Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP Sybex Study Guide > Chapter 16 - Managing Security Operations > Flashcards

Chapter 16 - Managing Security Operations Flashcards

1
Q

Define the difference between need to know and the principle of least privilege.

A

Need to know focuses on permissions and the ability to access information, whereas the principle of least privilege focuses on privileges. Privileges include both rights and permissions. Both limit the access of users and subjects to only what they need. Following these principles prevents and limits the scope of security incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define patch management process

A 
Evaluate patches
Test patches
Approve the patches
Deploy the patches
Verify that patches are deployed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Key elements of configuration management

A

Configuration management isn’t about preventing change but ensuring the integrity of IT resources by preventing unauthorised or improper changes.

According to the Official ISC2 guide to the CISSP exam, a good CM process is one that can:

(1) accommodate change;
(2) accommodate the reuse of proven standards and best practices;
(3) ensure that all requirements remain clear, concise, and valid;
(4) ensure changes, standards, and requirements are communicated promptly and precisely; and
(5) ensure that the results conform to each instance of the product.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A Private cloud.

A

The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is used to create parity information?

A

RAID level 2 the parity information is created using a hamming code that detects errors and establishes which part of which drive is in error?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

VSAN

A

Systems with extra disk space can be used to aggregate all their disk space for use as storage system to augment or replace file server capacity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

VSAN

A

Systems with extra disk space can be used to aggregate all their disk space for use as storage system to augment or replace file server capacity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Archive bit for backup methods

A

Archive bit 1 = On (the archive bit is set).

Archive bit 0 = Off (the archive bit is NOT set).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Data striping

A

Data striping is the technique of segmenting logically sequential data, such as a file, in a way that access of sequential segments are made to different physical storage devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Different RAID levels

A

RAID 1 - Mirroring
RAID 3 - Byte level parity
RAID 4 - Block level parity
RAID 5 - Interleave parity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISSP Sybex Study Guide (22 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions