Domain 2 Flashcards
Disclosure of this type of material can cause exceptionally grave damage to national security
top secret
Disclosures of this type of material can cause serious damage to national security
secret
Disclosure of this material can cause damage to national security
confidential
Is read only memory (ROM) nonvolatile?
yes
___ memory is the fastest system memory
cached
The fastest portion of the CPU cache is the ___ file
register
it contains multiple registers
The second fastest form of cache memory is ____
level 1 cache, located on the CPU itself
_____ cache is connected to the outside of the CPU
Level 2
BIOS is stored on ROM or RAM?
ROM
Fast expensive memory that uses small latches called ‘flip flops’ to store bits
SRAM (static RAM)
Stores bits in small capacitors like small batteries and is slow and cheaper than SRAM
DRAM (dynamic RAM)
DRAM or SRAM does not require refreshing and maintains integrity as long as power is supplied?
DRAM
____ can be written once, typically at factor
PROM (programmable read only memory)
____ and ____ may be ‘flashed’ or erased and written multiple times
EPROM and EEPROM
This device is programmed after it leaves the factory
PLD (programmable logic device)
Flash memory is a type of ___. The difference between ___ is that any byte of EEPROM may be written while flash drives are written by large sectors
EEPROM
A ____ is a combination of flash memory (EEPROM) and DRAM
SSD
True of False
Degaussing data on a SSD has no effect
True
This command improves garbage collection by marking data as ‘invalid’. It helps improve performance
TRIM
The two options for destroying data on a SSD is:
ATA Secure Erase and destruction. Destruction is the best for SSDs that are physically damaged
True or False
Destroying objects is more secure than overwriting them
True
A data owner’s acceptance of a system certification and residual risk
accreditation
A RMF from Carnegie Mellon that describes a 3 phase process for managing risk.
phase 1: identifies staff knowledge, assets, and threats
phase 2: identifies vulnerabilities and evaluates safeguards
phase 3: conducts the risk analysis and develops the risk mitigation strategy
OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation)
A RMF from Carnegie Mellon that describes a 3 phase process for managing risk.
phase 1: identifies staff knowledge, assets, and threats
phase 2: identifies vulnerabilities and evaluates safeguards
phase 3: conducts the risk analysis and develops the risk mitigation strategy
OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation)
A control framework for employing information security governance best practices within an organization
COBIT
A framework for providing best practices within an organization
ITIL (Information Technology Infrastructure Library)
Process of determining which portions of a standard will be employed by an organization
scoping
The process of customizing a standard for an organization
tailoring
True of False?
End to end encryption provides anoynomity
False
True or False
Link encryption is weak because data is unencrypted at each node
True
state or condition of being free from being observed or disturbed by other people
privacy
Cycle that data goes through from creation to destruction
information lifecycle
Information lifecycle stages
Creation
Store
Use
Share
Archive
Destroy
