Chapter 16: Managing Security Operations Flashcards

1
Q

The _____ principle imposes the requirement to grant users access only to data or resources they need to perform assigned work tasks.

A

need-to-know

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The ______ principle states that subjects are granted only the privileges necessary to perform assigned work tasks and no more.

A

least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

_____ and responsibilities ensures that no single person has total control over a critical function or system.

A

Separation of duties (SoD)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

_____ control (sometimes called the two-man rule) requires the approval of two individuals for critical tasks.

A

Two-person

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

____ (sometimes called rotation of duties) means that employees rotate through jobs or rotate job responsibilities with other employees.

A

Job rotation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Many organizations require employees to take ______ in one-week or two-week increments. This provides a form of peer review and helps detect fraud and collusion.

A

mandatory vacations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A simple ____ system is just a button that sends a distress call and are useful when personnel are working alone.

A

duress

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

____ management refers to managing both tangible and intangible assets. This typically starts with inventories of assets, tracking the assets, and taking additional steps to protect them throughout their lifetime.

A

Asset

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

____ assets include hardware and software assets owned by the company.

A

Tangible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

_____ assets include patents, copyrights, a company’s reputation, and other assets representing potential revenue.

A

Intangible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

____ refers to a system’s ability to add and remove resources dynamically, based on increasing or decreasing load.

A

Elasticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

_____ new systems refers to installing and configuring the operating system and needed applications.

A

Provisioning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly