Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Principles of Data and Cybersecurity > Chapter 9 - Security Operations and Administration > Flashcards

Chapter 9 - Security Operations and Administration Flashcards

1
Q

Security administration

A

the group of individuals responsible for planning, designing, implementing, and monitoring an organization’s security plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Security operations center

A

the physical location where security administration works

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Advantages of security outsourcing

A

offers a high level of expertise that an organization may not have on their own

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Disadvantages of security sourcing

A

the outsourcing firm might not have internal knowledge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Common documentation requirements

A
  • Sensitive assets list
  • The organization’s security process
  • The authority of the persons responsible for security
  • Policies, procedures, and guidelines adopted by the organization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The organization must comply with rules on two levels…

A
  1. organizational
  2. regulatory
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Organizational compliance

A

adhering to the organization’s policies, procedures, and ethics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Regulatory compliance

A

meeting all applicable laws, regulations, and guidelines established by governmental bodies and regulatory organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Memorandum of understanding (MOU)

A

a non-binding agreement between two parties that describes the broad outlines of an agreement that two or more parties have reached

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Event logs

A

records of actions that an organization’s operating system or application software creates, showing which user or system accessed data or a resource and when

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Compliance liaison

A

makes sure that all personnel are aware of and comply with the organization’s policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Remediation

A

fixing security vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Data owner

A

person who owns the data and is responsible for classifying it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

System owner

A

person or group that manages the infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

We can classify information by…

A

criticality
sensitivity
value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Internal and external auditors should…

A

review organization’s information-classification status during the audit process and evaluate the level of compliance

17
Q

Information security personnel should…

A

regularly visit workspaces and submit appropriate reports when violations occur

18
Q

Configuration management

A

the process of managing all changes to computer and device configurations

19
Q

System lifecycle

A

includes all aspects of software life, from initiation to disposal

20
Q

System development life cycle

A

includes all aspects of software development, from initiation until production

21
Q

Difference between the SLC and SDLC

A

The SDLC makes up part of the SLC. The SDLC only includes initiation and planning until production

Principles of Data and Cybersecurity (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions