- Need to know - Limit access to and knowledge of info - Least privilege - Limit access to and actions to info/data - Segregation (or separation) of duties - Two-person control - e.g. split knowledge, or use 2 keys, etc. - Job rotation - Mandatory vacations

Chapter 16 Flashcards by Dragon Boss

Operational security

Need to know - Limit access to and knowledge of info
Least privilege - Limit access to and actions to info/data
Segregation (or separation) of duties
Two-person control - e.g. split knowledge, or use 2 keys, etc.
Job rotation
Mandatory vacations

How well did you know this?

Not at all

Perfectly

Asset management

Inventory assets
Track assets
Secure and protect assets

How well did you know this?

Not at all

Perfectly

Software assets - inventory and track licenses; protect from being stolen

How well did you know this?

Not at all

Perfectly

MTTF - time to failure if will not repair
MTBF - time between failures if will repair

How well did you know this?

Not at all

Perfectly

Change Management

Primary goal - ensure changes do not cause outages

Process:
1. Request change
2. Review change
3. Approve change
4. Test change
5. Schedule & implement
6. Document

How well did you know this?

Not at all

Perfectly

Patch Managementf

Process:
1. Evaluate patch
2. Test
3. Approve
4. Deploy
5. Verify deployment

How well did you know this?

Not at all

Perfectly

Brainscape's Knowledge GenomeTM

Chapter 16 Flashcards

Brainscape's Knowledge Genome^TM