2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet365/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   361   362   363   364   365   366   367   368   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Accountability
Accountability
is an essential component in any security design. Many high-security sys-
tems contain physical devices (such as paper-and-pen visitor logs and nonmodifiable audit 
trails) that enforce individual accountability for privileged functionality. In general, how-
ever, such capabilities rely on a system’s ability to monitor activity on and interactions with 
a system’s resources and configuration data and to protect resulting logs from unwanted 
access or alteration so that they provide an accurate and reliable record of activity and 
interaction that documents every user’s (including administrators or other trusted individu-
als with high levels of privilege) history on that system. In addition to the need for reliable 
auditing and monitoring systems to support accountability, there must be a resilient autho-
rization system and an impeccable authentication system.
Common Architecture Flaws 
and Security Issues
No security architecture is complete and totally secure. Every computer system has weak-
nesses and vulnerabilities. The goal of security models and architectures is to address as 
many known weaknesses as possible. Due to this fact, corrective actions must be taken to 

Common Architecture Flaws and Security Issues 
385
resolve security issues. The following sections present some of the more common security 
issues that affect computer systems in relation to vulnerabilities of security architectures. 
You should understand each of the issues and how they can degrade the overall security of 
your system. Some issues and flaws overlap one another and are used in creative ways to 
attack systems. Although the following discussion covers the most common flaws, the list is 
not exhaustive. Attackers are very clever.
Covert Channels

covert channel
is a method that is used to pass information over a path that is not nor-
mally used for communication. Because the path is not normally used for communication, 
it may not be protected by the system’s normal security controls. Using a covert channel 
provides a means to violate, bypass, or circumvent a security policy undetected. Covert 
channels are one of the important examples of vulnerabilities of security architectures.
As you might imagine, a covert channel is the opposite of an 
overt channel
. An overt 
channel is a known, expected, authorized, designed, monitored, and controlled method of 
communication.
There are two basic types of covert channels:

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   361   362   363   364   365   366   367   368   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2025
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish