Chapter 11

Question 1

SOPs

Answer 1

Standard Operating Procedures is a document that provides step-by-step instructions on how to perform common tasks or routine operations

Question 2

AUP

Answer 2

Acceptable Use Policy is a policy defining proper system usage and the rules of behavior for employees

It often describes the purpose of computer systems and networks, how users can access them, and the responsibilities of users when accessing the systems

Question 3

Mandatory Vacation

Answer 3

A policy that forces employees to take a vacation

The goal is to deter malicious activity, such as fraud and embezzlement, and detect malicious activity when it occurs

Question 4

Separation of Duties

Answer 4

A security principle that prevents any single person or entity from controlling all the functions of a critical or sensitive process

It’s designed to prevent fraud, theft, and errors

Question 5

Job Rotation

Answer 5

A processes that ensures employees rotate through different jobs to learn the processes and procedures in each job

It can sometimes detect fraudulent activity

Question 6

Clean Desk Policy

Answer 6

A security policy requiring employees to keep their areas organized and free of papers

The goal is to reduce threats of security incidents by protecting sensitive data

Question 7

Background Check

Answer 7

A check into a person’s history, typically to determine eligibility for a job

Question 8

NDA

Answer 8

Non-Disclosure agreement is an agreement that is designed to prohibit personnel from sharing proprietary data

It can be used with employees within the organization and with other organizations

Question 9

Exit Interview

Answer 9

An interview conducted with departing employees just before they leave an organization

Question 10

Onboarding

Answer 10

The process of granting individuals access to an organization’s computing resources after being hired

It typically includes giving the employee a user account with appropriate permissions

Question 11

ISA

Answer 11

Interconnection security agreement is an agreement that specifies technical an security requirements for connections between two or more entities

Compare with MOU/MOA

Question 12

SLA

Answer 12

A service Level Agreement is an agreement between a company and a vendor that stipulates performance expectation, such as minimum uptime and maximum downtime levels

Question 13

MOU/MOA

Answer 13

Memorandum of understanding or memorandum of agreement is a type of agreement that defines responsibilities of each party

Compare with ISA

Question 14

BPA

Answer 14

Business partners agreement is a written agreement that details the relationship between business partners, including their obligations toward the partnership

Question 15

Public Data

Answer 15

Data that is available to anyone

It might be in brochures , in press releases, or on the web sites

Question 16

Confidential Data

Answer 16

Data meant to be kept secret among a certain group of people

As an example, salary data is meant to be kept secret and not shared with everyone within a company

Question 17

Proprietary Data

Answer 17

Data that is related to ownership

Common examples are information related to patents or trade secrets

Question 18

Private Data

Answer 18

Information about an individual that should remain private

Personally Identifiable Information (PII) and Personal Health Information (PHI) are two examples

Question 19

Labeling

Answer 19

The process of ensuring data is tagged clearly so that users know its classification

Labels can be physical labels, such as on backup tapes, or digital labels embedded in files

Question 20

Purging

Answer 20

A general sanitization term indication that all sensitive data has been removed from a device

Question 21

File Shredding

Answer 21

Filler

Question 22

Wiping

Answer 22

The process of completely removing all remnants of data on a disk

A bit-level overwrite writes patterns of 1s and 0s multiple times to ensure data on a disk is unreadable

Question 23

Erasing and Overwriting

Answer 23

Filler

Question 24

Burning

Answer 24

Filler

Question 25

Paper Shredding

Answer 25

Filler

Question 26

pulping

Answer 26

A process that is performed after shredding papers

It reduces the shredded paper to a mash or puree

Question 27

Degaussing

Answer 27

The process of removing data from magnetic media using a ery powerful electronic magnet

Degaussing is sometimes used to remove data from a backup tapes or to destroy hard disks

Question 28

Pulverizing

Answer 28

A process used to physically destroy items such as optical discs that aren’t erased by a degausser

Question 29

Data Retention Policy

Answer 29

A security policy specifying how long data should be kept (retained)

Question 30

PII

Answer 30

Personally Identifiable Information is information about individuals that can be used to trace a person;s identity, such as a full name, birth date, bio metric data, and more

Question 31

PHI

Answer 31

Personal Health Information

PII that includes health information

Question 32

HIPAA

Answer 32

Filler

Question 33

GLBA

Answer 33

Filler

Question 34

SOX

Answer 34

Filler

Question 35

GDPR

Answer 35

Filler

Question 36

Owner

Answer 36

Filler

Question 37

Steward/Custodian

Answer 37

Filler

Question 38

Privacy Officer

Answer 38

Filler

Question 39

Incident Response

Answer 39

The process of responding to a security incident

Organizations often create an incident response plan that outlines the procedures to be used when responding to an incident

Question 40

Security Incident

Answer 40

An adverse event or series of events that can negatively affect the confidentiality, integrity, or availability of an organization’s information technology (IT) systems and data

Question 41

IRP

Answer 41

Incident Response Plan are the procedures documented in an incident response policy

Question 42

Definitions of Incident Types

Answer 42

Filler

Question 43

Cyber-Incident Response Teams

Answer 43

A group of experts who respond to security incidents

Also known as CIRT

Question 44

Roles and Responsibilities

Answer 44

Filler

Question 45

Escalation

Answer 45

Filler

Question 46

Reporting Requirements

Answer 46

Filler

Question 47

Exercises

Answer 47

Filler

Question 48

Preparation

Answer 48

Filler

Question 49

Identification

Answer 49

Filler

Question 50

Containment

Answer 50

Filler

Question 51

Eradication

Answer 51

Filler

Question 52

Recovery

Answer 52

Filler

Question 53

Lessons Learned

Answer 53

Filler

Question 54

Order of Volatility

Answer 54

A term that refers to the order in which you should collect evidence

For example, data in memory is more volatile than data on a disk drive, so it should be collected first

Question 55

Record Time Offset

Answer 55

An offset used by recorders to identify times on recordings

If you know when the recording started, you can use the offest to identify the actual time at any point in the recording

Question 56

Chain of Custody

Answer 56

A process that provides assurances that evidence has been controlled and handled properly after collection

Forensic experts establish a chain of custody when they first collect evidence

Question 57

Legal Hold

Answer 57

A court order to maintain data for evidence

Question 58

Data Owner

Answer 58

Filler

Question 59

System Administrator

Answer 59

Filler

Question 60

System Owner

Answer 60

Filler

Question 61

User

Answer 61

Filler

Question 62

Privileged User

Answer 62

Filler

Question 63

Executive User

Answer 63

Filler

Question 64

Incident Response Team

Answer 64

Filler