Browsed by
Month: March 2018

Access Control Models

Access Control Models

Access control includes control over access to the network resources, information system resources, and information. It is crucial for an organization to implement the proper access controls to protect the organization’s resources and information. A security analyst should understand the different basic models for implementing access controls in order to better understand how attackers can break the access controls. Mandatory Access Control Secures information by assigning sensitivity (security level) labels on information and comparing it to the level of sensitivity…

Read More Read More

Describing Security Event Analysis: Cyber Kill Chain

Describing Security Event Analysis: Cyber Kill Chain

The cyber kill chain is a model that describes the structure of an attack. One of an analyst’s key jobs is to understand exactly what the attackers did. The steps of the kill chain enhance visibility into an attack and enrich an analyst’s understanding of an adversary’s tactics, techniques, and procedures.   The following lists the seven stages of the cyber kill chain: Reconnaissance: Research, identification and selection of targets, often represented as crawling Internet websites such as conference proceedings and…

Read More Read More