D P1-3 Flashcards

1
Q

Risk Management Terms

A. Risk tolerance
B. Risk transfer
C. Risk register
D. Risk analysis

A

Risk Tolerance: The level of risk an organization is willing to accept.

Risk Transfer: Shifting risk to another entity, such as through insurance.

Risk Register: A documented record of identified risks, their impact, and management strategies.

Risk Analysis: The process of assessing potential risks and their impact.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Plans and Procedures

A. Disaster recovery plan
B. Incident response procedure
C. Business continuity plan
D. Change management procedure

A

Disaster Recovery Plan (DRP): A documented process for recovering IT systems after a disruption.

Incident Response Procedure: Steps to handle and mitigate a security breach or event.

Business Continuity Plan (BCP): Strategies to ensure critical business functions continue during a disruption.

Change Management Procedure: A structured approach to managing changes in systems or processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Security Practices

A. Hardening
B. Employee monitoring
C. Configuration enforcement
D. Least privilege

A

Hardening: Strengthening systems to reduce vulnerabilities.

Employee Monitoring: Supervising employee activities to ensure compliance with policies.

Configuration Enforcement: Ensuring systems maintain approved configurations.

Least Privilege: Providing the minimum access necessary for a task.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Control Types

A. Detective
B. Compensating
C. Corrective
D. Preventive

A

Detective: Identifies and alerts on incidents (e.g., IDS).

Compensating: Alternative measures when primary controls aren’t possible.

Corrective: Mitigates and restores after an incident (e.g., backup restoration).

Preventive: Stops incidents before they occur (e.g., firewalls).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Encryption Types

A. Partition
B. Asymmetric
C. Full disk
D. Database

A

Partition: Dividing storage space for better management or security.

Asymmetric: Encryption using a pair of public and private keys.

Full Disk: Encrypting the entire disk to secure stored data.

Database: Encrypting data stored within a database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Risk Responses

A. Accept
B. Transfer
C. Mitigate
D. Avoid

A

Accept: Acknowledging and choosing not to act on a risk.

Transfer: Delegating risk to a third party.

Mitigate: Reducing the likelihood or impact of a risk.

Avoid: Eliminating the risk entirely.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Investigation Techniques

A. Digital forensics
B. E-discovery
C. Incident response
D. Threat hunting

A

Digital Forensics: Analyzing digital evidence after an incident.

E-discovery: Retrieving electronic information for legal purposes.

Incident Response: Actions taken to manage and resolve security incidents.

Threat Hunting: Proactively searching for threats in an environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Security Domains

A. Application
B. IPS/IDS
C. Network
D. Endpoint

A

Application: Focused on software security.

IPS/IDS: Intrusion Prevention/Detection Systems for monitoring and controlling network traffic.

Network: Securing network infrastructure and traffic.

Endpoint: Protecting individual devices like laptops or mobile phones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Perimeter Security

A. Implementing a bastion host
B. Deploying a perimeter network
C. Installing a WAF
D. Utilizing single sign-on

A

Implementing a Bastion Host: Setting up a highly secure and exposed host.

Deploying a Perimeter Network: Creating a DMZ to separate internal networks from external threats.

Installing a WAF: Using a Web Application Firewall to protect against web attacks.

Utilizing Single Sign-On: Centralizing user authentication for multiple systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Specialized Servers

A. RDP server
B. Jump server
C. Proxy server
D. Hypervisor

A

RDP Server: Provides remote desktop access.

Jump Server: A secure server used as an intermediary for accessing critical systems.

Proxy Server: Mediates requests between clients and servers to enhance security or performance.

Hypervisor: Manages virtual machines on a host system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Security Concepts

A. Secured zones
B. Subject role
C. Adaptive identity
D. Threat scope reduction

A

Secured Zones: Areas with different levels of access control.

Subject Role: The role or identity of an entity in a system.

Adaptive Identity: Dynamic authentication based on user behavior or context.

Threat Scope Reduction: Limiting the potential impact of threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Credential Attacks

A. Password spraying
B. Account forgery
C. Pass-the-hash
D. Brute-force

A

Password Spraying: Testing common passwords across many accounts.

Account Forgery: Creating or using fake credentials to impersonate a user.

Pass-the-Hash: Using hashed credentials to authenticate without decrypting them.

Brute-Force: Trying all possible combinations to crack passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly