Week1 Board Notes, Continued
Jan 30, 2017
1 minute read

Week 1 board notes continued…

week-1-notes-2

  • Detection or Prevention: with a finite budget, where do you put your dollars?
  • DoS / DDoS: Denial of Service or Distributed Denial of Service, an attack against availability of a service.
  • HIPAA, FERPA, FFIEC – different regulations and oversight bodies for different sectors.
  • PII, MNPI, PCI Data, NOFORN, … different classifications of information sensitivity, driving the required protection schemes, sometimes enforced by law.
  • Retention policies and destruction policies are both important. Dropbox recently had some bad press when a support issue was raised wherein user content was not being deleted as advertised. This privacy policy is now being updated.

Retention. We’ll retain information you store on our Services for as long as we need to do so to provide you the Services. If you delete your account, we’ll also delete this information. But please note there might be some latency in deleting this information from our servers and backup storage.

  • All About Skimmers from Brian Krebs.
  • A classmate correctly spots that certain skimmer attacks are an example of a real-world MITM. When we get to Alice and Bob, we’ll use “Mallory” to be this active, malicious adversary.

Back to posts