D P1-3 Flashcards
Risk Management Terms
A. Risk tolerance
B. Risk transfer
C. Risk register
D. Risk analysis
Risk Tolerance: The level of risk an organization is willing to accept.
Risk Transfer: Shifting risk to another entity, such as through insurance.
Risk Register: A documented record of identified risks, their impact, and management strategies.
Risk Analysis: The process of assessing potential risks and their impact.
Plans and Procedures
A. Disaster recovery plan
B. Incident response procedure
C. Business continuity plan
D. Change management procedure
Disaster Recovery Plan (DRP): A documented process for recovering IT systems after a disruption.
Incident Response Procedure: Steps to handle and mitigate a security breach or event.
Business Continuity Plan (BCP): Strategies to ensure critical business functions continue during a disruption.
Change Management Procedure: A structured approach to managing changes in systems or processes.
Security Practices
A. Hardening
B. Employee monitoring
C. Configuration enforcement
D. Least privilege
Hardening: Strengthening systems to reduce vulnerabilities.
Employee Monitoring: Supervising employee activities to ensure compliance with policies.
Configuration Enforcement: Ensuring systems maintain approved configurations.
Least Privilege: Providing the minimum access necessary for a task.
Control Types
A. Detective
B. Compensating
C. Corrective
D. Preventive
Detective: Identifies and alerts on incidents (e.g., IDS).
Compensating: Alternative measures when primary controls aren’t possible.
Corrective: Mitigates and restores after an incident (e.g., backup restoration).
Preventive: Stops incidents before they occur (e.g., firewalls).
Encryption Types
A. Partition
B. Asymmetric
C. Full disk
D. Database
Partition: Dividing storage space for better management or security.
Asymmetric: Encryption using a pair of public and private keys.
Full Disk: Encrypting the entire disk to secure stored data.
Database: Encrypting data stored within a database.
Risk Responses
A. Accept
B. Transfer
C. Mitigate
D. Avoid
Accept: Acknowledging and choosing not to act on a risk.
Transfer: Delegating risk to a third party.
Mitigate: Reducing the likelihood or impact of a risk.
Avoid: Eliminating the risk entirely.
Investigation Techniques
A. Digital forensics
B. E-discovery
C. Incident response
D. Threat hunting
Digital Forensics: Analyzing digital evidence after an incident.
E-discovery: Retrieving electronic information for legal purposes.
Incident Response: Actions taken to manage and resolve security incidents.
Threat Hunting: Proactively searching for threats in an environment.
Security Domains
A. Application
B. IPS/IDS
C. Network
D. Endpoint
Application: Focused on software security.
IPS/IDS: Intrusion Prevention/Detection Systems for monitoring and controlling network traffic.
Network: Securing network infrastructure and traffic.
Endpoint: Protecting individual devices like laptops or mobile phones.
Perimeter Security
A. Implementing a bastion host
B. Deploying a perimeter network
C. Installing a WAF
D. Utilizing single sign-on
Implementing a Bastion Host: Setting up a highly secure and exposed host.
Deploying a Perimeter Network: Creating a DMZ to separate internal networks from external threats.
Installing a WAF: Using a Web Application Firewall to protect against web attacks.
Utilizing Single Sign-On: Centralizing user authentication for multiple systems.
Specialized Servers
A. RDP server
B. Jump server
C. Proxy server
D. Hypervisor
RDP Server: Provides remote desktop access.
Jump Server: A secure server used as an intermediary for accessing critical systems.
Proxy Server: Mediates requests between clients and servers to enhance security or performance.
Hypervisor: Manages virtual machines on a host system.
Security Concepts
A. Secured zones
B. Subject role
C. Adaptive identity
D. Threat scope reduction
Secured Zones: Areas with different levels of access control.
Subject Role: The role or identity of an entity in a system.
Adaptive Identity: Dynamic authentication based on user behavior or context.
Threat Scope Reduction: Limiting the potential impact of threats.
Credential Attacks
A. Password spraying
B. Account forgery
C. Pass-the-hash
D. Brute-force
Password Spraying: Testing common passwords across many accounts.
Account Forgery: Creating or using fake credentials to impersonate a user.
Pass-the-Hash: Using hashed credentials to authenticate without decrypting them.
Brute-Force: Trying all possible combinations to crack passwords.
