Flashcards in Compliance & Operational Security Deck (21)
What are things to consider if performing an major update?
Time frame (downtime)
Test & Monitor post change
How do you mitigate privilege creep?
User rights and permission levels based on least privelege
What is PII?
Personally Identifiable Information
What is DLP?
Data Loss Prevention
What information is stored in RAM?
Reigisters, Cache (i.e ARP,RAID,CPU) , Process Tables, System Information
What are computer mechanisms ranked by volatility?
SWAP file (retained only if gracefully shutdown)
What is chain of custody?
Details regarding where the evidence was stored, who had access, integrity of evidence (hashes)
What does a first responder do at an incident?
Triage (decide priority of incident)
What is Mandatory Access Control?
Data labeling and clearance levels for users
What process uses a magnet to erase a hard drive?
What is a compensating control measure?
An additional system to compensate for the incapability of another system
What is an administrative control measure?
Written security policy
What is the first step in creating a BCP?
Business Impact Analysis
critical systems, assets and dependencies
What is a hot site?
Full redundant copy (including storage and networking) of a primary site
What is a warm site?
Equipment available without data replicated
What is a cold site?
Facility without equipment (location only)
Where is the DRP specified?
BCP may list a number of DRPs against different events
What is IT contingency planning?
Specified within DRP, focuses on one system
i.e RAID 5 on computer
What is a tabletop excercise?
Structured walk through of BCP including all parties
What is stegonography?
Hiding documents in other files