Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Security incident or operational incident?

From: ttate () ctscorp com
Date: Tue, 10 Oct 2006 8:05:51 AM+0400
As we all know, the tenets of information security are confidentiality, integrity & availability. How do you separate 
out an operational incident from a security incident? For example, is it a security incident or operational incident 
when an admin accidentally deletes an OU in AD containing users or computers when working in the GPO management 
console? The admin is authorized to perform all and any tasks in AD. In this case by deleting the OU, the users no 
longer had access to the system, hence the availability tenet comes into play. But the issue was not caused by some 
malicious intent but by a perceived flaw in the Microsoft application. Who would think that you could delete OU's in 
the GPO management console? 
Thanks for your thoughts. 
Regards, 
Troy

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: