Compliance & Operational Security Flashcards
What are things to consider if performing an major update?
Test Backup Time frame (downtime) Back-out plan Test & Monitor post change
How do you mitigate privilege creep?
User rights and permission levels based on least privelege
What is PII?
Personally Identifiable Information
What is DLP?
Data Loss Prevention
What information is stored in RAM?
Reigisters, Cache (i.e ARP,RAID,CPU) , Process Tables, System Information
What are computer mechanisms ranked by volatility?
RAM
SWAP file (retained only if gracefully shutdown)
HD
What is chain of custody?
Details regarding where the evidence was stored, who had access, integrity of evidence (hashes)
What does a first responder do at an incident?
Triage (decide priority of incident)
Investigation
Contain/Quarantine
What is Mandatory Access Control?
Data labeling and clearance levels for users
What process uses a magnet to erase a hard drive?
Degaussing
What is a compensating control measure?
An additional system to compensate for the incapability of another system
What is an administrative control measure?
Written security policy
Job rotation
Mandatory vacation
Auditing etc.
What is the first step in creating a BCP?
Business Impact Analysis
critical systems, assets and dependencies
What is a hot site?
Full redundant copy (including storage and networking) of a primary site
What is a warm site?
Equipment available without data replicated
