CISSP考试指南笔记：6.6 快速提示

• An audit is a systematic assessment of the security controls of an information system.

• Setting a clear set of goals is probably the most important step of planning a security audit.

• Internal audits benefit from the auditors’ familiarity with the systems, but may be hindered by a lack of exposure to how others attack and defend systems.

• External audits happen when organizations have a contract in place that includes security provisions. The contracting party can demand to audit the contractor to ensure those provisions are being met.

• Third-party audits typically bring a much broader background of experience that can provide fresh insights, but can be expensive.

• Test coverage is a measure of how much of a system is examined by a specific test (or group of tests).

• A vulnerability test is an examination of a system for the purpose of identifying, defining, and ranking its vulnerabilities.

• Black box testing treats the system being tested as completely opaque.

• White box testing affords the auditor complete knowledge of the inner workings of the system even before the first scan is performed.

• Gray box testing gives the auditor some, but not all, information about the internal workings of the system.

• Penetration testing is the process of simulating attacks on a network and its systems at the request of the owner.

• A blind test is one in which the assessors only have publicly available data to work with and the network security staff is aware that the testing will occur.

• A double-blind test (stealth assessment) is a blind test in which the network security staff is not notified that testing will occur.

• War dialing allows attackers and administrators to dial large blocks of phone numbers in search of available modems.

• A log review is the examination of system log files to detect security events or to verify the effectiveness of security controls.

• Synthetic transactions are scripted events that mimic the behaviors of real users and allow security professionals to systematically test the performance of critical services.

• A misuse case is a use case that includes threat actors and the tasks they want to perform on the system.

• A code review is a systematic examination of the instructions that comprise a piece of software, performed by someone other than the author of that code.

• Interface testing is the systematic evaluation of a given set of exchange points for data between systems and/or users.

• Administrative controls are implemented primarily through policies or procedures.

• Privileged user accounts pose significant risk to the organization and should be carefully managed and controlled.

剩余内容请关注本人公众号debugeeker, 链接为CISSP考试指南笔记：6.6 快速提示