Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
10 Cards in this Set
- Front
- Back
Why does security tend to deteriorate during operations?
|
users find ways to circumvent security
|
|
What two methods are used to maintain operational assurance?
|
system audits and monitoring
|
|
Why is time synchronization across systems important for auditing?
|
in order to re-construct events during an audit
|
|
What are the four steps to set up an audit trail?
|
check the mechanisms needed; write a rule set matrix; turn on exception logs; turn on violation logs
|
|
What are the nine phases in a typical audit?
|
review security policies; develop a security matrix; review existing security information; review audit capacity and use; check patches and updates; run analysis tools and check for vulnerabilities; correlate all information; write a report; and make recommendations
|
|
What are the four types of audit tools?
|
discovery tools; documentation tools; audit reduction tools; and analysis tools
|
|
What are the three types of monitoring?
|
network monitoring, security monitoring, and keystroke monitoring
|
|
What are the four phases of incident response?
|
preparation, detection, handling, and post-incident response
|
|
What sort of activities are covered by the preparation phase of incident response?
|
establishing and training a response team, acquiring tools, and performing risk analysis
|
|
What phase of incident response is usually the most difficult?
|
detection
|