Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ SYO-501 > Chapter 9 > Flashcards

Chapter 9 Flashcards

1
Q

Defense in Depth

A

The use of multiple layers of security to protect resources

Control diversity and vendor diversity are two methods organizations implement to provide defense in depth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Control Diversity

A

The use of different security control types, such as technical controls, administrative controls, and physical controls

Compare with Vendor Diversity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Vendor Diversity

A

The practice of implementing security controls from different vendors to increase security

Compare with control diversity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Perimeter

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Buildings

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Secure Work Areas

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Server and Network Rooms

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Hardware

A

Filler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Airgap

A

A physical security control that provides physical isolation

Systems separated by an airgap don’t typically have any physical connections to other systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Proximity Cards

A

Small credit card-sized cards that activate when they are in close proximity to a card reader

They are often used by authorized personnel to open doors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Tailgating

A

A social engineering attack where one person follows behind another person without using credentials

Mantraps help prevent tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Mantrap

A

A physical security mechanism designed to control access to a secure area

A mantrap prevents tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Bollards

A

Short vertical posts that act as a barricade

Bollards block vehicles but not people

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Hot and Cold Aisles

A

A method commonly used in data centers to keep equipment cool

Cool air flows from the front of the cabinets to the back, making the front aisle cooler and the back aisle warmer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Faraday Cage

A

A room or enclosure that prevents signals from emanating beyond the room or enclosure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Redundancy

A

The process of adding duplication to critical system components and networks to provide fault tolerance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Fault Tolerance

A

The capability of a system to suffer a fault, but continue to operate

Said another way, the system can tolerate the fault as if it never occured

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Single point failure

A

A component within a system that can cause the entire system to fail if the component fails

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Disk

A

Filler

20
Q

Server

A

Filler

21
Q

Power

A

Filler

22
Q

RAID

A

Redundant array of inexpensive disks

Multiple disks added together to increase performance or provide protection against faults

Common types include RAID-1, RAID-5, RAID-6, RAID-10

23
Q

High Availability

A

A term that indicates a system or component remains available close to 100 percent of the time

24
Q

Load Balancer

A

Hardware or software that balances the load between two or more servers

Scheduling methods include source address IP affinity and round-robin

25
Q

Round-Robin

A

A scheduling method used with load balancers

It redirects each client request to servers in a predetermined order

26
Q

Affinity

A

A scheduling method used with load balancers

It uses the client’s IP address to ensure the client is redirected to the same server during a session

27
Q

Full Backup

A

A type of backup that backs up all the selected data

A full backup could be considered a normal backup

28
Q

Differential Backup

A

A type of backup that backs up all the data that has changed or is different since the last full backup

29
Q

Incremental Backup

A

A type of backup that backs up all the data that has changed since the last full or incremental backup

30
Q

Snapshots

A

A copy of a virtual machine (VM) at a moment in time

If you later have problems with the VM, you can revert it to the state it was in when you took the snapshots

Some backup programs also use snapshots to create a copy of data at a moment in time

31
Q

Full Backup

A

A type of backup that backs up all the selected data

A full backup could be considered a normal backup

32
Q

Time

A

Filler

33
Q

Money

A

Filler

34
Q

BIA

A

Business Impact Analysis is a process that helps an organization identify critical systems and components that are essential to the organization’s success

35
Q

Privacy Threshold Assessment

A

An assessment used to help identify if a system is processing PII

Compare with privacy impact assessment

36
Q

Privacy Impact Assessment

A

An assessment used to identify and reduce risks related to potential loss of PII

Compare with Privacy Threshold Assessment

37
Q

RTO

A

Recovery time objective is the maximum amount of time it should take to restore a system after an outage

It is derived from the maximum allowable outage time identified in the BIA

38
Q

RPO

A

Recovery point objective is a term that refers to the amount of data you can afford to lose by identifying a point in time where data loss is acceptable

It is often identified in BIA

39
Q

MTBF

A

Mean time between failures is a metric that provides a measure of a system’s reliability and is usually represented in hours

The MTBF identifies the average time between failures

40
Q

MTTR

A

Mean time to recover is a metric that identifies the average time it takes to restore a failed system

Organizations that have maintenance contracts often specify the MTTR as part of the contract

41
Q

Continuity of Operations Planning

A

The planning process that identifies an alternate location for operations after a critical outage

It can include a hot site, cold site, or warm site

42
Q

Recovery Site

A

An alternate location for business functions after a major disaster

43
Q

Hot Site

A

An alternate location for operations

A hot site typically includes everything needed to be operational within 60 minutes

Compare with cold site and warm site

44
Q

Cold Site

A

An alternate location for operations

A cold site will have power and connectivity needed for activation, but little else

Compare with hot site and warm site

45
Q

Warm Site

A

An alternate location for operations

A compromise between an expensive hot site and a cold site

Compare with Cold Site and Hot Site

46
Q

Tabletop Excersize

A

A discussion-based exercise where participants talk through an event while sitting at a table or in a conference room

It is often used to test business continuity plans

Security+ SYO-501 (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions