Unit 3-1 Risk Analysis [Compatibility Mode]

Unit 3-1 Risk Analysis [Compatibility Mode] - 1 Unit 3:Risk...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 12/19/2010 1 Unit 3 :Risk Analysis Unit 3 :Risk Analysis Part 1 Click Here To Start Audio Risk Analysis Risk Analysis c Vulnerability Analysis - Bishop Chapter 23 c DoD Threat Analysis c Microsoft’s Threat Analysis c Common Criteria ◦ Threat Analysis ◦ Security Policies ◦ Security Objectives Flaw Hypothesis Methodology Flaw Hypothesis Methodology c Information Gathering c Flaw Hypothesis c Flaw Testing c Flaw Generation Bishop, Chapter 23 12/19/2010 2 Vulnerability Tiger Teams Vulnerability Tiger Teams c Very Effective Tool c Should be Targeted c Penetration Studies (e.g. RISOS) would tell us to target: ◦ Integration Points ◦ Documented Don’t Do’s ◦ Install/Config Errors Vulnerability Testing Vulnerability Testing Demonstrates Design Problems Demonstrates Design Problems c Implementation Problems are the Source of Many Vulnerabilities c Hackers Will Find Them c Read the Examples in Bishop Chapter 23 ◦ Internet Worm of 1988 ◦ Xterm Security Flaws ◦ NT Security Flaws...
View Full Document

This note was uploaded on 02/20/2011 for the course TECH 7375 taught by Professor June during the Spring '11 term at University of Arkansas for Medical Sciences.

Page1 / 5

Unit 3-1 Risk Analysis [Compatibility Mode] - 1 Unit 3:Risk...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online