Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CyberSecurity > Chapter 16 Managing Security Operations > Flashcards

Chapter 16 Managing Security Operations Flashcards

1
Q

What policy creates a checks-and-balances system where two or more users verify each other’s actions and must work in concert to accomplish necessary work

A

separation of duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What policy grant specific processes only the privileges necessary to perform certain
functions,

A

Separation of privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What policy applies to all public companies that have registered equity or debt securities with the Securities and Exchange Commission (SEC) ?

A

Sarbanes-Oxley Act of 2002 (SOX)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The goal of Sarbanes-Oxley Act of 2002 (SOX) is :

a) Separation of privilege
b) Segregation of duties
c) Separation of duties

A

Segregation of Duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is The need to know principle ?

A

The need to know principle imposes the requirement to grant users access only to data or
resources they need to perform assigned work tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is aggregation ?

A

aggregation refers to the amount of privileges

that users collect over time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the goal of Segregation of duties ?

A

to ensure that individuals do not have

excessive system access that may result in a confl ict of interest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What policy states that personnel responsible for auditing, monitoring, and reviewing security do not have other operational duties related to what they are auditing, monitoring, and reviewing.

A

segregation of duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

________ ensures that no single person

has sufficient privileges to compromise the security of the environment.

A

Split knowledge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does the control plane do ?

A

The control plane uses protocols to decide where to send traffic,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does the data plane do ?

A

data plane includes rules that decide whether traffi c will be forwarded.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The _______ manages the VMs, virtual data storage, and virtual network components.

A

hypervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

On-demand access to computing resources available from almost anywhere is called what ?

A

Cloud computing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What models provide fully functional applications typically accessible via a web browser ?

a) Platform as a Service (PaaS)
b) Infrastructure as a Service (IaaS)
c) Software as a Service (SaaS)

A

Software as a Service (SaaS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

CSP provide consumers with hardware, an operating system, and applications.

a) Platform as a Service (PaaS)
b) Infrastructure as a Service (IaaS)
c) Software as a Service (SaaS)

A

Platform as a Service (PaaS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

CSP provides servers, storage, and in some cases, networking resources. Consumers install operating systems and applications and perform all required maintenance on the operating systems and applications.

a) Platform as a Service (PaaS)
b) Infrastructure as a Service (IaaS)
c) Software as a Service (SaaS)

A

Infrastructure as a Service (IaaS)

17
Q

In what cloud service do consumers not manage or control any of the cloud-based assets ?

A

Software as a Service (SaaS)

18
Q

In what cloud service do consumers manage their applications and possibly some configuration settings on the host ?

A

Platform as a Service (PaaS)

19
Q

In what cloud service do consumers install operating systems and applications and perform all required maintenance on the operating systems and applications ?

A

Infrastructure as a Service (IaaS)

20
Q

Which cloud model provides cloud-based assets to two or more organizations ?

A

community cloud deployment model

21
Q

In which cloud model do organizations create and host private clouds using their own resources and is responsible for all maintenance ?

A

private cloud deployment model

22
Q

Which cloud model includes assets available for any consumers to rent or lease and is hosted by an external CSP ?

A

public cloud model

23
Q

What is the primary risks from USB flash drives ?

A

malware infections and data theft.

24
Q

What are the tasks within a change management process ?

A
  1. Request the change.
  2. Review the change.
  3. Approve/reject the change.
  4. Schedule and implement the change.
  5. Document the change.

CyberSecurity (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions