csce548-lect4 - CSCE 548 Secure System Standards Secure...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
CSCE 548 CSCE 548 Secure System Standards Secure System Standards Risk Management Risk Management
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CSCE 548 - Farkas 2 Reading Reading This lecture: McGraw: Chapter 2 Recommended: Rainbow Series Library, http://www.fas.org/irp/nsa/rainbow.htm Common Criteria, http://www.commoncriteriaportal.org/ Next lecture: Software Development Lifecycle – Dr. J. Vidal Handout on SDLC and UML
Background image of page 2
Homework 1 Homework 1 Choose a team member among your class mates. (This selection is for this exercise only. Team member selection is facilitated in class. If you've missed the Jan. 20th class, contact Dr. Farkas to have a team member assigned to you.) List the steps of RMF for the "KillerAppCo's iWare 1.0 Server" given in your text book. (3 points) Carry out similar RMF on the computing resources owned by your team member. For example, understand the "business" context may include goals like graduating from USC, making profit from writing software to a company, etc. Document your RMF activities and findings. (7 points) BONUS points (2 points): Have your partner evaluate your risk management report and comment on it. CSCE 548 - Farkas 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Incident Handling Incident Handling Computer Security Incident Handling Guide, Computer Security Incident Handling Guide, Recommendations of the National Institute of Recommendations of the National Institute of Standards and Technology Standards and Technology http://csrc.nist.gov/publications/nistpubs/800-61/sp8 http://csrc.nist.gov/publications/nistpubs/800-61/sp8
Background image of page 4
CSCE 548 - Farkas 5 How to Response? How to Response? Actions to avoid further loss from intrusion Terminate intrusion and protect against reoccurrence Law enforcement – prosecute Enhance defensive security Reconstructive methods based on: Time period of intrusion Changes made by legitimate users during the effected period Regular backups, audit trail based detection of effected components, semantic based recovery, minimal roll- back for recovery.
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CSCE 548 - Farkas 6 Roles and Responsibilities Roles and Responsibilities User: Vigilant for unusual behavior Report incidents Manager: Awareness training Policies and procedures System administration: Install safeguards Monitor system Respond to incidents, including preservation of evidences
Background image of page 6
CSCE 548 - Farkas 7 Computer Incident Response Computer Incident Response Team Team Assist in handling security incidents Formal Informal Incident reporting and dissemination of incident information Computer Security Officer Coordinate computer security efforts Others: law enforcement coordinator, investigative support, media relations, etc.
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CSCE 548 - Farkas 8 Incident Response Process 1. Incident Response Process 1.
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/13/2011 for the course CSCE 548 taught by Professor Farkas during the Spring '10 term at South Carolina.

Page1 / 52

csce548-lect4 - CSCE 548 Secure System Standards Secure...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online