Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > Domain 7: Assessment Management > Flashcards

Domain 7: Assessment Management Flashcards

1
Q

Name the 4 types of IDS events

A
  1. True positive
  2. True negative
  3. False positive
  4. False negative
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  • Types of IDS event

- A Worm spreading on a trusted network; NIDS alerts

A

True positive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  • Types of IDS event

- User surfs the web to an allowed site; NIDS is silent

A

True negative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  • Types of IDS event

- User surfs the web to an allowed site; NIDS alerts

A

False positive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  • Types of IDS event

- A worm is spreading on a trusted network; NIDS is silent

A

False negative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  • Type of NIPS

- Malicious traffic is identified and then “shot down”

A

Active response NIPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  • Type of NIPS

- Acts as a Layer 3-7 firewall device traffic flows through

A

Inline NIPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Class of solutions that are tasked specifically with trying to detect or prevent data from leaving the organization in a unauthorized manner

A

Data loss prevention (DLP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Name 4 endpoint security controls

A
  1. Antivirus
  2. Application whitelisting
  3. Removable media controls
  4. Disk encryption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  • Endpoint Security Control

- App used to determine in advance which binaries are considered safe to execute on a given system

A

Application whitelisting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  • The process of capturing a snapshot of the current system security configuration
  • Can use helpful during a potential security incident
A

Baselining

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Used to help mitigate the risks associated with hard disk failures

A

Redundant array of Inexpensive disks (RAID)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Achieves full data redundancy by writing the same data to multiple hard disks

A

Mirroring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  • Increases read and write performance by spreading - data across multiple hard disks
  • Writes can be performed in parallel across multiple disks rather than serially on one disk
A

Striping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  • Achieves data redundancy calculating data in two drives and storing the results on a third
  • After failed drive is replaces the RAID controller rebuilds the lost data from the other two drives
A

Parity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  • RAID Level
  • Block-level striping
  • Employs stripping to increase performance of read and writes
  • Stripping offers no data redundancy
A

RAID 0

17
Q
  • RAID Level
  • Creates/writes an exact duplicate of all data to an additional disk
  • Mirrored set
A

RAID 1

18
Q
  • RAID Level
  • Legacy technology requires either 14 or 39 hard disks and a specially designed hardware controller
  • Cost prohibitive
  • Stripes at bit level
A

RAID 2

19
Q
  • RAID Level
  • Byte-level striping
  • Dedicated disk is leveraged for storage of parity info used for recovery from a failure
A

RAID 3

20
Q
  • RAID Level
  • Block-level striping
  • Employs a dedicated parity drive
A

RAID 4

21
Q
  • RAID Level
  • Block-level striping
  • Distributes the parity info across multiple disks
A

RAID 5

22
Q
  • RAID Level

- Block-level striping with double distributed parity

A

RAID 6

23
Q
  • RAID Level
  • Combines disk mirroring and stripping to protect data
  • Requires minimum of four disks
A

RAID 10

24
Q

Multiple systems are configured so that in case of failure another can seamlessly take over and maintain availability to the service or application

A

High-availability cluster (aka Failover cluster)

25
Q
  • Each member actively processes data in advance of failure

- i.e. load balancing

A

Active-active HA cluster

26
Q

Backup systems only begin processing data when a failure is detected

A

Active-passive cluster

27
Q
  • Goal is to ensure any changes does not lead to reduced or compromised security
  • Makes it possible to roll back any changes to a previous secured state
A

Change management

28
Q
  • Form of nonstatistical sampling that record only events that exceed a threshold
  • i.e. for a failed logon attempt an alarm can be raised only if five failed login attempts are detected within a 30-minute period
A

Clipping

29
Q
  • Typically addresses common concepts such as purpose, scope, and results discovered or revealed
  • Reports that contain sensitive info should be assigned a classification label and handed appropriately
A

Audit reports

30
Q

Ensures that object access and account management practices support security policy

A

Access review audit

31
Q

Ensures that the principle of least privilege is followed and often focus on privileged accounts

A

User entitlement audits

CISSP (30 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions