Domain 2 Flashcards

1
Q

__ is for industries where we are constantly in litigation, no one can say any info was modified or changed because it is not possible with this technology.

A

WORM (Write Once Read Many)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

__ is volatile memory.

A

RAM (Random Access Memory): real/primary memory, volatile memory e.g. data lost when power is lost
DRAM (dynamic, dumb/slow): cheap which means its slow and you have a lot of it; needs to be constantly refreshed
SRAM (static, speed): expensive which means

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A __ creates/manages info e.g. salary data managed by HR dept, and is ultimately responsible even if the __ (internal/external entity accessing the data e.g. outsourced payroll company) gets breached.

A

Data controller, data processor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Customizing a standard for an organization, beginning with scoping, and then adding compensating controls and parameters (security configuration settings).

A

Tailoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data classification process

A
  1. Identify who’s in charge (Identify administrator/custodian)
  2. Criteria for classification (Specify criteria for how information will be classified and labelled)
  3. Classify the data with approval by the supervisor (Classify the data by its owner who is subject to review by a supervisor)
  4. Document exceptions (Specify and document exceptions to the classification policy)
  5. Determine controls (Specify controls that will be applied to each classification level)
  6. Determine declassification (Specify the termination procedures for declassifying the information or for transferring custody of the information to another entity)
  7. Make people aware of the classification process (Create an enterprise awareness program about the classification controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Degaussing and sector-by-sector overwrite are good for __ media.

A

Magnetic media e.g. HDD
-degaussing (changing magnetic field on device destroys data)
-sector-by-sector overwrite
-physical destruction
EEPROMs e.g. Flash drives/SSDs
-use ATA Secure Erase (all blocks in physical address space completely erased)
-physical destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe FIPS 199 levels of impact for CIA

A

limited adverse effect=low impact
serious adverse effect=moderate impact
severe or catastrophic=high impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe options for securely erasing drives

A

Magnetic media e.g. HDD
-degaussing (changing magnetic field on device destroys data)
-sector-by-sector overwrite
-physical destruction
EEPROMs e.g. Flash drives/SSDs
-use ATA Secure Erase (all blocks in physical address space completely erased)
-physical destruction (more expensive but more secure)
-NOT effective on EEPROMs: sector-by-sector overwrites can miss data (since writes randomly), degaussing (since not magnetic)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe the house analogy in terms of who owns and manages the data

A
Data owner (CEO, board): designs the house, makes the high-level strategic decisions, ultimately responsible
System owner: designs the HVAC/electrical subsystem in the house; plans design/updates, supports system processes; delegated a portion of the design but ultimately the data owner can still overrule
Business owner: focuses on security priorities to support the mission
Custodian (DBA, engineer): builds the house; very tactical, does all activities that need to be performed on behalf of owner, hardening/locking down, changing network
User: lives in the house; running application to perform function, analyzes info
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How can an EEPROM device be securely erased?

A

Magnetic media e.g. HDD
-degaussing (changing magnetic field on device destroys data)
-sector-by-sector overwrite
-physical destruction
EEPROMs e.g. Flash drives/SSDs
-use ATA Secure Erase (all blocks in physical address space completely erased)
-physical destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Process that involves determining applicable portions of a standard that will be followed.

A

Scoping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The __ describes SBU data where the impact for CIA is:
limited adverse effect=low impact
serious adverse effect=moderate impact
severe or catastrophic=high impact

A

FIPS (Federal Information Processing Standards Publication) 199
SBU (Sensitive but Unclassified)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The __ manages/monitors protocols and specifications of the Internet. They specify requirements via RFCs which must be followed by everyone e.g. TCP/IP protocols.

A

IETF (Internet Engineering Task Force)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The __ says that at least 85% of targeted cyber intrusions could be prevented by top 4 mitigation strategies:

  • application whitelisting
  • patch applications
  • patch OS vulnerabilities
  • restrict admin priveleges and applications based on duties
A

ASD (Australian Signals Directorate)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Types of primary memory

A

RAM (Random Access Memory): real/primary memory, volatile memory e.g. data lost when power is lost
DRAM (dynamic, dumb/slow): cheap which means its slow and you have a lot of it; needs to be constantly refreshed
SRAM (static, speed): expensive which means its faster and you have less of it; SRAM is cache
Good to be familiar with “Computer Architecture (Map of Targets) - Drawing 3C” but basically just need to know and be able to draw out “Memory diagram - Drawing 2A”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Types of ROM

A

ROM (Read only memory): non-volatile
PROM (Programmable): modifiable once e.g. firmware
EPROM (Erasable & Programmable): not the norm
EEPROM (Electrically Erasable): flash memory, can be written e.g. USB flash drives, SSDs, BIOS chips so can be upgraded
PLD (Programmable Logic Devices): integrated circuit that can be modified programmatically, general technology for all EPROM

17
Q

Types of secondary memory

A

Slower memory e.g. magnetic disks (HDD)

18
Q

Types of sequential memory

A

Sequentially searching from beginning rather than directly accessing location e.g. tape, advantage is they are very cheap

19
Q

What are valid ways to distribute classified data?

A

Valid Freedom of Information Act request, Non-Disclosure Agreements, Government contracts, court ordering you to distribute the data
NOT a valid way: age of data (that’s just not possible; this is declassifying data, not distributing)

20
Q

What does ISO stand for?
What does ISO 27001 and 27002 focus on.
Which one replaced ISO 17799?

A

International Organization for Standardization
ISO 27001: focuses on auditing (verifying that you’re doing what you say you’re doing)
ISO 27002: focuses on best practices, formalized process of setting up ISMS (InfoSec Mgmt System)
27002 is replacement for ISO 17799

21
Q

Which role is responsible for computer hardware and software design plans and updates and also ensures that proper training is in place?

A

System owners

22
Q

Which role sets the information security priorities to support the mission of the organization?

A

Business owner

23
Q

Which term describes writing data to an EEPROM?

A

Flashing

24
Q

The __ documents computer security best practices. Their 800 series publications cover which general areas of security?

A

United States NIST (National Insitute of Standards & Technology). NIST Special Publications (800 series) include NIST 800-37 Risk Mgmt, NIST 800-53A Recommended Security Controls, NIST 800-34 Contingency Planning, NIST 800-115 Security Testing & Assessment

25
Q

Federal Information Processing (FIPS) Standards Publication 199 describes what type of data?

A

SBU (Sensitive but Unclassified)