Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
56 Cards in this Set
- Front
- Back
Hot site
|
A hot site a a real-time, moment-to-moment mirror image of the original site. It contains a complete network environment that is fully installed and configured with live current business data.
|
|
Cold site
|
A cold site is often little more than an empty room. It could be described as a location with no equipment or communication at all, or can be a site with equipment in boxes and essential communications and utilities connected. It is least expensive but offers no realistic hope of recovery
|
|
Warm site
|
A warm site is partially configured alternative site with most of the server and networking infrastructure installed.
|
|
Backup generator
|
Power is an essential utility for any organization, but especially those dependent upon their IT infrastructure.
|
|
RAID
|
RAID 0 - improves performance but not fault tolerance
RAID 1 - Provides mirroring RAID 5 - Provide stiping with parity. Requires 3 or more drives |
|
Alternate sites
|
An alternate site is a secondary location where the business can move and continue performing mission-critical business operations. There are 3 levels of alternate sites: hot, warm and cold
|
|
Business continuity
|
Maintaining business continuity means maintaining an organization's networking and IT infrastructure so that mission-critical functions continue to operate. This must be done in spite of reduced resources and damaged equipment
|
|
Elements of business continuity planning
|
The elements of business continuity planning include risk analysis and assessment, business impact analysis, strategic planning for mitigation of risks, integration and validation of the plan, training and awareness, and maintenance and auditing of the plan.
|
|
Utilities
|
When you're evaluating the mission-critical processes of a business, don't forget that most of those processes depend on utilities, such as electricity and Internet connectivity/
|
|
High availability
|
High availability means that the availability of a system has been secured to offer very reliable assurance that the system will be online, active and able to respond to requests in a timely manner, and that there will be sufficient bandwidth to accomplish requested tasks in the time required. RAID is a high-availability solution.
|
|
Fault tolerance
|
Fault tolerance is the ability of a network, system, or computer to withstand a certain level of failures, faults, or problems and continue to provide reliable service. Fault tolerance is also a form of avoiding single points of failure. A single point of failure is any system, software, or device that is mission-critical to the entire environment
|
|
Disaster recovery
|
Disaster recovery is an expansion of business continuity. Basically, when business continuity is interrupted, a disaster has occurred. Ultimately, both business continuity and disaster recovery planning rely upon proper backup procedures.
|
|
Backups
|
Backups are the means of insurance available to your data resources in the event of a loss, disruption, corruption, intrusion, destruction, infection, or disaster. Backups must be tested in order for them to prove reliable and usable.
|
|
Offsite storage
|
Backup media should be stored securely at an offsite location to prevent them from being damaged or destroyed by the same catastrophe that affects the business continuity of the primary site. This location should be a fire-protected safe, vault, or safety deposit box.
|
|
Secure recovery
|
Secure recovery ensures that servers can be resoted with minimal loss or security violations. It ensures that affected systems reboot into a secured state, and that all resources open and active at the same time of the fault, failure or security violation are restored and have their security restrictions reimposed properly
|
|
Disaster recovery plan
|
A DR plan is the collection of detailed procedures used in the event that business functions are interrupted by a significant damaging event. When the primary site is unable to support business functions, the disaster recovery plan is initiated.
|
|
Chain of custody
|
The chain of custody is a document that indicates various details about evidence across its life cycle. It begins with the time and place of discovery, and identifies who discovered the evidence, who secured it, who collected it, who transported it, who protected it while in storage, and who analyzed it.
|
|
Evidence preservation
|
Evidence should be protected from alternation, damage, and corruption from the moment of its discovery through the rest of its lifetime, which may be concluded after it's presented in court.
|
|
Collection of evidence
|
Collection of evidence is the procedure of securing evidence by collecting it. This process is often called bag and tag.
|
|
Incident response policy
|
An incident response policy is the procedure to follow when a security breach or security violation has occurred.
|
|
Incident response
|
The goal of a planned and documented incident response is to limit the amount of damage caused by an incident, to recover the environment as quickly as possible, and to gather information about the incident and the perpetrator in order to prevent a reoccurrence and pursue legal prosecution.
