Domain 4 - IS Operations & Business Resilience Flashcards
RFID (radio frequency identification)
Uses radio waves to locate tagged assets within a limited radius
A tag includes:
A microchip and an antenna
6 activities needed to develop a risk management program
- Identify assets
- Identity threats and vulnerabilities
- Impact analysis
- Risk prioritization
- Control evaluation
- Implementation of appropriate controls
Availability reports
Indicates time period the computer is operating & available for use ; helps determine downtime
Hardware error reports
Identifies system failures & initiates corrective action
Asset management reports
Inventory of assets/network-connected equipment
Utilization reports
Determines level of use of systems; used to predict resource requirements
System downtime report
Indicates effectiveness of preventative maintenance programs (high downtime= program not effective)
When should preventative maintenance/maintenance functions be performed ?
During non-peak times
Source code ; object code
Readable by humans ; computers
- controlled best by date&time stamping
Job schedule
Program used to run various processes automatically; also automates tape backups and other maintenance
-reduced probability of error
EUCs (end user computing)
System where non programmers can create their own applications;
not subject to testing;
documented policy should be available to address risks
OS (operating system) architecture
- Base = computer hardware
- Nucleus = basic functions; restricted
- System software = process’s that support users
Free software (3)
Open source - can be listed, modified, or redistributed as required
Freeware - free but source code cannot be redistributed
Shareware - free for trial period with limited functions
How to determine unauthorized software
Using automated tool - scan entire network to capture list of installed software and compare to approved software list
Registry
System settings and parameters set in configuration files
Best method to determine control function within OS
Review of parameters setting
Which report optimizes configuration of a server ?
Server utilization reports
Hardware maintenance schedules should be validated against
Vendor provided specifications
What is a critical/key component in network management?
Change/configuration management
Objective of library control software
Provide assurance that program changes are authorized
Capacity management
The planning & monitoring of computing/network resources to ensure that the available resources are used efficiently and effectively
Problem management
To prevent reoccurrence of an incident by identifying root cause and taking action
Problem management steps (5)
- Report the exception
- Investigate
- In-depth analysis
- Root cause analysis
- Address issues identified
Incident management
Return to normal state as quickly as possible
Response time reports
Network management tool - identifies time taken by system to process an IT query by user
Downtime reports
Network management tool - tracks availability telecommunication lines and circuits
Online monitors
Network management tools - checks data transmission accuracy and errors
Network protocol analyzers
Used to monitor packets flowing along a network
Simple network management protocol (SNMP)
Monitors and controls variables throughout the network, manages configuration, and collects statistics on performance & security
Change management steps (4)
- Approval
- Testing
- Scheduling
- Rollback arrangements
Code signing
Provides assurance that software code has not been modified after sign off
What is a key component of network management
Configuration management
Patch
Code changes
Impact analysis should be tested/conducted before installation of patch
Objective of library control software
Unauthorized changes/access
Best assurance of the effectiveness of device provider controls
Independent 3rd party audit report
Redundancy
Duplication of data
Normalization
Process of reducing duplicate data
Concurrency control
Prevent integrity issues during simultaneous updates by multiple users
Integrity constraints
Allow only valid predefined data to enter the database & prevent out of range data
Structured query language
Programming language for managing date in a database; helps determine PORTABILITY
Table link check
Assurance over integrity of database
DBA (database administrator) activities
-conduct changes in database table
-conduct backup & recovery procedures
-consult on database interfaces
DBAs should NOT perform:
-activities relating to log capturing & monitoring of dba functions
-end user activities
-security patch updates
A database should only be changed using a ___ account
DBA
Clusters/clustering
Allows 2 or more servers to work as a unit so if 1 fails the other takes over
Diverse routing
Routing traffic through split cable facilities or duplicate cable facilities
Alternative routing
Routing info via an alternative medium such as copper cables or fiber optics
Last mile circuit protection
Redundancy for local communication loop
Long haul network diversity
Redundancy for long distance availability
Shadow file processing
Duplicate files are maintained at remote site
Preparedness test
Simulates a system crash &verified in a localized environment
(DRP testing - cost effective)
When RTO is low, use a
Hot site
When RPO is low, use
Data mirroring
Backup intervals should be aligned with
RPO
Quality of service (QoS)
Optimize network performance by assigning priority to bus apps and end users through allocation of dedicated parts of the bandwidth to specific traffic
Protocol analyzers
Monitor/record network info
Online monitors
Measure telecommunications transmission
Cyclic redundancy check (CRC)
Checks for a block of transmitted data - can detect several errors
Switches
At a low level of network security and transmit a packet to the device to which it is addressed
Hubs
Will broadcast all data to all network posts
Routers
Allows packets to be given or denied a access based on address
To ensure proper SoD, developers should be
Restricted to development environments only
Hardware maintenance programs should be validated against
Vendor specifications
Service-level management (SLM)
Negotiate, document, and manage the services in the manner in which the customer requires those services
The use of unshielded twisted pair (UTP) in copper will reduce the likelihood of
Crosstalk
Most critical elements of DRP
1) backup data
2) key contacts
Greatest concern for disaster recovery hot site
Disk space utilization data is not kept current
Commitment and rollback procedures ensure
Integrity
Load balancing ensures
Uninterrupted system availability by distributing traffic across multiple servers
-consistent response time for web applications
Disk to disk backup
Allowed large quantities of data to be backed up in a short time to without impacting system performance
The method of routing traffic through split cable or duplicate cable facilities is called
Diverse routing
