Chapter 2 - Understanding Security Policies Using a Lifestyle Approach Flashcards Preview

Cisco CCNA Security (640-554) > Chapter 2 - Understanding Security Policies Using a Lifestyle Approach > Flashcards

Flashcards in Chapter 2 - Understanding Security Policies Using a Lifestyle Approach Deck (11):
1

Secure Network Lifecycle - Initiation

Preliminary risk assessment and categorizing of risk (low, medium, high).

2

Secure Network Lifecycle - Acquisition and Development

Detailed risk assessment, acquiring the products and tools needed to reduce risk.

3

Secure Network Lifecycle - Implementation

When you put countermeasuers in place on the production network.

4

Secure Network Lifecycle - Operations & Maintenance

Monitoring and care for network security devices. Also includes incident handling.

5

Secure Network Lifecycle - Disposition

Getting rid of network equipment (including formatting / destroying media storage devices).

6

What is Qualitative risk analysis?

Data is gathered by an individual to determine an asset's value, it's vulnerabilities, potential threats, and the impact or risk based on those factors.

7

What is Quantitative risk analysis?

Uses raw data, numbers, and statistics to determine risk.

8

What are the primary reasons for documenting the value of an asset, in combination with the vulnerabilities of that asset?

To identify risk, and possible countermeasures.

9

Who is ultimately responsible for the data and security on the network?

Senior Management.

10

What kind of policy does the senior executive team create?

Governing policy (high-level security policy)

11

What are the 5 steps to Cisco's Secure Network Lifecycle?

1. Initiation
2. Acquisition and development
3. Implementation
4. Operations and maintenance
5. Disposition