CISSP Domain: Legal, Regulations, Investigations, and Compliance

Olá pessoal,

Esse artigo é um resumo de todas as terminologias que anotei sobre o Domínio Legal, Regulations, Investigations, and Compliance durante o meu preparatório para a certificação do CISSP. Acredito que será bastante útil para quem esta estudando para o exame.

Para receber os próximos domínios assine a Newsletter!

Bom estudo!!!

Victim Carelessness The biggest factor that makes Computer Crimes possible is Victim Carelessness.
Cybercrime Convention On November 23, 2001, in Budapest, Hungary, the US and 29 other countries signed the Council of Europe Cybercrime Convention.
1996 U.S Economic and Protection of Proprietary Information Act. Industrial and Corporate Espionage.
Tripwire As it is a data integrity assurance software aimed at detecting and reporting accidental or malicious changes to data.
Nessus Is a vulnerability scannerused by hackers in discovering vulnerabilities in a system.
Saint Is a network vulnerability scanner likely to be used byhackers.
Nmap Is a port scanner for network exploration and likely to be used by hackers.
Data Diddling As it refers to the alteration of the existing data ,most often seen beforeit is entered into an application.
Masquerading Is an example of an active attack where an attempt to gain access to a computer systemby posing as an authorized clientor host.
Best Evidence Original or primary evidence.
Secondary Evidence Is a copy of evidence or oral description of its contents.
Direct Evidence Proves or disproves a specific act through oral testimony basedon information gathered through the witness’s five senses.
Conclusive Evidence Incontrovertible; overrides all other evidence.
Opinion Evidence Two types: Expert — may offer an opinion based on personal expertiseand facts. Non-expert — may testifyonly as to facts.
Circumstantial Evidence Inference of information from other,immediate, relevant facts.
Corroborative Evidence Supporting evidence used to help prove an idea or point; used as a supplementary tool to help prove a primary piece of evidence.
Hearsay Evidence Oral or written evidence that is presented in court that is second handandhas no firsthand proofof accuracy or reliability. Most of the time, computer-related documents are considered hearsay.
Red Box Is a phreaking device that generates tonesto simulate inserting coins in pay phones, thus fooling the system into completing free calls.
Blue Box Is an electronic device that simulates a telephone operator’sdialing console.
Black Box In order to defeat long distancephone calltoll charges.
white Box Is simply a portable Touch-Tone Keypad.
Patents Provide rights for up to 20 yearsforinventions.
Utility Patents Protect useful processes, machines, articles of manufacture, and compositions of matter. Some examples: fiber optics, computer hardware, medications.
Design Patents Guard the unauthorized use of new, original, and ornamental designs for articles of manufacture. The look of anathletic shoe, a bicycle helmet, the Star Warscharacters are all protected by design patents.
Plant Patents Are the way we protect inventedor discovered, asexually reproduced plant varieties. Hybrid tea roses, Silver Queen corn, Better Boy tomatoes are all types of plant patents.
Trademarks Protect words, names, symbols, sounds, or colors that distinguish products and services.
Copyrights Protect works of authorship, such as writings,music, and works of art that have been tangibly expressed.
Trade Secret Are information that companies keep secret to give them an advantage over their competitors. The formula for Coca-Cola is the most famous trade secret.
Civil Law also called Tort Law, deals with wrongs against individuals or companies that result in damages or loss
Administrative/Regulatory Law Deals with regulatory standards that regulate performance and conduct. Government agencies create these standards, which are usually appliedto companies and individuals within those companies.
MOM (Motive, Opportunity, Means) To understand the whys in crime, many times it is necessary to understand the Motive, Opportunity, and Means (MOM).
Motive The reason to commit the crime.
Opportunity Usually arise when certain vulnerabilities or weaknesses are present.
Means The ability to commit the crime.
Intent Having malice premeditated.
Fourth Amendment Against unlawful search and seizure, so law enforcement agencies must have cause and request asearch warrant from a judge or court before conducting such a search.
Documentary Evidence Printed business records, manuals and printouts classify asdocumentary evidence.
Exclusionary Rule Mentions that evidence must be gathered legallyor it can’t be used.
Computer-Generated Evidence Normally falls under the category of hearsay evidence, or second-hand evidence, because it cannot be proven accurate andreliable.
Code of Ethics (ISC)² 1 – Protect society, the commonwealth, and the infrastructure.
2Act honorably, honestly, justly, responsibly, and legally.
3 Provide diligent and competent service to principals.
4Advance and protect the profession.
Memory Dump Can be admitted as evidence if it acts merely as a statement of fact.
Business Attacks Concern information loss through competitive intelligence gathering andcomputer-related attacks.
Intelligence Attacks Are aimed at sensitive military and law enforcement files containing military data and investigation reports.
Financial Attacks Are concerned with frauds to banks and large corporations.