|
|
Security policy
|
A security policy is the collection of documents that describes the overall purpose and direction of security in an environment, as well as the detailed procedural documents that indicate how various activities are to be performed in compliance with security
|
|
Acceptable use
|
An acceptable use policy defines what is and what is not an acceptable activity, practice or use for company equipment and resources
|
|
Due care
|
Due care is the display of proper security attention in an organization. By designing and implementing an organization-wide security policy, you show due care
|
|
Privacy
|
Privacy is the level of confidentiality and isolation that a user is given in a system. Most users falsely assume that they have privacy on company computers
|
|
Need to know
|
A need to know security policy grants and restricts access by compartmentalizing resources, objects or data within a security domain. To gain access to those compartmentalized items, the subjects (users) must obtain or prove the need to know: the necessity to have access to a resource based on assigned work tasks
|
|
Password management
|
Password management is the system ysed to manage passwords across a large network environment. It typically includes a requirement for users to create complex passwords
|
|
SLA
|
A service level agreement (SLA) is a contract with a service company, contract worker, or consultant team that dictates the min levels of service or performance demanded by your organization
|
|
Termination policies
|
A hiring policy defgines the procedures to follow to hire new employees. When you are hiring new employees, it is important to perform background checks. This includes verifying education, previous work experience and certification
|
|
Code of ethics
|
Not all issues encountered through security incidents or IT operational procedures have a distinct response or procedure.
|
|
Change documentation
|
Change documentation is the process of writing out the details of changes to be made to a system
|
|
Communication
|
As a security professional in any organization, you must keep the lines of communication open. This eans you should be up-front about security requirements for all personnel. Clearly train users on how to perform their work tasks while maintaining security
|
|
User awareness
|
User awareness is an effort to make security a common and regular though for all employees. Unfortunately, user security awareness is generally the most overlooked element of security management. In fact, the lack of security awareness is the primary reason that social-engineering attacks succeed.
|
|
Security education
|
Education means broad security training, usually focused on traching a user to perform their work tasks securely. Security education is broader and his the ultimate goal of certification
|
|
Humidity
|
Throughout the org, the humidity level should be managed to keep the relative humidity between 40 to 60%. High humidity means condensation but low humidity means static electricity
|
|
Shielding
|
Shielding is used to restrict or control interference from electromagnetic or radio frequency disturbances.
|
|
What are some possible dangers to digital evidence may include?
|
It muyst adhere to the standards of evidence in order to be admissible in any court of law. Special care would have to be taken when handling evidence such as a suspect's file.
|
|
Possible dangers to electronic evidence
|
Viruses, electromagnetic damage, and or booby traps
|
|
An information custodian is usually an IT person with the primary responsibilities of dealing with
|
Backup and recovery of business information
|
|
Class A fire
|
Combustibles such as wood or fire
|
|
Class B fire
|
Flammables or combustible liquids
|
|
Class C fire
|
Energized electrical equipment and is usually suppressed with nonconducting agents
|
|
Class D fire
|
Combustible metals such as magnesium
|
|
What is fixed passwords
|
Fixed passwords are used for a defined period of time and are often easy for hackers to compromise.
|
|
Dynamic or one-time passwords
|
Different for each log-on and are preferred over fixed passwords. Generally speaking dynamic passwords are created by a token that is programmed to generate passwords randomly
|
|
Standby power supply
|
Power usually derives directly from the power line until power fails
|
|
Hybrid power supply
|
A hybrid device conditions power using a ferroresonant transformer
|
|
Ferroresonant power supply
|
Condition power
|
|
Continuous power supply
|
This type of system the computer is alwyas running off battery power and the battery is continuously being recharged
|
|
Due diligence
|
Due diligence involves the performance of an investigation with a certain standard of care
|
|
Wet pipe vs dry pipe fire
|
A wet-pipe system constantly has water in it. In dry-pipe system, water is used but is held back by a valve until a certain temperature is reached
|
|
Reverse social engineering
|
An attacker convincing the user that she is a legitimate IT authority, casusing the user to solicit her assistance
|
|
Risk assessment
|
ARO x SLE = ALE
|
|
ARO
|
Annualized Rate of Occurrence (ARO)
|
|
SLE
|
Single Loss Expectancy (SLE)
|
|
ALE
|
Annual Loss Expectancy (ALE)
|