Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP - Terms > Domain 7: Security Operations > Flashcards

Domain 7: Security Operations Flashcards

1
Q

Alternate Site

A

A general term for a contingency or continuity of operations (COOP) site used to assume system or organizational operations if the primary site is not usable for period.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Backup

A

A copy of files and programs made to facilitate recovery, if necessary.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Baseline

A

The total inventory of all of a system’s components, including hardware, software, data, administrative controls, documentation, or user instructions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Baselining

A

Creating a total inventory of a system, component by component, part by part.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Blocked Listing and Allowed Listing (software, identities, addresses)

A

Use of lists of blocked or allowed identities, whether as users, URLs, URIs, web addresses, IP addresses, geographic regions, hardware addresses, files, or programs, as a means of controlling (prohibiting or permitting) their access, use, or attempt to load and execute.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Change Management

A

The formal process an organization uses to transition from the current state to a future state. This typically includes mechanisms to request, evaluate, approve, implement, verify, and learn from the change.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Configuration Item

A

1.- An aggregation of information system components designated for configuration management (CM) and treated as a single entity in the CM process. 2.- Item or aggregation of hardware, software, or both, which is designated for configuration management and treated as a single entity in the CM process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Configuration Management (CM)

A

A collection of activities focused on establishing and maintaining the integrity of information technology products and information systems, through control of processes for initializing, changing, and monitoring the configurations of those products and systems throughout the system development life cycle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cyber Forensics

A

The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Disaster Recovery (DR)

A

The ability to provide IT services following an interruption, often at an alternate location.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Disruption

A

An unplanned event that causes an information system to be inoperable for a length of time (e.g., minor or extended power outage, extended unavailable network or equipment, or facility damage or destruction).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Egress Monitoring

A

Monitoring the flow of information out of an organization’s control boundaries.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Entity

A

Any form of user, such as a hardware device, software daemon, task, processing thread, or human, that is attempting to use or access systems resources. Endpoint devices, for example, are entities that human (or nonhuman) users make use of in accessing a system. Should be subject to access control and accounting. See also User and Entity Behavior Analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Eradication

A

In incident response, the activities that remove the cause of the incident from the environment. This often requires the use of a formal root cause analysis process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Event

A

Any observable occurrence in a network or system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

False Positive

A

Incorrectly classifying a benign activity, system state, or configuration as malicious or vulnerable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Forensics, Cyber Forensics

A

The examination of evidence related to suspected criminal activity. Cyber forensics refers to investigations of such activities involving information systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Full Backup

A

Copies the entire system to backup media.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Hackback

A

Actions taken by a victim of hacking to compromise the systems of the alleged attacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Hardening

A

A reference to the process of applying secure configurations (to reduce the attack surface) and locking down various hardware, communications systems, and software, including operating system, web server, application server, application. Hardening is normally performed based on industryguidelines and benchmarks such as those provided by the Center for Internet Security (CIS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Honeypots/ Honeynets

A

Machines that exist on the network, but do not contain sensitive or valuable data; they are meant to distract and occupy malicious attackers or unauthorized intruders, as a means of delaying their attempts to access production data/assets. Several machines of this kind, linked together as a network or subnet, are referred to as a honeynet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Hot Site

A

A fully operational offsite data processing facility equipped with hardware and software, to be used in the event of an information system disruption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Incident

A

An event that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Incident Response

A

The mitigation of violations of security policies and recommended practices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Incident

A

The event that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Indicator

A

A technical artifact or observable occurrence that suggests an attack is imminent or is currently underway, or that a compromise may have already occurred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Indicators of Compromise (IoC)

A

A signal that an intrusion, malware, or other predefined hostile or hazardous set of events is occurring or has occurred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Information Security Continuous Monitoring (ISCM)

A

Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. [Note: The terms “continuous” and “ongoing” in this context mean that security controls and organizational risks are assessed and analyzed at a frequency sufficient to support risk-based security decisions to adequately protect organization information.] Ongoing monitoring sufficient to ensure and assureeffectiveness of security controls related to systems, networks, and cyberspace, by assessing security control implementation and organizational security status in accordance with organizational risk tolerance, and within a reporting structure designed to make real-time, data-driven risk-management decisions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Information Sharing and Analysis Center (ISAC)

