Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
44 Cards in this Set
- Front
- Back
What are the five different approaches to risk?
|
Avoidance (Don't engage in that activity)
Transference (Share the risk, think insurance) Mitigation (Take steps to reduce the risk) Deterrence (Warn of harm to others if they affect you) Acceptance (Be willing to live with the risks) |
|
What is a:
Recovery Point Objective (RPO) |
Defines the point at which the system needs to be restored.
|
|
Define:
RAID |
Redundant Array of Independent Disks
|
|
What is
RAID 5 |
Disk striping with parity information spread over all disks.
|
|
What is:
Single Loss Expectancy (SLE) |
How much loss is expected at one time.
|
|
What are the three types of controls that can be administered?
|
Technical
Management Operational |
|
What is:
Quantitative Loss |
Loss that is cost–based and objective.
|
|
What is:
RAID 3 |
Disk striping with a parity disk.
|
|
What are:
Standards |
Deals with specific issues or aspects of a business, and is derived from a policy. Standards should provide enough detail to audit.
|
|
What is:
RAID 1 |
Disk mirroring
|
|
What is:
Mean Time Between Failures (MTBF) |
The measure of the anticipated incidence of failure for a system or component.
|
|
What is:
Recovery Time Objective (RTO) |
The maximum amount of time that a process or service is allowed to be down and the consequences still be considered acceptable.
|
|
What is:
Qualitative Loss |
Loss that is opinion–based and subjective.
|
|
What is the formula to calculate risk?
|
SLE x ARO = ALE
|
|
What is:
Annual Loss Expectancy (ALE) |
The monetary measure of how much loss you could expect in a year.
|
|
What is:
Mean Time To Resolution (MTTR) |
The measurement of how long it takes to repair a system or component once a failure occurs.
|
|
What is:
Annualized Rate of Occurrence (ARO) |
The likelihood (based on historical data) of an event (x number of times) in a year.
|
|
What is:
RAID 0 |
Disk striping using multiple drives and mapping them together as a single drive.
|
|
What are:
Policies |
Provides the people in an organization with guidance about their expected behavior.
|
|
What are:
Threat Vectors |
The ways in which an attacker poses a threat (i.e. vulnerability scanner, phishing email, unsecured hotspot, etc.)
|
|
What is:
Mean Time To Failure (MTTF) |
The average time for failure for a non–repairable system.
|
|
Define:
BIA |
Business Impact Analysis
|
|
What are:
Guidelines |
Help an organization implement or maintain standards by providing information on how to accomplish the policies and maintain the standards. Guidelines are less formal than policies or standards.
|
|
What is:
Platform as a Service (PaaS) |
Platform as a Service:
Also known as cloud platform services. Vendors allow apps to be created an run on their infrastructure (i.e. Amazon Web Services and Google code). |
|
What is:
Software as a Service (Saas) |
Is most often thought of by users as "the cloud". Applications are remotely run over the Web (i.e. Salesforce.com).
|
|
What is:
Infrastructure as a Service (IaaS) |
Utilizes virtualization and clients pay an outsourcer for resources.
|
|
What is:
Fault Tolerance |
The ability of a system to sustain operations in event of component failure.
2 key components: Spare parts Electrical power |
|
What is:
Redundancy |
Duplicate or Failover
|
|
Define:
AUP |
Acceptable Use Policies
|
|
What is:
High Availability (HA) |
Keep services operational during an outage. 99.999%
|
|
What is:
Maximum Tolerable Downtime (MTD) |
The Maximum length of time a business function can be inoperable without causing irreparable harm to the business.
|
|
What are the three types of patches?
|
Service Pack – Periodic update, corrects known problems.
Updates – Fixes for individual customers Security updates – Address security vulnerabilities |
|
What is hardening?
|
The process of securing a system by reducing its surface of vulnerability. (i.e. removing unwanted software, disabling unneeded services, etc)
|
|
What are alerts?
|
Issues you need to pay attention to, but are not immediately critical.
|
|
What are alarms?
|
Indications of ongoing, current problems.
|
|
Define:
EAPOL |
Extensible Authentication Protocol Over LAN
|
|
What is a:
Network Monitor |
Also known as sniffers, they were originally introduced to help troubleshoot network problems.
|
|
What is:
Promiscuous mode |
A mode in which the network card looks at any packet that it sees on the network, even if that packet is not addressed to that network card
|
|
What are:
Event Logs |
System logs that record various events that occur
|
|
What is the:
Windows Application Log |
Contains various events logged by applications or programs
|
|
What is the:
Windows Security Log |
Logs successful and unsuccessful logon attempts , events related to resource use (such as creating, opening, or deleting files or other objects)
|
|
What is:
Performance Monitor |
A utility that can be used to examine activity on any counter (i.e. processor or RAM usage)
|
|
What are four aspects of a security audit?
|
Review of security logs
Review of policies and compliance with policies A check of security device configuration Review of incident response reports |
|
What are the three classifications of security gaps?
|
Minor – This is a deviation from the security baseline that does not pose an immediate threat
Serious – This is a deviation that could pose an immediate threat, but is unlikely or difficult Critical – This is a deviation that poses an immediate threat that must be addressed ASAP |