At 12:04 PM -0400 8/26/03, Reimer, Fred wrote: >Please pass this on to Annlee.
She can read, but is having trouble posting. > >I've already sent another message with an excerpt (fair use!) from the new >Cisco training materials that refutes this. > >The "threats" are: > >Structured >Unstructured >Internal >External I would observe that these are more characteristic of the maker of the threat than of the threat itself. > >The "attacks" are: > >Reconnaissance >Access >Denial of Service > >I don't know what "data manipulation" is. I think that would fall under >access attacks. In the discussion below, I would consider data manipulation to be an attack on integrity. Reconnaissance is not necessarily an attack on the user communications, but it may be preparation for an attack by probing the infrastructure. I suppose attacks on confidentiality could be stretched to be reconnaissance, but I hesitate to put cryptanalysis under reconnaissance. I tend to approach characterizing security and threats by the attributes (some optional) of a secure communication. These are quite well established in the formal literature -- and I'm not speaking of going to the level of the Bell-LaPadula Theorem or the *-property. Also not getting into multilevel security or exotica like covert channels, compromising emanations, etc. A communication must be authentic and auditable. There must be user authentication There may be server (protected object) authentication A communication must have data integrity at the atomic (single message) level It may have sequential integrity (message stream) level, preventing replay, deletion, etc. A communication may have content confidentiality (sometimes called privacy) The existence of the communication may be hidden, or the source and destination may be hidden. The communication may be subject to source or recipient non-repudiation, or both The communication is protected from denial of service, which may be caused by attacks, errors, or disasters > >There is no dispute with the new Cisco material. With all due respect, >quoting old MCNS material is misleading, as the new exams are based on the >new material. I don't know about the rest of the book, but I'd seriously >consider chucking that one, or recycle it if you are environmentally minded. > >And I don't believe it would be breaking the confidentiality agreement with >Cisco to say that it would be very reasonable to expect the threat and >attack questions on any of the security exams, with the "new" right answers. >Or, to quote Parkhurst during the CCIE Power Session "I wouldn't rule that >out." > >And "SAFE," or more accurately Cisco SAFE Implementation, may be the last >recommended exam in the CCSP series, but all of the course material for all >five of the exams go over this material, and it is possible that it shows up >on every one of your five exams if you take them all. I don't know if it >is, and frankly don't even remember if it was on the two I've taken so far, >but "I wouldn't rule it out." > >As a side note, what's up with the list? The message with the excerpt I >sent Monday at 10:09AM (forget whether it was before or after I changed my >timezone from EDT to MST). I still have not received it. Is this list so >large, and I'm so late in subscribing, that it takes days to send out all >the posts? Believe me, I'm grateful of the list and am not complaining, but >I sometimes find myself responding to responses to my posts that I have not >received yet! Just wondering if it is something I'm doing wrong ;-) > >Sorry if that sounded too harsh. I didn't mean it to. As a moderator, but not actually running the server, there are "circuit breakers" that stop forwarding if there are more posts than seems sane -- and these have been getting tripped by malware bounces. The spool also fills up at times. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74419&t=74304 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
