Chapter 11 Flashcards
SOPs
Standard Operating Procedures is a document that provides step-by-step instructions on how to perform common tasks or routine operations
AUP
Acceptable Use Policy is a policy defining proper system usage and the rules of behavior for employees
It often describes the purpose of computer systems and networks, how users can access them, and the responsibilities of users when accessing the systems
Mandatory Vacation
A policy that forces employees to take a vacation
The goal is to deter malicious activity, such as fraud and embezzlement, and detect malicious activity when it occurs
Separation of Duties
A security principle that prevents any single person or entity from controlling all the functions of a critical or sensitive process
It’s designed to prevent fraud, theft, and errors
Job Rotation
A processes that ensures employees rotate through different jobs to learn the processes and procedures in each job
It can sometimes detect fraudulent activity
Clean Desk Policy
A security policy requiring employees to keep their areas organized and free of papers
The goal is to reduce threats of security incidents by protecting sensitive data
Background Check
A check into a person’s history, typically to determine eligibility for a job
NDA
Non-Disclosure agreement is an agreement that is designed to prohibit personnel from sharing proprietary data
It can be used with employees within the organization and with other organizations
Exit Interview
An interview conducted with departing employees just before they leave an organization
Onboarding
The process of granting individuals access to an organization’s computing resources after being hired
It typically includes giving the employee a user account with appropriate permissions
ISA
Interconnection security agreement is an agreement that specifies technical an security requirements for connections between two or more entities
Compare with MOU/MOA
SLA
A service Level Agreement is an agreement between a company and a vendor that stipulates performance expectation, such as minimum uptime and maximum downtime levels
MOU/MOA
Memorandum of understanding or memorandum of agreement is a type of agreement that defines responsibilities of each party
Compare with ISA
BPA
Business partners agreement is a written agreement that details the relationship between business partners, including their obligations toward the partnership
Public Data
Data that is available to anyone
It might be in brochures , in press releases, or on the web sites
Confidential Data
Data meant to be kept secret among a certain group of people
As an example, salary data is meant to be kept secret and not shared with everyone within a company
Proprietary Data
Data that is related to ownership
Common examples are information related to patents or trade secrets
Private Data
Information about an individual that should remain private
Personally Identifiable Information (PII) and Personal Health Information (PHI) are two examples
Labeling
The process of ensuring data is tagged clearly so that users know its classification
Labels can be physical labels, such as on backup tapes, or digital labels embedded in files
Purging
A general sanitization term indication that all sensitive data has been removed from a device
File Shredding
Filler
Wiping
The process of completely removing all remnants of data on a disk
A bit-level overwrite writes patterns of 1s and 0s multiple times to ensure data on a disk is unreadable
Erasing and Overwriting
Filler
Burning
Filler
Paper Shredding
Filler
pulping
A process that is performed after shredding papers
It reduces the shredded paper to a mash or puree
Degaussing
The process of removing data from magnetic media using a ery powerful electronic magnet
Degaussing is sometimes used to remove data from a backup tapes or to destroy hard disks
Pulverizing
A process used to physically destroy items such as optical discs that aren’t erased by a degausser
Data Retention Policy
A security policy specifying how long data should be kept (retained)
PII
Personally Identifiable Information is information about individuals that can be used to trace a person;s identity, such as a full name, birth date, bio metric data, and more
PHI
Personal Health Information
PII that includes health information
HIPAA
Filler
GLBA
Filler
SOX
Filler
GDPR
Filler
Owner
Filler
Steward/Custodian
Filler
Privacy Officer
Filler
Incident Response
The process of responding to a security incident
Organizations often create an incident response plan that outlines the procedures to be used when responding to an incident
Security Incident
An adverse event or series of events that can negatively affect the confidentiality, integrity, or availability of an organization’s information technology (IT) systems and data
IRP
Incident Response Plan are the procedures documented in an incident response policy
Definitions of Incident Types
Filler
Cyber-Incident Response Teams
A group of experts who respond to security incidents
Also known as CIRT
Roles and Responsibilities
Filler
Escalation
Filler
Reporting Requirements
Filler
Exercises
Filler
Preparation
Filler
Identification
Filler
Containment
Filler
Eradication
Filler
Recovery
Filler
Lessons Learned
Filler
Order of Volatility
A term that refers to the order in which you should collect evidence
For example, data in memory is more volatile than data on a disk drive, so it should be collected first
Record Time Offset
An offset used by recorders to identify times on recordings
If you know when the recording started, you can use the offest to identify the actual time at any point in the recording
Chain of Custody
A process that provides assurances that evidence has been controlled and handled properly after collection
Forensic experts establish a chain of custody when they first collect evidence
Legal Hold
A court order to maintain data for evidence
Data Owner
Filler
System Administrator
Filler
System Owner
Filler
User
Filler
Privileged User
Filler
Executive User
Filler
Incident Response Team
Filler
