build a probability matrix of security incidents;
2. According to the threat occurrence frequency value and the vulnerability severity value, compare in the matrix to determine the possibility value of security incidents;
3. Classify the calculated probability of occurrence of security risk events

Calculate the loss caused by the security incident:

1. Build a security incident loss matrix;
2. Compare in the matrix according to asset value and vulnerability severity value to determine the security incident loss value;
3. Classify the calculated security incident losses

Calculate value at risk:

1. Build a risk matrix;
2. According to the probability level of security incidents and the loss of security incidents, compare them in the matrix to determine the risk of security incidents;

Result judgment

Question: How do you calculate risk using the multiplication method?

Calculate the likelihood of a security incident
Calculating the Loss of a Security Incident
Calculate value at risk
Result judgment

Question: In information security risk assessment, what is residual risk? How to deal with residual risk

In information security risk assessment, residual risk refers to the residual risk that control measures have been taken but may still exist . These residual risks may be due to system design, technical limitations, human error or other factors, which may still lead to information security problems despite some security controls in place.

Dealing with residual risk requires a comprehensive strategy. First, the residual risks should be analyzed and identified in detail to determine their sources and characteristics. A range of actions can then be taken to reduce these risks, such as reassessing existing controls, strengthening security monitoring and auditing, updating software and patches, and more.

In addition, new technologies and controls should be considered to address residual risks . For example, vulnerability scanners and penetration tests can be used to assess the security of a system and identify vulnerabilities and threats in the system. For vulnerabilities that have been found, automated tools can be used to fix them.

Finally, residual risks should be monitored and reviewed regularly to ensure that the measures taken continue to be effective. If it is found that residual risks have caused information security problems, emergency response measures should be taken in time to mitigate losses and restore system security.

Chapter 9 Trusted Computing

Trust is the foundation of secure interactions in cyberspace
The starting point of trusted computing: to provide a method for entities to judge whether the entities interacting with them are trustworthy, and to ensure the security of interactions in cyberspace
Trusted computing refers to the simultaneous security protection of computer operations, so that the results of operations and process behaviors are always the same as expected under any conditions. The entire calculation process is measurable and controllable without being disturbed. It is a self-combination of computing and protection New calculation model for immunity
The concept of trustworthiness: an entity is trustworthy if it always behaves in the expected way to achieve the expected goal (the concept proposed by TCG)
Trusted Computing System: It is a computer system that can provide system reliability, availability, information and behavioral security

Components of a trusted computer system:

Root of Trust: The base point of system trust

- Chain of trust: The chain of trust extends the trust relationship from the root of trust to the entire computer system

Trusted hardware platform
trusted operating system
Trusted application system

Technical Principles of Trusted Computer Systems: Trusted Measuring, Storage, and Reporting Mechanisms

The trusted computing platform conducts trusted measurements on the entities requesting access, stores the measurement results, and provides reports when the entities inquire

[Information System Security/Computer System Security] Final Review (HITWH)

Chapter One Introduction

Chapter II Security Certification

fill in the blank

Chapter 3 Access Control

fill in the blank

Chapter 4 Security Audit

fill in the blank

Chapter 5 Windows Operating System Security

fill in the blank

Chapter 6 Linux Operating System Security

fill in the blank

Chapter 7 Database System Security

fill in the blank

Chapter 8 Information System Security Evaluation

Chapter 9 Trusted Computing

Guess you like