General Security
This is the third step of the risk management life cycle.
What is operating the risk management controls/managing residual risks?
This is a security model meant to prevent data leakage of confidential information.
What is the Bell-LaPadula Security Model?
This is what SIEM stands for.
What is Security Incident and Event Management?
Statis analysis is a system examination of an abstraction of this.
What is program state space?
Dynamic analysis is the investigation of a running software over one or more of these.
What is an execution?
This is the second phase of the risk management life cycle.
What is developing a risk management strategy/plan?
This is the integrity security model meant to prevent data contamination.
What is the Biba security model?
This is one of the three phases of the evolution of SIEM.
What is compliance?
What is detection?
What is a Security Operations Center (SOC)?
Static analysis is sound and incomplete, and is therefore considered this.
What is decidable?
Dynamic analysis leaves these types of paths unexplored.
What are feasible paths?
These are the two things that individuals/organizations usually care about with respect to their security and privacy.
What is Availability and Confidentiality/Integrity?
This is the security model meant to avoid conflicts of interest by putting dynamic access controls based on subject's previous actions.
What is the Brewer and Nash Security Model/Chinese Wall model?
This is the name of the (IETF RFC 5424) protocol for event notification messages.
What is syslog?
No static analysis can be sound, complete, and this.
What is terminating?
These are one of the benefits of dynamic analysis over static analysis.
What is precise data?
What is "no false positive or negatives on a given run"?
What is "the ability to run it on live code"?
What is "no confusion about a path taken"?
This is one of the broad categories of risk mangement responses.
What is avoid risky behaviors?
What is transfer risk to third parties?
What is mitigating risks with technical and non-technical controls?
This is one of the categories of logical access control.
What is rule-based access control?
What is role-based access control?
What is discretionary access control?
What is attribute-based access control?
What is mandatory access control?
These are the two metrics used when estimating proper event capture capabilities.
What are events/time and flows/time?
Every static analysis does this through abstraction.
What is approximating?
These are one of the challenges of dynamic analysis.
What is input dependency?
What is monitoring/instrumentation changing the behavior of the program?
These are the two things you must do before you can protect an asset.
What is discovering and classifying the asset?
These are the three main categories of authentication.
What is something you know, something you have, and something you are?
This is the name of the Iotocol, derived from CISCO NetFlow v9, that provides the ability to collect IP network traffic as it enters or exits an interface.
What is IPFIX?
Dynamic analysis cannot show that a program satisfies a particular property, but can detect this.
What are violations of a property?