Compliance and Operational Security Flashcards
EF
Exposure Factor
% of loss experienced by a realized risk
SLE (formula)
Single Loss Expectancy
AV x EF
ARO
Annualized Rate of Occurrence
Frequency of occurrence per year
ALE (formula)
Annualized Loss Expectancy
Max amount that should be spent on the countermeasure
SLE x ARO
AV
Asset Value
Risk Avoidance
If it’s too expensive or risky don’t do it.
Risk Transference
Giving risk to someone else to do.
Eg. Contracting electricity out.
Risk Acceptance
Cost of countermeasure outweighs the loss.
Change Management
Documenting CHANGES in the system.
Steps to Incident Response (6)
Preparation Identification (Detection) Containment Eradication Recovery Follow-up/Document
BCP
Business Continuity Plan
DRP
Disaster Recovery Plan
BIA (5 steps)
Business Impact Analysis
Full Backup
Backs up everything
Changes archive bit
Incremental Backup
Backs up things changed since last backup of any kind.
Changes archive bit
Fastest
Differential Backup
Backs up things changed since last FULL backup.
Does NOT change archive bit
Copy
Backs up everything
Does NOT change archive bit
Grandfather, Father, Son
Monthly, Weekly, Daily
RTO
Recovery Time Objective
RAID 0
Highest Performance
No Redundancy
Info distributed across drives
RAID 3
Dedicated Parity Drive
Info distributed across drives, dedicated parity on a different drive
RAID 5
Distributed Parity Drive
Info distributed with parity across drives
RAID 1
Mirroring: Exact copy
RAID 0+1
Original and Copy of distributed data