Questions and Answers
What is the primary purpose of data destruction?
To ensure discarded information is truly destroyed
What is degaussing used for?
To destroy sensitive data on magnetic media
What are the consequences of uncontrolled malware?
Loss of business information and disruption of business processes
What is the main advantage of remote access?
Signup and view all the answers
What is central anti-malware management used for?
Signup and view all the answers
What is the purpose of defense in depth?
Signup and view all the answers
What are the three types of controls?
Signup and view all the answers
What is encryption used for in remote access?
Signup and view all the answers
What is the primary goal of data classification?
Signup and view all the answers
What is a key aspect of access management?
Signup and view all the answers
What is the primary purpose of records retention policies?
Signup and view all the answers
What is a key benefit of training users on data classification?
Signup and view all the answers
What is a risk related to business records that records retention policies help to manage?
Signup and view all the answers
What is an aspect of access management that helps to ensure secure access to information?
Signup and view all the answers
What is a key aspect of data classification?
Signup and view all the answers
What is a benefit of implementing records management controls?
Signup and view all the answers
What is the primary objective of applying security concepts to computer and business operations?
Signup and view all the answers
What is the main purpose of records management security controls?
Signup and view all the answers
What is the primary principle of need-to-know?
Signup and view all the answers
What is the main goal of incident management?
Signup and view all the answers
What is the purpose of job rotation in security operations?
Signup and view all the answers
What is the main objective of remote access security controls?
Signup and view all the answers
What is the primary goal of administrative management and control of information security?
Signup and view all the answers
What is the main objective of vulnerability management?
Signup and view all the answers
What type of information may be contained in documentation?
Signup and view all the answers
What is the first step in incident management?
Signup and view all the answers
What is the purpose of fault tolerance?
Signup and view all the answers
What is RAID?
Signup and view all the answers
What is clustering in high-availability architectures?
Signup and view all the answers
What is the purpose of replication in high-availability architectures?
Signup and view all the answers
What is a geo-cluster?
Signup and view all the answers
What happens during failover in a clustering system?
Signup and view all the answers
What is the main function of replication in a clustering system?
Signup and view all the answers
What is the primary benefit of virtualization?
Signup and view all the answers
What is the focus of business continuity management?
Signup and view all the answers
Which of the following is NOT a component of vulnerability management?
Signup and view all the answers
What is the primary goal of replication in a clustering system?
Signup and view all the answers
What is the main advantage of virtualization in a business continuity context?
Signup and view all the answers
What is a key component of business continuity management?
Signup and view all the answers
What is the primary focus of vulnerability management?
Signup and view all the answers
Study Notes
Security Operations Concepts
- Need to know: personnel should have access to only necessary information to perform their duties, independent of security clearance
- Least privilege: personnel should have the minimum level of access required to perform their duties
- Separation of duties: divide tasks and responsibilities to prevent any one person from having too much control
- Job rotation: regularly rotate personnel to different roles to prevent familiarity and reduce risk
- Monitoring of special privileges: regularly monitor and audit access to sensitive information
Records Management Controls
- Data classification: establish sensitivity levels and handling procedures for each level
- Access management: policies, procedures, and controls that determine how information is accessed and by whom
- Records retention: policies that specify how long different types of records must be retained
- Backups: ensuring data is backed up regularly to prevent loss
- Data destruction: ensuring discarded information is truly destroyed and not salvageable by employees or outsiders
Data Classification
- Establish sensitivity levels
- Establish handling procedures for each level
- Train users on classification and handling procedures
Access Management
- Policies, procedures, and controls that determine how information is accessed and by whom
- User account provisioning
- Privilege management
- Password management
- Review of access rights
- Secure logon
Records Retention
- Policies that specify how long different types of records must be retained
- Manage risks related to business records, including:
- Risk of compromise of sensitive information
- Risk of loss of important information
- E-Discovery
- Regulation
Data Destruction
- Purpose: ensure discarded information is truly destroyed and not salvageable by employees or outsiders
- Methods:
- Degaussing
- Shredding
- Wiping
Anti-Virus and Anti-Malware
- Effects of uncontrolled malware:
- Loss of business information
- Disclosure or compromise of business information
- Corruption of business information
- Disruption of business information processing
- Inability to access business information
- Loss of productivity
- Apply defense in depth to protect assets
- Central anti-malware management
Remote Access
- Connectivity to a network or system from a remote location
- Improves productivity by permitting employees to access business information from any location
- Risk mitigation strategies:
- Encryption
- Strong authentication
- Anti-malware
- Firewall
Types of Controls
- Technical
- Physical
- Administrative
Resource Protection
- Documentation:
- May contain trade secrets and sensitive information
- Processes, procedures, and instructions
- Version control
- Access control
Incident Management
- Incident declaration
- Triage
- Investigation
- Analysis
- Containment
- Recovery
- Debriefing
High-Availability Architectures
- Fault tolerance
- Clustering
- Failover
- Replication
- Virtualization
Fault Tolerance
- Makes devices less prone to failure
- Methods:
- Multiple power supplies
- Multiple network interfaces
- Multiple processor units
- RAID (Redundant Array of Inexpensive / Independent Disks)
Clustering
- A group of two or more servers that operate functionally as a single logical server
- Active-active mode
- Active-passive mode
- Failover: when active status is transferred
- Geo-cluster: servers located at great distances from one another
Replication
- Data changes are transmitted to a counterpart storage system
- An adjunct to clustering, makes current data available to all cluster nodes
Virtualization
- Multiple operating system instances on a single server platform
- Systems can be logically and physically moved from one server platform to another
- Types:
- Local
- Long distance
Business Continuity Management
- A management activity where analysis is performed to better understand the risks associated with potential disaster scenarios, and the steps that can be taken to reduce the impact of a disaster should one occur
Vulnerability Management
- Vulnerability scanning
- Application scanning
- Penetration testing
- Source code reviews and scanning
- Threat modeling
- Patch management
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
