Part 5 Flashcards Preview

Information Security Fundamentals > Part 5 > Flashcards

Flashcards in Part 5 Deck (9)
Loading flashcards...
0

Provide _____ for IT Staff—Now and Forever

Security Training

1

Just as implementing a robust, secure environment is a dynamic process, creating a ____of security professionals is also a dynamic process.

highly skilled staff

2

New ____ are being discovered and new attacks are being launched on a regular basis.

vulnerabilities

3

It is important for the IT staff to be prepared to _____and_____to new threats and vulnerabilities.

identify and respond

4

It is recommended that those interested in gaining a deep security understanding start with a _____ program. A _______ program is one that focuses on concepts rather than specific products.

vendor-neutral

5

SANS

SysAdmin, Audit, Network, Security)

6

The ____offers two introductory programs: Intro to Information Security (Security 301),22 a five-day class designed for peo- ple just starting out in the security field, and the SANS Security Essentials Bootcamp (Security 401),23 a six-day class designed for people with some security experience.

SANS (SysAdmin, Audit, Network, Security) Institute

7

Another option is start with a program that follows the ____ certification requirements, such as the Global Knowledge Essentials of Information Security.24 Some colleges offer similar programs.

CompTia Security

8

Arguably one of the best ways to determine whether an employee has a strong grasp of information security concepts is if she can achieve the CISSP certification.

Certified Information Systems Security Professional

Candidates for this certification are tested on their under- standing of the following 10 knowledge domains:

● Access control
● Application security
● Business continuity and disaster recovery planning
● Cryptography
● Information security and risk management
● Legal, regulations, compliance, and investigations
● Operations security
● Physical (environmental) security
● Security architecture and design
● Telecommunications and network security