Ver:
· Gestión de eventos de seguridad
Ocurrencia o cambio de un conjunto particular de circunstancias. [UNE-ISO GUÍA 73:2010]
NOTA 1 Un suceso puede ser único o repetirse, y se puede deber a varias causas.
NOTA 2 Un suceso puede consistir en algo que no se llega a producir.
NOTA 3 Algunas veces, un suceso se puede calificar como un "incidente" o un "accidente".
[UNE-ISO/IEC 27000:2014]
Ocurrencia o cambio de un conjunto particular de circunstancias. [UNE Guía 73:2010]
Ocurrencia detectada en el estado de un sistema, servicio o red que indica una posible violación de la política de seguridad de la información, un fallo de los controles o una situación desconocida hasta el momento y que puede ser relevante para la seguridad.
[UNE-ISO/IEC 27000:2014]
(Operación del Servicio) Un cambio de estado significativo para la cuestión de un Elemento de Configuración o un Servicio de TI.
El término Evento también se usa como Alerta o notificación creada por un Servicio de TI, Elemento de Configuración o herramienta de Monitorización. Los Eventos requieren normalmente que el personal de Operaciones de TI tome acciones, y a menudo conllevan el registro de Incidentes.
[ITIL:2007]
a thing that
happens, especially sth important.
Oxford Advanced
Learner's Dictionary.
occurrence or
change of a particular set of circumstances [ISO Guide 73:2009]
NOTE 1: An event
can be one or more occurrences, and can have several causes.
NOTE 2: An event
can consist of something not happening.
NOTE 3: An event
can sometimes be referred to as an incident or accident.
[ISO/IEC 27000:2014]
identified
occurrence of a system, service or network state indicating a possible breach
of information security policy or failure of safeguards, or a previously
unknown situation that may be security relevant [ISO-27000:2014]
Any observable
occurrence in a system and/or network. Events sometimes provide indication that
an incident is occurring. [CNSSI_4009:2010]
occurrence or
change of a particular set of circumstances. [ISO Guide 73:2009]
Something that
happens at a specific place and/or time. [RiskIT-PG:2009]
For the purpose
of IT risk management, one of three possible sorts of events:
· threat event
· loss event
· vulnerability event
[RiskIT-PG:2009]
(I) An occurrence
in a system that is relevant to the security of the system. (See: security
incident.) [RFC4949:2007]
(Service
Operation) A change of state which has significance for the management of a
Configuration Item or IT Service.
The term Event is
also used to mean an Alert or notification created by any IT Service,
Configuration Item or Monitoring tool. Events typically require IT Operations
personnel to take actions, and often lead to Incidents being logged.
[ITIL:2007]
An identified
occurrence of a system, service or network state indicating a possible breach
of information security policy or failure of safeguards, or a previously
unknown situation that may be security relevant. [ISO/IEC TR ISO-18044:2004]
[ISO-18028-1:2006] [ISO-18044:2004]
An instantaneous
occurrence that changes the global status of an object. This status change may
be persistent or temporary, thus allowing for surveillance, monitoring, and
performance measurement functionality, etc. Events may or may not generate
reports; they may be spontaneous or planned; they may trigger other events or
may be triggered by one or more other events. [X.790:1995]
Any event that
attempts to change the security state of the system, (e.g., change
discretionary access controls, change the security level of the subject, change
user password, etc.). Also, any event that attempts to violate the security
policy of the system, (e.g., too many attempts to login, attempts to violate
the mandatory access control limits of a defice, attempts to downgrade a file,
etc.). [TCSEC:1985]
An event that is
highly improbable and therefore likely to end up at the bottom of the list of
priorities to address.
The Black Swan:
The Impact of the Highly Improbable Nassim Taleb, 2007.
occurrence ou
changement d'un ensemble particulier de circonstances. [ISO Guide 73:2009]
(Exploitation de
Services) Un changement d'état ayant de l'importance pour la gestion d'un
élément de configuration ou un service des TI.
Le terme
"événement" est aussi employé pour désigner une alerte ou une
notification créée par un service des TI, un élément de configuration ou un
outil de surveillance. Les événements requièrent habituellement du personnel
d'exploitation des TI qu'il initie une action ce qui conduit le plus souvent à
la journalisation d'incidents.
[ITIL:2007]
un incident lié à la
sécurité de l'information est indiqué par un ou plusieurs événement(s) de
sécurité de l'information indésirable(s) ou inattendu(s) présentant une
probabilité forte de compromettre les opérations liées à l'activité de
l'organisme et de menacer la sécurité de l'information. [ISO-18044:2004]
Temas relacionados