Questions of the Day Flashcards
What document is important to ensure that an employee can not file a civil privacy suit against their employer?
Reasonable Expectation of Privacy (REP) Waiver
What are the things missing from a hot site?
Data and people
A _____ proves to be a useful approach to identifying failures that can take place within complex environments and systems. In this method, each situation has the potential to cause a negative effect is added to the structure as a series of logic expressions
Fault tree Model
Recovery Time Objective (RTO) usually deals with getting the infrastructure and systems back up and running. What metric is commonly used to deal with restoring data, testing processes, and then making everything live for production?
Work Recovery Time (WTR)
What is the difference between best evidence and direct evidence?
Best evidence is most reliable (such as a signed document) – direct evidence can prove a fact by itself without supporting information
A fault tree model lays out potential negative effects how?
As a structure with negative effect added as a series of logic expressions
What objective usually deals with getting the infrastructure and systems back up and running?
Recovery time Objective (RTO)
When you see “Administrative, Operation, Technical” you should think what sector of systems?
Federal information systems
When you see “Administrative, Physical, Technical” you should think what sector of systems?
Private sector
What java clause is critical for error handling
try…catch
TRUE/FALSE - The main purpose of a code repository is to store the source files used in software development in a centralized location that allows for secure storage.
TRUE
____ consist of shared code objects that perform related functions
Libraries
Developers wishing to sign their code must have a ____
Digital signature
What software methodology uses an iterative process?
Spiral
The DevOps model prioritizes development efforts over operational tasks
FALSE
What character is essential for a SQL injection attack?
Apostrophe ‘
What type of attack seeks to write data to areas of memory reserved for other purposes?
Buffer overflow
TRUE/FALSE - Sandbox execution is not a significant risk with browser add-ons and extensions
TRUE
What is the last stage in code testing?
User Accessibility Testing (UAT)
TRUE/FALSE - Security teams should conduct regular testing of acquired software
TRUE
What is the mnemonic for the software development life cycle?
Re Do The Damn Test Right
What are the stages of the software development lifecycle?
Requirements, Design, Develop, Test, Release
What is the mnemonic for the system development life cycle?
Information Assurance Is Out Dated
What are the stages of system development life cycle?
Initiate, Acquire, Implement, Operations, Disposal
