701 - Chapter 11 Flashcards by Mike Conrad

What process ensures that every proposed change is properly reviewed and cleared by management before it takes place?

Approval process

How well did you know this?

Not at all

Perfectly

What clearly defines who is responsible for each change by designating a primary owner who will be the key decision maker and sponsor of the change?

Ownership

How well did you know this?

Not at all

Perfectly

What identifies all the individuals and groups within the organization and outside the organization that might be affected by the change?

Stakeholder analysis

How well did you know this?

Not at all

Perfectly

What is the review of potential effects of the change, including unintended side effects?

Impact analysis

How well did you know this?

Not at all

Perfectly

What confirms that the change will work as expected?

Testing

How well did you know this?

Not at all

Perfectly

What provides a detailed sequence of steps that the team should follow if the change goes wrong?

A back out plan

How well did you know this?

Not at all

Perfectly

What is the time that is coordinated with stakeholders and that they are aware that the system may be down due to maintenance?

Maintenance window

How well did you know this?

Not at all

Perfectly

The change management process should not be closed out until what occurs

All documentation and diagrams are updated to reflect the impact of the change

How well did you know this?

Not at all

Perfectly

What is the formal process used to track the current versions of software code and system application configurations?

Version control

How well did you know this?

Not at all

Perfectly

What is the data type that is governed by external laws and regulations with which the organizations must comply? And what is an example?

Regulated data… PCI DSS

How well did you know this?

Not at all

Perfectly

What data type is about monetary transactions related to an organization or individual?

Financial information

How well did you know this?

Not at all

Perfectly

What data type is information that is crucial to the way that an organization runs its business? And what is an example of this?

Intellectual property… trade secrets

How well did you know this?

Not at all

Perfectly

And what data type is among the most sense information maintained by an organization?

Legal information

How well did you know this?

Not at all

Perfectly

What provides a formal category for identifying the sensitivity and the criticality of #DATA?

Data classification

How well did you know this?

Not at all

Perfectly

What are the three levels the US government uses for data classification and what are the four levels that private companies may use?

Top-secret, secret, confidential… public, private, confidential, restricted

How well did you know this?

Not at all

Perfectly

What identifies how long data is kept in sometimes specifies where it is stored?

DATA retention policy

How well did you know this?

Not at all

Perfectly

What methods ensure that data is removed or destroyed from any devices before disposing of the devices?

DATA sanitation

How well did you know this?

Not at all

Perfectly

What is the process of removing all remnants of a file on a desk by overriding the location where the file was stored with ones and zeros?

Files shredding

How well did you know this?

Not at all

Perfectly

What refers to the process of completely removing all remnants of data on a disk by overwriting with ones and zeros?

Wiping

How well did you know this?

Not at all

Perfectly

True or false solid-state drives can use traditional wiping tools?

False, they require a special process for sanitization because they use flash memory instead of magnetic storage platters…

How well did you know this?

Not at all

Perfectly

What is the data sanitation process that uses a very powerful electronic magnet? And can it be used on a hard drive?

Degaussing… no, it will render the drive unusable

How well did you know this?

Not at all

Perfectly

At the conclusion of a data destruction process what is the certificate that certifies the process?

Certificate of destruction

How well did you know this?

Not at all

Perfectly

What provides a formal coordinated plan that personnel can use when responding to an incident?

Incident response plan

How well did you know this?

Not at all

Perfectly

This section of the IRP identifies a difference between an event and an actual incident?

Definition of incident type

How well did you know this?

Not at all

Perfectly

This section of the IRP defines the employees required that have expertise in different areas?

Incident response team

This section of the IRP identify specific duties for an incident response team

Rules and responsibilities

What is the part of the IRP that provides direction on how to communicate issues related to an incident?

Communication plan

What defines a security incident and the incident response procedures?

Incident response policy

What are two good Times for the IRP to be reviewed?

Periodically and in response to lessons learned after incidents

What are the seven phases of an incident response process?

Preparation, detection, analysis, containment, eradication, recovery, lessons learned

What is the process to identify what initially went wrong that allowed an incident to occur?

Root cause analysis

What is the scenario base training where participants discuss an analyze a hypothetic incident in a non-threatening environment? And what is a more formal form of hands on hands-on training for an incident?

Table top exercise… simulation

What is the active process for a skilled computer security expert to actively search for cyber threats that might have slipped past regular security systems?

Threat hunting

What is the process and techniques used when collecting information after an incident occurs? And what is the assumption with this process?

Digital forensics… The data collected will be used as evidence in court

What refers to the order in which you should collect evidence? And what should be that order?

Order of volatility… evidence should be collected from the most volatile and move to the least volatile

What is the order from most volatile to least volatile?

Cache memory, RAM, swap or page file, disk, attached devices, network

What are pieces of data on a device that regular users are unaware of? What are some examples?

Forensic artifacts… web history, recycle bin, windows, error, reporting, RDP Cache

What referred to the process of collecting data from the OS? And firmware?

OS forensics…firmware forensics

True or false after a forensic image of the system data is captured, the review will use this version?

False a copy will be created for analysis, the original will always be preserved

What refers to a legal obligation to maintain different types of data as evidence? And what is the identification and collection of electronically stored information called?