A

Any entity or collaboration created or employed by public- or private-sector organizations, for purposes of gathering and analyzing critical cyber and related information to better understand security problems and interdependencies related to cyber systems, to ensure their availability, integrity, and reliability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Intrusion

A

A security event, or a combination of multiple security events, that constitutes a security incident in which an intruder gains, or attempts to gain, access to a system or system resource without having authorization to do so.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Intrusion Detection System (IDS)

A

A security service that monitors and analyzes network or system events for the purpose of finding and providing real-time or near-real-time warning of attempts to access system resources in an unauthorized manner.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Intrusion Prevention Systems (IPS)

A

A security service that uses available information to determine if an attack is underway; it then sends alerts but also blocks the attack from reaching its intended target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Log

A

A record of actions and events that have taken place on a computer system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Precursor(s)

A

Signals from events that suggest a possible change of conditions (internal orexternal to the organization) may alter the current threat landscape. An increase in tensions in local political or social environments, or complaints or grievances by employees or customers going viral in social media, are examples of precursors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Provisioning

A

Taking a particular configuration baseline, making additional or modified copies of it, then taking steps as necessary to properly place those copies into the environments they should belong in.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Ransom Attack

A

Any form of attack that threatens the destruction, denial, or unauthorized public release or remarketing of private information assets. Usually involves encrypting these assets and withholding the decryption key until the ransom is paid by the victim.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Ransomware

A

Malware used for the purpose of facilitating a ransom attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Recovery

A

The process of jointly addressing business resiliency and restoration of critical infrastructure and functionality after a disruption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Regression Testing

A

Testing of a system to ascertain whether recently approved modifications have changed its performance of other approved functions or has introduced other unauthorized behaviors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Remediation

A

Changes to a system’s configuration to immediately limit or reduce the chance of recurrence of an incident. This might include updating the sensitivities, thresholds, or alarm settings on any number of security controls, or instituting a rapid reset of access controls information such as passwords and security challenge responses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Request for Change (RFC)

A

The documentation of a proposed change in support of change management activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Root Cause Analysis

A

A principle-based, systems approach for the identification of underlying causes associated with a particular set of risks or incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Sandbox

A

A testing environment that is logically, physically, or virtually isolated fromother environments, and in which applications or systems can be evaluated. Sandboxes can be used as part of development, integration, or acceptance testing (so as to not interact with the production environments), as part of malware screening, or as part of a honeynet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Threat Intelligence

A

Threat information that has been aggregated, transformed, analyzed, interpreted, or enriched to provide the necessary context for decision-making processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

User and Entity Behavior Analytics (UEBA)

A

Analysis of behaviors and activities of human and nonhuman users, and of the software and hardware entities associated with those users and activities, as a way of detecting inappropriate or unauthorized activity, including fraud detection, malware, and insider attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Vulnerability Management

A

The activities necessary to identify, assess, prioritize, and remediate information system weaknesses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

secure facility plan

A

A guide that outlines the security needs of your organization and
emphasizes methods or mechanisms to employ to provide security. Such a plan is developed
through risk assessment and critical path analysis.

48
Q

critical path analysis

A

A systematic effort to identify relationships between mission-critical
applications, processes, and operations and all the necessary supporting elements.

49
Q

technology convergence

A

The tendency for various technologies, solutions, utilities, and
systems to evolve and merge over time. Often this results in multiple systems performing
similar or redundant tasks or one system taking over the features and abilities of another.
Though in some instances this can result in improved efficiency and cost savings, it can also
represent a single point of failure and become a more valuable target for malicious hackers
and intruders.

50
Q

industrial camouflage

A

The attempt to mask or hide the actual function, purpose, or operations of a facility by providing a façade presenting a believable or convincing alternative.

51
Q

crime prevention through environmental design (CPTED)

A

Guidelines that encourage
architects and build-out designers to improve security through building elements. The concept of designing the structure of the physical environment and surroundings to influence
individual decisions that potential offenders make before committing any criminal acts.
This includes taking advantage of natural surveillance, access control, and territorial reinforcements.

52
Q

natural access control

A

A crime prevention through environmental design (CPTED) concept of the subtle guidance of those entering and leaving a building through placement of
entranceways, use of fences and bollards, and placement of lights.

53
Q

natural surveillance

A

The crime prevention through environmental design (CPTED)
concept that involves any means to make criminals feel uneasy through the increase of
opportunities for them to be observed. This can be accomplished by an open and obstaclefree outside area, especially around entrances, with clear lines of sight.

54
Q

natural territorial reinforcement

A

The crime prevention through environmental design
(CPTED) concept where there is an attempt to make the area feel like an inclusive, caring
community. The area should be designed so that it looks cared for and respected and that it is actively being defended.

55
Q

administrative physical security controls

A

Security controls that include facility
construction and selection, site management, personnel controls, awareness training, and
emergency response and procedures.

56
Q

cable plant management policy

A

The policy governing the collection of interconnected
cables and intermediary devices (such as cross-connects, patch panels, and switches) that
establish the physical network.

57
Q

transponder proximity device

A

A mechanism that is self-powered and transmits a signal received by the reader. This can occur consistently or only at the press of a button (like a garage door opener or car alarm key fob). Such devices may have batteries or capacitors, or may even be solar powered.

58
Q

proximity reader

A

A passive device, field-powered device, or transponder that detects the
presence of authorized personnel and grants them physical entry into a facility. The proximity
device is worn or held by the authorized bearer. When they pass a proximity reader, the
reader is able to determine who the bearer is and whether they have authorized access.

59
Q

proximity device, proximity card

A

A security device used to manage or control physical
access. It can be a passive device, a field-powered device, or a transponder.

60
Q

passive proximity device

A

A mechanism that has no active electronics; it is just a small
magnet with specific properties (like antitheft devices commonly found in or on retail product packaging). A passive device reflects or otherwise alters the electromagnetic (EM) field
generated by the reader device. This alteration is detected by the reader device, which triggers
the alarm, records a log event, or sends a notification.

61
Q

sensitive compartmented information facility (SCIF)

A

A secure or restricted work area
often used by government and military agencies, divisions, and contractors to provide a secure environment for highly sensitive data storage and computation. The purpose of an
SCIF is to store, view, and update sensitive compartmented information (SCI), which is a type of classified information

62
Q

transient noise

A

A short duration of line noise disturbance.

63
Q

radio frequency interference (RFI), radio-frequency interference

A

The by-product of
electrical processes, similar to electromagnetic interference (EMI). The major difference is
that RFI is usually projected across a radio spectrum.

64
Q

electromagnetic interference (EMI)

A

The interference that can occur during transmissions over copper cable due to electromagnetic energy outside the cable. The result is degradation or loss of the signal. A type of electrical noise that can do more than just cause problems with how equipment functions; it can also interfere with the quality of communications, transmissions, and playback.

65
Q

rate-of-rise detection

A

A fire detection system that detects the fire and triggers the release
of the suppression medium when the speed at which the temperature changes reaches a
specific level or rate. These are often digital temperature measuring devices, which can be
fooled by HVAC heating during winter months and thus are not widely deployed.

66
Q

flame-actuated detection

A

A fire detection system that detects a fire and triggers the
release of the suppression medium based on the detection of the infrared energy of flames.
This mechanism is fast and reliable but often fairly expensive. Thus, it is often only used in
high-risk environments.

67
Q

fixed-temperature detection

A

A fire detection system that detects a fire and triggers the release of the suppression medium when a specific temperature is reached. This is the most common type of detector and present in most office buildings. The potentially visible sprinkler head serves as both the detection and release mechanism. The trigger is usually a metal or plastic component that is in the sprinkler head and melts at a specific temperature.

68
Q

smoke-actuated detection

A

A fire detection system that detects the fire and triggers the release of the suppression medium when smoke is detected using either photoelectric or radioactive ionization sensors as triggers. Either method monitors for light or radiation obstruction or reduction across an air gap caused by particles in the air. It is intended to be triggered by smoke, but dust and steam can sometimes trigger the alarm.

69
Q

wet pipe system

A

A fire suppression system that is always full of water. Water discharges
immediately when triggered by a fire or smoke. Aka a closed head system.

