Chapters 10-11 Flashcards
(85 cards)
1
Q
Why do Businesses Gather Data?
A
- Decision Making
- Core Components of Larger Corporate Strategy
- Data must all be protected
2
Q
Why are Data Backups Important?
A
- Prevent Data Loss
3
Q
What Threats are Addressed by Backups?
A
- Mechanical Failure or Damage
- Data on Lost or Stolen Computers
- Data Destruction or Corruption
4
Q
What is Shadowing?
A
Backup Copy of Each File Being Worked on is Written Periodically
5
Q
Full Backups vs Incremental Backups
A
- Full Backups are Slower but Cover Everything
- Incremental Backups Only Records Changes Since Last Backup, faster, should be done until next full backup
6
Q
What is a Centralized Backup?
A
Back up Systems Over the Network to a Server with Some Storage Device Attached
7
Q
What is CDP?
A
- Continuous Data Protection is when two server locations back up each other in real time where one site can take over in case of disaster
- Required high speed transmission link
8
Q
What are Magnetic Tapes?
A
Slow but inexpensive per bit stored, used in servers
9
Q
What are Second Hard Drives on Computers?
A
Very fast but lost if computer is stolen or destroyed, can be backed up on tape for archival
10
Q
what are DVDs?
A
Optical Disks are more accessible but offer less capacity. Life of information is unknown.
11
Q
What is a RAID?
A
- A Redundant Array of Independent Disks combines multiple disks through virtualization for data redundancy and/or performance
- Disks can be written to simultaneously
12
Q
Differentiate RAID 0, RAID 1, and RAID 5
A
- Raid 0 is used to store data segments into different disks (Striping)
- Raid 1 is very fast and used for data redundancy (mirroring)
- Raid 5 is stripping and mirroring with fast read but slow write (Distributed Parity)
13
Q
What is Mirroring?
A
Creating an exact copy of disks at the same time, virtually no data loss but costly
14
Q
What is Striping?
A
Writing data simultaneously across multiple disks, fast but no reliability
15
Q
What are Backup Creation Policies?
A
What should be backed up, how frequent it happens, and how frequent restoration testing occurs
16
Q
Why Should Backup Media be Encrypted?
A
To protect confidential information if tape is stolen or lost
17
Q
Why Should There be Strong Access Control Policies?
A
- To log and monitor checkouts
- To protect media from loss
18
Q
What are Data Retention Policies?
A
Strong legal requirements for how long certain types of data must be kept
19
Q
What are the Benefits of Email Retention?
A
- Major Part of Corporate Memory
- Referencing Purposes
- Legal Archiving Requirements (may result in fines if broken)
20
Q
What are the Dangers of Retention?
A
- Legal Discovery Process
- Potentially Very Damaging
- Always Expensive
21
Q
What is Accidental Email Retention?
A
- Emails unknowingly stored or individual acts of saving copies of data
22
Q
Why is Email Message Authentication Important?
A
Prevents fake blackmail
23
Q
What are Parts of a Database?
A
- Entity: Type of Object
- Key: Unique Row Identifier
- Attributes (Columns): entity characteristics
- Row (tuple/record): specific occurrence of entity
24
Q
How to Enforce Database Security?
A
- Restrict Data Access
- Restrict Granularity (level of detail)
- Restrict Information Regarding Database Structure
25
What is Database Access Control?
Restrict Access via Database Management Systems
26
What Should be Audited in Databases?
- Logins
- Changes to Database
- Warnings
- Exceptions
- Special Access
27
What is Multi-Tiered Architecture?
Design of infrastructure where different components are separated into distinct tiers
28
What is Encryption?
Make data unreadable to unauthorized users
29
What is Key Escrow?
A 3rd party holds onto keys needed to decrypt data so authorized third parties can gain access to those keys to access data
30
What is DLP?
Data Loss Prevention is a set of controls and systems to prevent unauthorized disclosure of data
31
What is PII?
Personally Identifiable Information is information that can be used to uniquely identify a person
32
What is Data Masking?
Obscuring data such that it cannot be used to uniquely identify a person
33
What are Web Spiders?
(Crawlers) navigate through the web gathering, organizing, and indexing web content
34
What is a Web Scraper?
Tool that extracts predefined data from specific web pages
35
What is a Mashup?
Combining data from various sites or applications
36
What is Information Triangulation?
The combined use of multiple PII to uniquely identify a subject
37
What is Data Extrusion Management?
- Preventing restricted data files from leaving the firm without permission
38
What are Removable Media Controls?
Restrict the capabilities of portable media and the ability to make copies
39
Why is Data Destruction Necessary?
- Handling backups that are past their retention dates
- Drive-wiping
40
Why are Procedures Important?
Permits an organization to continue essential functions if IT support is interrupted
41
What is CP?
Contingency Plans offer overall planning for unexpected events which allows companies to detect, react, and recover from threatening events
42
What is the Main Goal of CP?
Restoration to normal modes of operation with minimal cost and disruption to normal business activities
43
What is IRP?
