Chapter 11 - Security Administration Flashcards Preview

CompTIA Security+ > Chapter 11 - Security Administration > Flashcards

Flashcards in Chapter 11 - Security Administration Deck (25):
1

What is a SLA?

page 398
Service Level Agreement
Defines the level of service to be provided.

2

What is BPO?

page 398
Blanket Purchase Order
An Agreement between a government agency and a private company for ongoing purchases of goods or services.

3

What is MOU?

page 398
Memorandum of Understanding
Brief summary of which party is responsibility for what portion of the work.

4

What is ISA?

page 398
Interconnection Security Agreement

5

What kind of training involves everyone understanding policies, procedures and resources available to deal with security problems?

page 399
Organization

6

Ideally what security awareness should Organization training cover?

page 400
- Importance of security
- Responsibilities of people in the organization
- Policies and procedures
- Usage policies
- Account and password-selection criteria
- Social engineering prevention

7

Who receives additional training or exposure that explains the issues, threats and methods of dealing with threats and will want want to know the hows and whys of security training?

page 400
Management

8

Who receives special knowledge training about methods. implementation and capabilities of the systems used to manage security?

page 400
Technical Staff

9

What are some of the topics relate to the safety of the data or physical environment?

page 401
- Fencing - CCTV
- Lighting - Escape Plans
- Locks - Drills
- Escape Routes - Testing Controls

10

Why is it important to have a clean desk policy?

page 402
Information on the desk can easily be seen by prying eyes and taken by thieving hands.

11

What is P2P?

page404
Peer-to-peer

12

What is PII?

page 404
Personally Identifiable Information
Is a catchall for any data that can be used to uniquely identify an individual.

13

How does NIST define PII?

page 404
Any information about an individual maintained by an agency, including
1. Any information that can be used to distinguish or trace an individual's identity, such as name, social security number, date and place of birth, mother's maiden name or biometrics records.
2. Any other information that is linked to an individual, such as medical, education, financial and employment information.

14

What is piggybacking?

page 405
Where the individual knowingly allows another person to tailgate behind hime.

15

What are one safe internet habit?

page 406
Never download or install from unknown sites.

16

What is one smart computing habit?

page 406
read the EULA

17

What is zero day?

page 407
The very day that the attack was discovered.

18

Why is a strong password valuable?

page 407
The stronger the password the harder it is to be compromised

19

How do you dispose of Old Media?

page 408
Hammer, drill, fire

20

What is the definition of hoax?

page 408
A deliberately fabricated falsehood.

21

What are the three classifications of information?

page 409
Public use
Internal use
Restricted use.

22

What is public information?

page 410
Is primarily that which is made available either to the larger public or to specific individuals who need it.

23

What is Limited distribution?

page 410
Information isn't intended for release to the public.

24

What are the bare minimum security measures be in place for mobile devices?

page 418
Screen Lock Voice Encryption
Strong Password GPS Tracking
Device Encryption Application Control
Remote Wipe/Sanitation Storage Segmentation
Asset Tracking Device Access Control

25

What is BYOD

page 419
Bring you own Device