70
Q

deluge system

A

Another form of dry pipe (fire suppression) system that uses larger pipes
and therefore a significantly larger volume of water. Deluge systems are inappropriate for
environments that contain electronics and computers.

71
Q

preaction system

A

A combination dry pipe/wet pipe system. The system exists as a dry pipe until the initial stages of a fire (smoke, heat, and so on) are detected, and then the pipes are filled with water.

72
Q

dry pipe system

A

A fire suppression system that contains compressed air. Once suppression
is triggered, the air escapes, which opens a water valve that in turn causes the pipes to fill and discharge water into the environment.

73
Q

gas discharge system

A

A fire suppression system that releases a gas to extinguish the fire.

74
Q

nuisance alarm rate (NAR)

A

False positives from animals or foliage on Area Perimeter Intrusion Detection Assessment System (PIDAS) fences

75
Q

perimeter intrusion detection and assessment system (PIDAS)

A

A fence system that has two or three fences used in concert to optimize security. PIDAS fencing is often present around military locations and prisons. Typically, a PIDAS fence has one tall main fence, which may be 8 to 20 feet tall. The main fence may be electrified, may have barbed wire/razor wire elements, and/or can include touch detection technologies. This main fence is then
surrounded by an outside fence, which may only be 4 to 6 feet tall. The purpose of this outerfence is to keep animals and casual trespassers from accessing the main fence.

76
Q

access control vestibule

A

A double set of doors that is often protected by a guard. The
purpose is to contain a subject until their identity and authentication are verified. Previously
known as a mantrap.

77
Q

bollard

A

A physical security mechanism designed to prevent vehicles from driving into buildings or other secured areas. See barricades. Aka security bollard.

78
Q

occupant emergency plans (OEP)

A

A guide that assists with sustaining personnel safety in the wake of a disaster. The OEP provides guidance on how to minimize threats to life, prevent injury, manage duress, handle travel, provide for safety monitoring, and protect property from damage due to a destructive physical event.

79
Q

distributed denial-of-service (DDoS), DDoS attack

A

A distributed denial of service occurs
when the attacker compromises several systems to be used as launching platforms against one or
more victims (i.e., a botnet). The compromised systems used in the attack are often called zombies. A DDoS attack results in the victims being flooded with data from numerous sources. See
also denial-of-service (DoS) attack, distributed reflective denial of service (DRDoS), and botnet.

80
Q

distributed reflective denial of service (DRDoS), DRDoS attack

A

DRDoS attacks take
advantage of the normal operation mechanisms of key internet services, such as DNS and
router update protocols, which are used as an amplification or bounce system. DRDoS
attacks function by sending numerous update, session, or control packets to various internet
service servers or routers with a spoofed source address of the intended victim. This process
causes a “reflection” of the request traffic to potentially be amplified and sent to the spoofed
victim’s address. A DRDoS attack can result in so much traffic that upstream systems are
adversely affected by the sheer volume of data focused on the victim. See also denial-ofservice (DoS) attack, distributed denial of service (DDoS), and botnet.

81
Q

SYN flood attack

A

A denial-of-service (DoS) attack in which the hacker sends a barrage of
SYN packets. The receiving station tries to respond to each SYN request for a connection,
thereby tying up all the resources. All incoming connections are rejected until all current connections can be established.

82
Q

smurf attack

A

A type of distributed reflective denial of service (DRDoS). A smurf attack
occurs when an amplifying server or network is used to flood a victim with useless ICMP
reply packets.

83
Q

ping flood attack

A

An attack that repeatedly sends ping/ICMP requests to a system. It can
come from a single system as a DoS attack but is more often launched against a target by
multiple systems in a DDoS attack.

84
Q

on-path attack

A

An attack in which the hacker takes a position between a client and a
server (or other entities) and then tricks the client into establishing a link with the hacker’s
computer rather than the intended server. The attacker in turn establishes a link with the
server using the client’s stolen credentials. Once established, the attacker can view all traffic
between client and server as well as change the content. Previously known as man-in-the middle (MitM).

85
Q

sabotage

A

A criminal act committed against an organization by a knowledgeable employee.

