Chapter 10 - Auditing and Management Process Flashcards
What is a clipping level in auditing?
The Clipping Level is the predefined threshold upon an action must breach for an alert to be triggered.
One failed log on attempt should not trigger an alert but double digit failed log on attempt could suggest a bruteforce attack.
Audits are an example of what control?
Preventative, Detective or Physical control?
Detective Control
When are audits typically conducted?
- Regular predefined periods such as yearly, monthly etc.
- After significant events such as breaches.
What is the ISACA CISA certification?
A certification that identifies individuals who audit, control and assess a business’s IP and business systems.
What is the ISACA CSM certification?
A management focused certification that audits individuals who design, build and manage enterprise InfoSec programs.
What is PCIDSS?
PCIDSS - Payment Card Industry Data Security Standards
Requires organization that processes card payments to comply with specific security requirements to protect account and card data.
What is ‘Imaging’ in relation to configuration management?
Imaging is when a standard OS image is deployed that has been configured to suit the organizations’ security baseline.
These images are used to deploy resources across the estate.
These contain specific system hardening configurations along with other configurations in line with the company’s security policy.
What is Group Policy in relation to configuration management?
Group Policy allows centralized administration of deployed resources.
Group Policy Objects are system configurations that have been identified within the group’s security policy and can be changed centrally by an administrator and deployed across the entire estate.
i.e. Ports, Firewalls, Port service etc.
In relation to change management what is CRB and CAB?
Change Review Board
Change Authority Board