Incident Response Planning aims to swiftly respond to threats
44
What is DRP?
Disaster Recovery Planning aims to recover operations at a primary site from disasters
45
What is BCP?
Business Continuity Planning is the process of establishing operations at an alternate site during recovery or response
46
What is the Contingency Planning Policy Statement?
Provides the authority and guidance necessary to develop an effective contingency plan
47
What is a BIA?
- Business Impact Analysis predicts the consequences of a disruption
- Not Risk Management
48
Why Should a BIA be Conducted?
Identify and prioritize IT systems and components
49
What are Preventive Controls?
Measures taken to reduce the effects of system disruptions
50
What are Recovery Strategies?
Allows a system to quickly and effectively recover following a disruption
51
What is an IT Contingency Plan?
Detailed guidance and procedures for restoring a damaged system
52
Why is Plan Maintenance Important?
Allows a plan to remain current with system enhancements
53
What Should be Considered in Undertaking BIA?
- Scope: which units to cover, include and nature of evaluated risk
- Plan: Getting correct information to address needs of decision makers
- Balance: weighing available information
- Objective: identify key decision makers require for making choices
- Follow-up: Communicate with teams periodically to ensure process owners and decision maker support processes and end results of BIA
54
what is RTO?
Recovery Time Objectives signify the maximum amount of time a system resource can remain unavailable before it can have an unacceptable impact
55
What is RPO?
Recovery Point Objectives are a point in time before disruption which business data can be recovered
56
What is MTD?
Maximum Tolerable Downtime is the amount of time an authorizing official is willing to accept a business process outage
57
What is WRT?
Work Recovery Time is the amount of effort (in time) to make business functions work again
58
What is an Incident Response Plan?
Detailed set of controls that anticipate, detect, and mitigate the impact of an unexpected compromising event. Reactive, not preventative
59
When is a Valid Attack classified as an Information Security Incident
- Attack is directed against information assets
- Realistic chance of success
- Threatens CIA of information assets
60
What Procedures Must be Performed in Advance Before an Incident
- Details of Data Backup Schedules
- Disaster Recovery Plan
- Training Schedules
- Testing Plans
- Copies of Service Agreements
- Business Continuity Plans
61
What are the Three Basic Phases of Incident Response Actions?
- Detection: recognition of an impending incident
- Reaction: Responding to incident in predetermined fashion
- Recovery: Returning all systems and data to their state before the incident
62
What is the Focus of Incident Containment Strategies?
- Stopping an Incident
- Recovering System Control
63
What is DF?
Digital Forensics aims to preserve, identify, extract, document, and interpret computer media for root cause analysis
64
What is an Affidavit?
A written permision request to search and confiscate related evientiary material (EM) relevant to an investigation
65
What are the Responsibilities of the DRRT Response Teams?
- Recover Salvageable Information Assets from Primary Facilities
- Purchase or Acquire Replacement Information Assets
- Reestablish Functional Information Assets at Primary Sites
66
What are the Steps in the Disaster Recovery Plan?
- Organize DR Team
- Develop DR Planning Policy Statement
- Review the BIA
- Identify Preventive Controls
- Create DR Strategies
- Develop the DR Plan Document
- Ensure DR Plan Testing, Training, and Exercises
- Ensure DR Plan Maintenance
67
What are the Two Classifications of Disasters in Disaster Recovery Plans?
- Natural Disasters vs Man-made Disasters
- Rapid Onset Disasters vs Slow Onset Disasters
68
What is Scenario Development and Impact Analysis?
Used to categorize the level of threat of each potential disaster
69
What is a BCP?
- Business Continuity Plan
- Ensures critical business functions can continue in a disaster
- Activated and executed concurrently with DRP
70
What is a Hot Site?
Fully configured computer facilities with all services
71
What is a Warm Site?
Hot sites with software applications not kept fully prepared
72
What is a Cold Site?
Only rudimentary services and facilities kept ready
73
What are the two Types of Business Continuity Strategies?
- Exclusive-use
- Shared-use
- Chosen by cost
74
What are the options for Exclusive-use Business Continuity Strategies?
- Hot Sites
- Warm Sites
- Cold Sites
75
What are the Shared-use Options for Business Continuity Strategies?
- Timeshares
- Service Bureaus
- Mutual Agreements
76
What is a Timeshare?
A leased exclusive use site
77
What are Service Bureaus?
Agency that provides physical facilities
78
What are Mutual Agreements?
Contract between two organizations to assist one another
79
What are the Specialized Alternatives for Shared-use Options for Business Continuity Strategies?
- Rolling Mobile Site
- Externally Stored Resources
80
What are the Options for Data Recovery in BCPs?
- Electronic Vaulting
- Remote Journaling
- Database Shadowing
81
What is Electronic Vaulting?
Bulk Batch-transfer of data to an off-site facility
82
What is Remote Journaling?
Transfer of live transactions to an off-site facility
83
What is Database Shadowing?
Storage of Duplicate Online Transaction Data
84
What is CM?
Crisis management is an organization's efforts for dealing with the consequences of disaster
85
