security Flashcards
skill set
WHAT ARE SOME STRATEGIES FOR SECURE SYSTEMS
RISK ASSESSMENT
WHAT IS MOST IMPORTANT
LOSS OF EVENTS
FREQUENCY
IMPACT
MITIGATION
IMPLEMENTATION
COST
MAKE DECISION
A concept in computer security that recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system’s benefits or the risks involved. COST VS BENEFITES
REASONABLE ASSURANCE
INCLUES HARDWARE, SOFTWARE, DATA, NETWORK, FACILITIES PLAN A documented process for recovering an organization’s business information system assets—including hardware, software, data, networks, and facilities—in the event of a disaster.
DISASTER RECOVERY
CRITICAL BUSINESS PROCESS AND WHO SUPPORTS A risk-based strategy that includes an occupant emergency evacuation plan, a continuity of operations plan, and an incident management plan with an active governance process to minimize the potential impact of any security incident and to ensure business continuity in the event of a cyberattack or some form of disaster.
BUSINESS CONTINUTIY PLAN
WHAT NEEDS DONE - DELICATES RESPONSIBILITIES An organization’s security requirements, as well as the controls and sanctions needed to meet those requirements.
SECURITY POLICY
sysadmin, audit, network, security
SANS
WHAT DOES CIA TRIAD STAND FOR
CONFIDENTIALITY
INTEGRITY
AVAILABILITY
WHAT LEVEL OF CIA IS AUTHENTICAION METHOD SINGLE FACTOR
APPLICATION
WHAT LEVEL OF CIA IS USER ROLES AND ACCOUNTS
APPLICATION
WHAT LEVEL OF CIA IS DATA ENCRYPTION USED
APPLICATION
AT WHAT LEVEL OF CIA IS EDUCATION USED
END USER
AT WHAT LEVEL OF CIA IS AUTHENTICATION USED
END USER
AT WHAT LEVEL OF CIA IS ANTI VIRUS USED
END USER
AT WHAT LEVEL OF CIAS IS DATA ENCRYPTION USED
END USER
COMPANY MONITORS, MANAGES, MAINTAINS COMPUTER SECURITY
MSSP
MANAGED SECURITY SERVICE PROVIDER
WHAT ARE STEPS TO RESPOND TO CYBER ATTACK
INCIDENT NOTIFICATION
PROTECTION OF EVIDENCE/ACTIVITY LOG
INCIDENT CONTAINMENT
ERADICATION
INCIDENT FOLLOW UP
WHAT ARE THE TWO CERTIFICATION NEEDED FOR COMPUTER FORENSICS FOR LEGAL MATTERS
CCE - CERTIFIED COMPUTER EXAMINER
ENCE CERTIFIED EXAMINER MASTERED COMPUTER INVESTIGATION
NAME SOME AUTHENTICATION METHODS FOR SECURE NETWORKS
FIREWALL
NEXT GENERATION FIREWALL
ROUTERS
ENCRYPTION
ENCRYPTION KEY
TLS - TANSPORT LAYER SECURITY
PROXY SERVER
VPN
INTRUSION DETECTION SYSTEM
hardware or software (or a combination of both) that serves as the first line of defense between an organization’s network and the Internet; also limits access to the company’s network based on the organization’s Internet-usage policy can be configured to serve as an effective deterrent to unauthorized web surfing by blocking access to specific objectionable websites.
FIREWALL
A hardware- or software-based network security system that is able to detect and block sophisticated attacks by filtering network traffic dependent on the packet contents.
NGFW - NEXT GENERATION FIREWALL
a gateway that passes data between one or more local area networks (LANs)
ROUTER
communications protocol is used to secure sensitive data. a communications protocol or system of rules that ensures privacy between communicating applications and their users on the Internet enables a client (such as a web browser) to initiate a temporary, private conversation with a server (such as an online shopping site or bank)
TLS - TRANSPORT LAYER SECURITY
serves as an intermediary between a web browser and another server on the Internet that makes requests to websites, servers, and services on the Internet for you
PROXY SERVER
is software and/or hardware that monitors system and network resources and activities and notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environment
IDS - INTRUSION DETECTION SYSTEM
