Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

10 Cards in this Set

  • Front
  • Back
Why does security tend to deteriorate during operations?
users find ways to circumvent security
What two methods are used to maintain operational assurance?
system audits and monitoring
Why is time synchronization across systems important for auditing?
in order to re-construct events during an audit
What are the four steps to set up an audit trail?
check the mechanisms needed; write a rule set matrix; turn on exception logs; turn on violation logs
What are the nine phases in a typical audit?
review security policies; develop a security matrix; review existing security information; review audit capacity and use; check patches and updates; run analysis tools and check for vulnerabilities; correlate all information; write a report; and make recommendations
What are the four types of audit tools?
discovery tools; documentation tools; audit reduction tools; and analysis tools
What are the three types of monitoring?
network monitoring, security monitoring, and keystroke monitoring
What are the four phases of incident response?
preparation, detection, handling, and post-incident response
What sort of activities are covered by the preparation phase of incident response?
establishing and training a response team, acquiring tools, and performing risk analysis
What phase of incident response is usually the most difficult?