Ver:
· Control
Conjunto de
disposiciones encaminadas a protegerse de los riesgos posibles sobre el sistema
de información, con el fin de asegurar sus objetivos de seguridad. Puede
tratarse de medidas de prevención, de disuasión, de protección, de detección y
reacción, o de recuperación. [ENS:2010]
Actions, devices,
procedures, or techniques that meet or oppose(i.e., counters) a threat, a
vulnerability, or an attack by eliminating or preventing it, by minimizing the
harm it can cause, or by discovering and reporting it so that corrective action
can be taken.
NIST SP 800-53:
Actions, devices, procedures, techniques, or other measures that reduce the
vulnerability of an information system. Synonymous with security controls and
safeguards.
[CNSSI_4009:2010]
Puede ser
usado para referirse a algún tipo de Control. El término Contramedida es muy
usado cuando se refiere a medidas que incrementan la Resistencia, Tolerancia a
fallos o Confiabilidad de un Servicio TI. [ITIL:2007]
action, measure,
or device that reduces an identified risk
Annotation: A
countermeasure can reduce any component of risk -threat, vulnerability, or
consequence
DHS Risk
Lexicon, September 2008
(I) An action,
device, procedure, or technique that meets or opposes (i.e., counters) a
threat, a vulnerability, or an attack by eliminating or preventing it, by
minimizing the harm it can cause, or by discovering and reporting it so that
corrective action can be taken. [RFC4949:2007]
Can be used to
refer to any type of Control. The term Countermeasure is most often used when
referring to measures that increase Resilience, Fault Tolerance or Reliability
of an IT Service. [ITIL:2007]
Action, device, procedure,
technique, or other measure that reduces the vulnerability of an information
system.[FIPS-200:2006]
Anything which
effectively negates or mitigates an adversary's ability to exploit
vulnerabilities.
http://www.ioss.gov/docs/definitions.html
Any action,
device, procedure, technique, or other measure that mitigates risk by reducing
the vulnerability of, threat to, or impact on a system. [TDIR:2003]
a technical or
non-technical security measure which contributes to meeting the security
objective(s) of a Target of Evaluation. [ITSEM:1993]
Peut faire référence à
nimporte quel type de contrôle. Le terme Contre-mesure est souvent utilisé
pour faire référence à des mesures qui augmente la Résilience, la Tolérance de
panne ou la Fiabilité dun service des TI. [ITIL:2007]
Temas relacionados