Lernkarten
Steps of the NIST Cyber Security Framework?
1. Identify
2. Protect
3. Detect
4. Respond
5. Recover
What is technical vulnerability management?
a security practise designed to proactively mitigate or prevent the exploitation of vulnerabilities
Which 4 things does the process of technical vulnerability management involve?
1. Identification
2. classification
3. remediation
4. mitigation
of vulnerabilities
What is a security event?
occurrence to have potential security implications
What is a security incident?
occurrence that actually or potentially jeopradizes confidentiality, integrity or availability of information
Sources of security events
- OS logs
- applications logs
- security tool logs
- outbound proxy logs
What does APT stand for?
Advanced Persistent Threat
What is an Advanced Persistent Threat (APT)?
network attack in which unauthorized personell gains access to a network and stays there, undetected for a long time
intention is to steal data
often targets orgs in high-value information sectors
