Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [CISSP-D] Control types?

from [Alberto Rivai] Network Security [Permanent Link]
Subject: RE: [CISSP-D] Control types?
Date: Tue, 30 Nov 2004 10:57:02 +0700 


I think we should understand the goals of each control methods --
Preventive : Avoid occurrence
Detective : Identify occurrence
Corective : Remedy circumstances, restore control
Deterrent : Discourage violations
Recovery : restore resources, capabilities
Compensating : alternative control


From my perspective lights and fences are deterrent controls.

Fire suppression is preventive because it lessen the damage from the fire.
Although fire suppression takes place after the fire happened, it fits
the objective of control as countermeasure,which is to minimize the risk
to an acceptable level for the organization. There are no definitive guides to 
those types of controls, because each method can be part of other control types.

These are examples of each control type :
Audit trails, IDS : Detective, corrective
Fences : Preventive, deterent
Security guard : preventive, deterent, corrective
Supervising and monitoring : compensating


For the ARO value the range can be from 0 which is never to 1 which is always.
If a virus attacks happens all the time in a company, then the ARO value for a 
virus attacks is 1.
What does it means? It means the the value of a safeguards you should put in 
the company per year is the same as the value of the SLE itself.

Example:
Assest value for a file server is $100,000
Exposure factor for the file server 50 %
Then the SLE : 50% * $100,000 == $50,000
To calculate ALE == ARO * SLE

If the ARO == 1 then the ALE == 1 * $50,000 == $50,000
It means you should spend $50,000 or less per year for the countermeasure to be 
efficient.

I hope it helps.





------------------------ Yahoo! Groups Sponsor --------------------~--> 
Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar.
Now with Pop-Up Blocker. Get it for free!
http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/kgFolB/TM
--------------------------------------------------------------------~-> 

 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [CISSP-D] REVIEW: "Catch Me If You Can", Frank W. Abagnale, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Next by Date:  RE: [CISSP-D] Control types?, Jerry Patterson
Previous by Thread:  RE: [CISSP-D] Control types?, Kevin Stevens
Next by Thread:  Re: [CISSP-D] Control types?, Kevin Stevens
Indexes:  [Date] [Thread] [Top] [All Lists]