Chapter 18: Network Operations

Question 1

A ____ is a written document that defines how an organization will protect its IT infrastructure and includes acceptable use policies, network access policies, mobile deployment models, onboarding and offboarding policies, and externally imposed policies.

Answer 1

security policy

Question 2

A/An ____ defines what is and what is not acceptable to do on an organization’s computing devices.

Answer 2

AUP or Acceptable Use Policy

Question 3

The ____ defines who may access the network, how they may access the network, and what they can access.

Answer 3

network access policy

Question 4

A/An ____ mobile deployment model lets employees use their existing portable devices at work.

Answer 4

BYOD or Bring Your Own Device

Question 5

In a/an ____ deployment model, the corporation owns all the mobile devices and issues them to employees. The corporation is solely responsible for the maintenance of the devices, the applications, and the data. Nothing but company approved software is used on the issued mobile devices.

Answer 5

COBO or Corporate Owned, Business Only

Question 6

In a/an ____ deployment model, the organization issues mobile devices and employees are presented with a whitelist of pre-approved applications that they may install.

Answer 6

COPE or Corporate Owned, Personally Enabled

Question 7

An organization offering ____ options provides employees free choice within a catalog of mobile devices. The organization retains complete control and ownership over the mobile devices, although the employees can install their own apps on the mobile devices.

Answer 7

CYOD or Choose Your Own Device

Question 8

____ is the process of confirming that mobile devices leaving the control of the organization do not store any proprietary applications or data.

Answer 8

Offboarding

Question 9

____ is the process of verifying that new mobile devices appearing in the organization’s infrastructure are secure and safe to use within the organization.

Answer 9

Onboarding

Question 10

The process of creating change in your infrastructure in an organized, controlled, and safe way is called ____.

Answer 10

change management

Question 11

A/An ____ is a document between a customer and a service provider that defines the scope, quality, and terms of service to be provided. ____ requirements are a common part of business continuity and disaster recovery.

Answer 11

SLA or Service Level Agreement
SLA

Question 12

A/An ____ is a document that defines an agreement between two parties in situations where a legal contract wouldn’t be appropriate. It defines the duties the parties commit to perform for each other and a time frame for the ____.

Answer 12

MOU or Memorandum Of Understanding
MOU

Question 13

A/An ____ is a legal contract between a vendor and a customer that defines the services and products the vendor agrees to supply and the time frames in which to supply them.

Answer 13

SOW or Statement Of Work

Question 14

A/An ____ is a legal document that prohibits the signer from disclosing any company secrets learned as part of his or her job.

Answer 14

NDA or Nondisclosure Agreement

Question 15

A/An ____ is a person, organization, or even a nation state that has both the capability and intent to harm, steal, copy, or otherwise diminish an asset.

Answer 15

threat actor

Question 16

A/An ____ will inspect a huge number of potential vulnerabilities and create a report for an organization to then act upon.

Answer 16

vulnerability scanner

Question 17

A/An ____ covers all the various threats and risks to which a company is exposed and includes the cost of negative events in both money and time.

Answer 17

posture assessment

Question 18

A/An ____ codifies and ranks essential processes, then examines the likelihood of weakness in the process.

Answer 18

process assessment

Question 19

A/An ____ examines all aspects of a third party’s security controls, processes, procurement, labor policies, and more to see what risks that third party poses to the organization.

Answer 19

vendor risk assessment

Question 20

Incidents that take place within the organization that can be stopped, contained, and remedied without outside resources are handled by ____ planning.

Answer 20

incident response

Question 21

If an incident can no longer be contained, causing significant damage or danger to the immediate infrastructure, it is covered under ____.

Answer 21

disaster recovery

Question 22

If the disaster requires actions offsite from the primary infrastructure, it is under the jurisdiction of ____.

Answer 22

business continuity

Question 23

A/An ____ sets an upper limit to how much lost data the organization can tolerate if it must restore from a backup, effectively dictating how frequently backups must be taken.

Answer 23

RPO or Recovery Point Objective

Question 24

The ____ sets an upper limit to how long the organization can tolerate an outage before full functionality must be restored.

Answer 24

RTO or Recovery Time Objective

Question 25

The ____ factor, which typically applies to hardware components, represents the manufacturer's best guess regarding how much time will pass between major failures of that component.

Answer 25

MTBF or Mean Time Between Failures

Question 26

The ____ factor indicates the length of time a device is expected to last in operation before a single definitive failure will occur and will require that the device be replaced rather than repaired.

Answer 26

MTTF or Mean Time To Failure

Question 27

The ____ is the amount of time it takes to fix a system after it fails.

Answer 27

MTTR or Mean Time To Repair

Question 28

A/An ____ details risks to critical systems, cost to replace or repair such systems, and how to make those replacements or repairs happen in a timely fashion.

Answer 28

BCP or Business Continuity Plan

Question 29

A/An ____ is a location that consists of a building, facilities, desks, toilets, parking - everything that a business needs except computers. It generally takes more than a few days to bring it online.

Answer 29

cold site

Question 30

A/An ____ starts with the same components as a cold site, but adds computers loaded with software and functioning servers, a complete hardware infrastructure, that lacks current data and may not have functioning Internet/network links. It should only take a day or two to bring it online.

Answer 30

warm site

Question 31

A/An ____ has everything a warm site does, but also includes very recent backups and might need just a little data restored from a backup to be current. In many cases it is a complete duplicate of the primary site and should only take a few hours to bring online.

Answer 31

hot site

Question 32

With a/an ____, everything of note is stored in the cloud, including servers, client machine images, applications, and data. If some disaster hits, an organization can quickly move to a new location unaffected by the disaster and access its resources as soon as it has Internet connectivity.

Answer 32

cloud site

Question 33

____ is identifying people who can take over certain positions (usually on a temporary basis) in case the people holding those critical positions are incapacitated or lost in an incident or disaster.

Answer 33

Succession planning

Question 34

____ is the science of gathering, examining, analyzing, preserving, and presenting evidence stored on a computer or any form of digital media that is presentable in a court of law.

Answer 34

Computer forensics

Question 35

In general, when you are in a situation where you are the first responder, you need to do the following three things:

Answer 35

1. Secure the area 2. Document the scene 3. Collect evidence

Question 36

____ is the paper trail of who has accessed or controlled a given piece of evidence from the time it is initially brought into custody until the incident is resolved.

Answer 36

Chain of custody

Question 37

A/An ____ is the process of an organization preserving and organizing data in anticipation of or in reaction to a pending legal issue.

Answer 37

legal hold

Question 38

Through what mechanism is a change to the IT structure initiated?

Answer 38

Users submit a change request to the change management team.

Question 39

The best way to know the vulnerabilities of an IT infrastructure is to run what?

Answer 39

A vulnerability scanner

Question 40

During and after a change to the IT infrastructure, what must be done?

Answer 40

The changes must be documented.

Question 41

What is the job of a first responder?

Answer 41

To react to the notification of a computer crime.

Question 42

When is a memorandum of understanding (MOU) used?

Answer 42

When a legal contract is not appropriate