Grudge Attacks Are targeted at individuals and companies who have done something that the attacker doesn’t like.
The 1991 U.S. Federal Sentencing Guidelines These guidelines provided ways that companies and law enforcement should prevent, detect andreport computer crimes. It also outlined howsenior management are responsible for the computer and information security decisionsthat they make and what actually took place within their organizations.
Evidence Life Cycle Identification, Recording, Protection.
Enticement Deals with someone that isbreaking the law.
Entrapment Encourages someone to commit a crimethat the individual may or many have had no intention of committing.
Social Engineering Is the act of tricking another personinto providing informationthat they otherwise would not.
European Union’s Safe Harbor Protection of personal data transfered between U.S and European companies.
Dumpster Diving Running through another person’s garbagefor discarded document, information and other previous items that could be used against that person or company.
1994 U.S. Communications Assistance for Law Enforcement Act Requires all communications carriersto make wiretaps possible.
GAISSP (Generally Accepted Information System Security Principles) GAISSP will collect information security principles which have been proven in practice and accepted by practitioners, and will document those principles in a single repository.
Exigent Circumstance Doctrine An exception to the search warrant requirementthat allows an officer to conduct a search without having the warrant in-hand if probable cause is present and destruction of the evidence is deemed imminent.
Computer-Assisted Crime Is where a computer was used as a tool tohelp carry out a crime. Are usually covered by regular criminal laws.
Computer-Targeted Crime Is where a computer was the victim of anattack crafted to harm if (and its owners) specifically. Could not take place without a computer.
Computer is Incidental Is where a computer is not necessarily the attacker, but just happened to be involved when a crimewas carried out.
CoE (Council of Europe) Convention on CyberCrime is one example of an attempt to create a standard international response to cybercrime.
OECD (Organisation for Economic Co-operation and Development) Is an international organization that helps different governments come together and tackle the economic, social, and governance challenges of globalized economy.
WIPO (World Intellectual Property Organization) International trademark law efforts and international registration are overseen by the WIPO, an agency ot the United Nations.
SOX (Sarbanes-Oxley Act) SOX provides requirementsforhow companies must track, manage, and report on financial information. Applies to any company that is publicly traded on United States markets.
HIPAA (Health Insurance Portability and Accountability Act) A U.S. federal regulation, has been mandated toprovide national standards and procedures for the storage, use, and transmission of personal medical information and health care data.
GLBA (Gramm-Leach-Bliley Act) Requires financial instituitions to develop privacy noticesand give their customers the option to prohibit financial instituitions from sharing their information with nonaffiliated third parties.
PCI DSS (Payment Card Industry Data Security Standards) Applies to any entity that processes, transmits, stores, or accepts credit card data.
Computer Security Act of 1987 Requires U.S. federal agencies to identify computer systems that contain sensitive information.
Economic Espionage Act of 1996 Provides the necessary structure when dealing with these types of cases and further definestrade secretsto be technical, business, engineering, scientific, or financial.
Methods of Privacy Protection
Government regulations SOX, HIPAA, GLBA, BASEL.
Self-regulation PCI.
Individual user Passwords, encryption, awareness.
Network Analysis Communication analysis;
Log analysis;
Path tracing.
Media Analysis Disk imaging;
MAC time analysis (Modify, Access, Create);
Content analysis;
Slack space analysis;
Steganography.
Software Analysis Reverse engineering;
Malicious code review;
Exploit review.
Primary Image A control copy that is stored in a library.
Working Image Used for analysis and evidence collection.
Physical Surveillance Pertains to security cameras, security guards, and closed-circuit TV (CCTV), which may capture evidence.
Computer Surveillance Pertains to auditing events, whichpassively monitors events by using network sniffers, keyboard monitors, wiretaps, and line monitoring.
Salami Attack Involves subtracting a small amount of funds from many accounts with the hope that such an insignificant amount would be overlooked.
IP Spoofing Manually change the IP address within a packet toshow a different address or, more commonly, use a tool that isprogrammed to provide this functionality.
Wiretapping Is a passive attack that eavesdrops on communications.
IAB (Internet Architecture Board) Is the coordinating committee for Internet design, engineering, and management.
Active Attack Masquerading is an example of an active attackwhere anattempt to gain accessto a computer system by posing as anauthorized clientor host.
Passive Attacks Traffic analysis, eavesdropping and shoulder surfingare examples of passive attacks, where anattacker only listens to or watches for confidential information.

Luciano Lima
[CISSP]-[MVP Enterprise Security]-[MCSA Security]-[MCSE Security]

Você gostou do artigo?
Compartilhe com seus amigos.
Receba a Newsletter por e-mail

Deixe uma resposta