Flashcards in Chapter 18: Managing Risk Deck (44):
The process of how organizations deal with the bad things that take place on their networks.
Any form of attack where secured data is taken or destroyed.
Acceptable Use Policy
Defines what is and what is not acceptable to do on an organization's computers
Network Access Policy
Defines who may access the network, how they may access the network, and what they access.
The process of creating change in your infrastructure in an organized, controlled, safe way
Typically initiated by management and major in scope.
Typically initiated by a department making a request to the change management team
A good change request will include:
1) Type of change
2) Configuration Procedures
3) Rollback Process
4) Potential Impact
Regularly updating operating systems and applications to avoid security threats.
When do we generally apply driver updates?
To fix an incompatibility, incorporate new features, or repair a bug.
A patch used to quickly respond to a major vulnerability.
It's important that users understand:
1) Security Policies
3) System and Workplace Security
4) Social Engineering
Single Point of Failure
One system that, if it fails, will bring down an entire process, workflow or organization.
High Availability (HA)
The ability for a system to keep working without interruption or downtime.
The ability for backup systems to detect when a master has failed and the to take over.
A single IP address shared by multiple systems.
Virtual Router Redundancy Protocol (VRRP) and Hot Standby Router Protocol (HSRP)
Take multiple routers and gang them together into a single virtual router with a single virtual IP that clients use as a default gateway.
Service Level Agreement (SLA)
A document between a customer and a service provider that defines the scope, quality, and terms of the service to be provided.
What does a typical SLA contain?
1) Definition of the service provided
2) Equipment provided
3) Technical Support that will be given
Memorandum of Understanding (MOU)
A document that defines an agreement between two parties in situations where a legal contract wouldn't be appropriate.
Defines the duties the parties commit to perform for each other.
A document that details the interoperability of various manufacturers' components.
Statement of Work (SOW)
Defines the services and products the vendor agrees to supply and the time frame in which to supply them.
Inspects potential vulnerabilities and creates a report.
A port scanner, which queries individual nodes, looking for open or vulnerable ports.
Popular and extremely comprehensive vulnerability testing tool.
-A purposeful attack by a hacker to see if it can be penetrated.
-Aircrack-ng and Metasploit
How to limit damage and recover quickly from incidents.
Incident Response Level
Incidents that can be stopped, contained, and remediated without outside resources.
Disaster Recovery Level
An incident that can no longer be contained, causing significant damage or danger to the immediate infrastructure.
Business Continuity Level
If the disaster requires actions offsite from the primary infrastructure.
Recovery Point Objective (RPO)
The state of the backup when the data is recovered.
Recovery Time Objective (RTO)
The amount of time needed to restore full functionality
A location that consists of everything a business needs except computers.
Like a cold site but with computers loaded with software and functioning servers. However, lacks current data.
Nearly a complete duplicate of the primary site.
The science of gathering, preserving, and presenting evidence stored on a computer or any form of digital media that is presentable in a court of law.
4 Steps to Computer Forensics
1) Secure the Area
2) Document the Scene
3) Collect Evidence
4) Interface with Authorities
The process of requesting and providing electronic and stored data and evidence in a legal way.
Electrical Safety topics
1) Inherent danger of electricity
A voltage differential that exists between two different grounding points, causing data to become unreadable, and also exposes equipment to more risk from power surges.
Electrostatic Discharge (ESD)
The passage of a static electrical charge from one item to another. It can damage or destroy computing equipment.
What is the ideal temperature and humidity for equipment?
68 degrees F, 50% humidity
Material Safety Data Sheet (MSDS)
Document that describes the safe handling procedures for any potentially hazardous, toxic, or unsafe material.