Domain 2: Compliance and Operational Security Flashcards
Managing Risk
Acceptance, Transference, Avoidance, Deterrence, Mitigation
Security Controls
Technical, Management, Operational
Security Measures
Detective, Preventative, Compensating, Corrective
Confidentiality
Threats: Eavesdropping, system compromise and access
Defense: cryptosystems, access controls
Integrity
Threats: spoofing, system compromise and access
Defense: digital signatures and hashing
Availability
Threats: denial of service
Defense: redundancy, fault tolerance, and patching
CIA triad +1
confidentiality, integrity, availability, safety
Incident Response Steps
PICERL: prepare, identify, contain, eradicate, recover,
lessons learned and follow up
OOV
order of volatility
SPF
single point of failure
BIA
business impact analysis
DRP
disaster recovery plan
MTTR
mean time to recovery - average time to recover asset - key in DRP and COO
MTBF
mean time between failures - average time between critical failures
RTO
recovery time objective - minimum recovery time
RPO
recovery point objective - minimum amount of data restored
COO
continuity of operations - prep for ongoing operations
BCP
business continuity plan
SaaS
software as a service - e.g. application in the cloud
PaaS
platform as a service: e.g. plain operating system as a service
IaaS
infrastructure as a service - e.g. date center in the cloud
ISA
interconnection service agreement
MOU
memorandum of understanding,
SLA
service level agreement
BPA
business partnership agreement
ARO
annualized rate of occurance
SLE
single loss expectancy. SLE = AV x EF (SLEAVE + F)
ALE
annual loss expectancy. SLE x ARO
AV
asset value
EF
exposure factor
ADS
alternate data streams (hiding files)
AUP
acceptable use policy
Backup Types
- full
- copy
- incremental
- differential
Full Backup
full system back up. slowest to backup, fastest to restore
Copy Backup
disk image
Incremental Backup
goes back to last incremental or full back up. fastest to back up, slowest to restore
Differential Backup
goes to last full backup only
