4.6-4.9 Flashcards

1
Q

just-in-time permissions

A

allows tech to receive elevated rights for a limited amount of time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

password vaulting

A

primary credentials are stored in password vault. just in time process creates ephemeral credentials off of those primary credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

how can automation help with user and resource provisioning

A

automation and scripting can automatically assign access to specific resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

guard rails

A

automated script can verify inputted info to correct human errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

security groups automation

A

assign or remove group access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ticket creation

A

automatically identify issues for tickets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

escalation

A

correct issues before involving a human

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

considerations for automation and scripting
technical debt

ongoing supportability

A

patching problems down the road. more expensive to fix later.

have to keep updating the script over time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Process: Preparation

A

have incident analysis resources, incident mitigation software, incident handling hardware and software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Process: Detection

A

many different detection sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Process: Analysis

A

analyze all data from detection and see if you can locate the incident

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Process: Containment

A

isolate the problem into a sandbox so it doesn’t spread

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

incident response process

A

-Preparation
- Detection
- Analysis
- Containment
- Eradication
- Recovery
- Lessons learned

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

threat hunting

A

find the attacker before they find you

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what is digital forensics

what is acquisition and reporting in df

A

collect and protect information relating to an intrusion

acquisition (obtain) , analysis and reporting(document the findings)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

legal hold

A

legal technique to preserve relevant information, ususally by a custodians

17
Q

esi

A

electronically stored information

18
Q

chain of custody

A

control evidence, everyone who contacts the evidence, label and catalog everything

19
Q

preservation

A

isolate and protect the data

20
Q

e-discovery

A

e discovery gathers data required by the legal process

21
Q

metadata

A

data that describes other data sources

22
Q

dashboards

A

real-time status information