Domain 1 set 1 Flashcards

1
Q

Electronic Discovery Reference Model

A

EDRM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

gives specifies to policy’s?

A

Standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Who creates and manage sensitive Data

A

Data Controllers

AKA: HR Personal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What policy assigns responsibility

A

Organizational security Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Errors in Data Entry is what part of the CIA

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SLE X ARO =?

A

ALE Annual loss Expectancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Who actually store and process Data?

A

Data Custodians

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Who is responsible for approval of disclosure Request?

A

Data owners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

organizations goals in mind standard?

A

COSO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An policy that covers Email use, privacy and employee personal use issues?

A

Issue Specific Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What sets the direction thru prioritization?

A

Governance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the 7 steps to implement a Classification Scheme?

A
  1. Identity Custodian
  2. Specify Evaluation Criteria
  3. Classify and Label each Resource
  4. Document Exceptions
  5. Select Security Controls
  6. Specify declassification Procedures
  7. create Awareness Program
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

BIA

A

Business Impact Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the 3 Data states?

A
  1. At Rest
  2. in motion
  3. In Use
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Operationally Critical Threat Asset and Vulnerability Evaluation

A

OCTAVE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

BCP

A

Business Continuity Planning

17
Q

Ricks are?

A

The Combination of a Vulnerability and a corresponding threat.

18
Q

ITADA

A

Identity Theft and Assumption Deterrence Act

19
Q

The Key items in privacy protection for DATA Processors are?

A

Training and Auditing

20
Q

Governance

A

Ensures that the state holders needs conditions and options are evaluated.

21
Q

How long is the Tactical plan made for?

A

1 year

22
Q

A Risk Methodologies that focuses on IT Systems not the Organizational Strategy

A

NIST SP 800-30

23
Q

A Risk assessment that use Qualitative analysis to calculate An Risk value

A

FRAP?

24
Q

BCP / DRP Address what part of the CIA?

A

Availability

25
Q

A system meets the requirements of the Data Owner is called?

A

Certification

26
Q

MitM stands for?

A

Man - in- the - middle

27
Q

Instance of a compromise

A

Exploit

28
Q

Total Risk X Controls Gap = ?

A

Residual Risk

29
Q

What are the 4 codes of Ethics?

A
  1. Protect the Society, commonwealth and infrastructure
  2. Act Honorably
  3. Provide Diligent and competent Service
  4. Advance and protect
30
Q

System specific policy

A

Is Geared towards use of networks, systems, and approved software lists

31
Q

Import Restrictions

A

US Safe Harbor Laws

The cypto key need to be provided to law enforcement

32
Q

The specific methods that threats use to exploit a vulnerability

A

Threat Vectors

33
Q

The HIPAA Update

A

HITECH Act