A legal hold…eDiscovery

Name four pieces of useful meta data?

File, email, Web, mobile

What is the process that provides assurances that evidence has been controlled and appropriately handled after collection?

Chain of custody

What is SOAR? And what is it used for? And what do they use?

Security, orchestration, automation, and response… they are tools to respond to low level, security events automatically… play books and run books

What is an SOAR playbook? And what is a run book?

Provides a checklist of things to check for in a suspected incident… implements the playbook checklist using available organization tools

What is the set of responsibilities and processes established by an organizations top level management to direct evaluate and controlled organizations security efforts?

Security governance

What are written doc documents that layout a security plan with a company?

Security policies

Within a security policy, what describes the purpose of computer systems and networks, how users can access them and the responsibility of users when they access the system?

Acceptable use policies

Within a security policy, what protects an organization, data and information systems by defining the rules for how to manage, protect and distribute information?

Information security policies

Within a security policy, what outlines the steps and organization should take to continue operations in the event of a major disruption or disaster?

Business continuity and disaster recovery policies

Within a security policy, what provides rules for how out the organization will respond to a security incident, such as a data breach or cyber attack?

Incident response policies

Within a security policy, what provides structure for how software should be developed within an organization?

Software development lifecycle policy SDLC

Within a security policy, what outlines how changes to IT systems, applications, and network should be managed within an organization?

Change management policy

What is the difference between a security policy, and a security standard?

Policies are typically high-level documents while security standards outline, technical and business requirements for security

What are some common security standards?

Passwords, access control, physical, security, encryption

After security standards, what is the next level of detail? And what are some examples?

Security procedures… change management procedures, on boarding procedures, off boarding procedures

What is different about security guidelines vice security policy, standards, procedures?

Guidelines are optional sets of best practices, whereas the others are all mandatory for employees to follow

What refers to the processes an organization uses to manage process and protected data? And what does it offer?

Data governance… methods to help ensure or improve the quality of data and method driven by regulations and laws

Within data governance, what is the data that is critical to the successive emission within an organization? And what is identified?

Critical data… critical data elements

With data governance, what role has primary responsibility for specific type of data within the organization? Who is typically this person?

#DATA owner… Senior executive

With data governance, which role is responsible for caring out the intent of the data owners requirements?

#DATA steward

With data governance, which role is responsible for daily routine tasks, such as backing up the data storage of the data and implementation of business rules? Who would be an example of this?

#DATA custodian…a DBA

With data governance, which role is associated with the collection of employee data to carry out company specific operations, for example like payroll?

#DATA controller

With data governance, which role is a third-party organization that uses and manipulates the data on behalf of the #DATA controller? for example, a payroll company would accept the personnel data from the data controller and use it to process a payroll functions

Data processor

With data governance, which action involves continuous, checking the effectiveness of the organizations security measures? What are some examples of this?

Monitoring… routine, security audits, reviews of access logs, ongoing vulnerability scanning

With data governance, what activity involves adjusting policy, standards, and procedures as needed based on the results of monitoring?

Revision

True or false an organization should regular conduct a supply chain analysis to assess any risk associated with the relationships with all vendors, making up their supply chain

True

When working with vendors in your supply chain, what two policies is it very important to be aware of regarding them?

End of life and end of service life

Which clause in a cloud provider contract permits, the customer to hire an auditor to review the cloud providers records and Systems?

Right to audit clause

When selecting a new vendor, what are two steps that should be accomplished?

Performing due diligence and assessing any potential conflicts of interest

What is an agreement between a company and a vendor that stipulates performance expectations such as minimum up time and maximum downtime levels?

Service level agreement

What expresses an understanding between two or more parties indicating their intention to work together towards a common goal? And what is another name for this?

Memorandum of understanding, MOU… Memorandum of agreement MOA

What is a written agreement that details the relationship between business partners, including their obligations towards the partnership?

Business partners agreement BPA

What agreement is used between two entities to ensure that proprietary data is not disclosed to unauthorized entities?

A non-disclosure agreement NDA

What provides structure to the agreements for vendors that you will work with repeatedly and contains the general terms of the relationship?

Master services agreements, MSA

After an MSA is established, when there is new work or projects what can be written?

Work order or a statement of work

What mandates that organizations protect health information?

HIPAA

What requires financial institutions to pride consumers with a privacy notice explaining what information they collect and how it is to be used?

Grammy-Leach Bliley act GLBA

What European union directive mandates protection of privacy data for individuals who live in the EU

General data protection regulation, GDPR

What outlines a set of strict security requirements for handling cardholder data?

Payment card industry, #DATA security standard PCIDSS

What are two primary components of an effective compliance monitoring system system?

Internal and external monitoring

What is the continuous effort of ensuring the organization adheres to compliance requirements and addresses any identify noncompliance in a timely manner?

Due care

What refers to the verification by individuals within the organization or third parties that the organization is compliant with the relative rules and regulations called?

Attesstation

What right empowers individuals to request that their personal data be erased from a companies records under specific circumstances?

Right to be forgotten

What is a detailed list of where important data is kept who can get to it and why it is used?

#DATA inventory

Once a good data inventory is set up. The next important thing is to have rules about how long to keep the data, what is this called?

Data retention

701 - Chapter 11 Flashcards

(85 cards)