86
Q

knowledge-based detection

A

An intrusion discovery mechanism used by intrusion detection systems (IDSs) and based on a database of known attack signatures. The primary drawback to a knowledge-based IDS is that it is effective only against known attack methods. Aka
signature-based detection or pattern-matching detection.

87
Q

behavior-based detection, behavioral-based detection

A

An intrusion discovery mechanism used by IDS. Behavior-based detection finds out about the normal activities and events
on your system through watching and learning. Once it has accumulated enough data about
normal activity, it can detect abnormal and possible malicious activities and events. Aka
statistical intrusion detection, anomaly detection, and heuristics-based detection. See also
anomaly-based detection, heuristic-based detection, and signature-based detection.

88
Q

host-based IDS (HIDS)

A

An intrusion detection system (IDS) that is installed on a single
computer and can monitor the activities on that computer. A host-based IDS is able to pinpoint the files and processes compromised or employed by a malicious user to perform unauthorized activity. The alternative is a network-based system.

89
Q

network-based IDS (NIDS), network-based IPS (NIPS)

A

An intrusion detection system
(IDS) or intrusion prevention system (IPS) approach that attaches the system to a point in the
network where it can monitor and report on all network traffic.

90
Q

data extraction

A

The process of extracting elements of data from a large body of data to
construct a meaningful representation or summary of the whole. See sampling.

91
Q

sampling

A

A form of data reduction that allows an auditor to quickly determine the important issues or events from an audit trail. Aka data extraction.

92
Q

clipping level

A

A threshold value used in violation analysis auditing. Crossing the clipping
level triggers the recording of relevant event data to an audit log.

93
Q

traffic analysis

A

A form of monitoring in which the flow of packets rather than the actual
content of packets is examined. Also referred to as trend analysis.

94
Q

Security Orchestration, Automation, Response (SOAR)

A

A collection of software solutions that can automate the process of collecting and analyzing log and real-time data, evaluate it in light of materials from threat intelligence sources, and then trigger response to
low- and mid-level severity issues without the need for human involvement.

95
Q

threat hunting

A

The activity of security professionals to seek out and identify new threats.
A threat hunt is a proactive search through IoCs, log files, or other observables to locate malware or intruders lurking on a system.

96
Q

single point of failure (SPoF)

A

Any one item, element, or pathway that could cause
significant downtime or system failure if broken, offline, or overloaded.

97
Q

system resilience

A

The ability of a system to maintain an acceptable level of service during
an adverse event. It relies on fault-tolerant components and also effective intrusion detection
and intrusion prevention systems.

98
Q

fault tolerance

A

The ability of a system to suffer a fault but continue to operate and/or
without losing data. Fault tolerance is achieved by adding redundant components such as
additional disks within a redundant array of independent disks (RAID) or additional servers
within a failover clustered configuration.

99
Q

disk striping

A

Technology that enables writing data to multiple disks simultaneously in
small portions called stripes. These stripes maximize use by having all the read/write heads
working constantly. Different data is stored on each disk and isn’t automatically duplicated;
thus, disk striping by itself doesn’t provide fault tolerance. Aka RAID 0.

100
Q

disk mirroring

A

Technology that keeps identical copies of data on two or more disks to prevent the loss of data if one disk is damaged. Aka RAID 1. A variant is known as duplexing
when two different drive controllers are used in addition to two drives. A technology that takes
advantage of disk mirroring is a redundant array of independent (or inexpensive) disks (RAID).

101
Q

disk striping with parity

A

A fault-tolerance solution of writing data across a number of
disks and recording the parity on another. In the event any one disk fails, the data on it can
be re-created by looking at the remaining data and computing parity to figure out the missing
data. Aka RAID 5.

102
Q

Stripe of mirrors

A

Raid-10 - contains two or more mirrors each configured with stripe

103
Q

fail-open

A

Describes a system that protects equipment and/or human safety in the event of a
system failure. The response of a system to a failure so that it defaults to an “allow” posture.

104
Q

fail securely

A

A system designed with a specific failure plan, such as fail-soft, fail-safe, failsecure, fail-open, or fail-closed.

105
Q

cold site

A

A physical site (designated as a recovery location) that has few to none of
the resources necessary to enable an organization to use it if the main site is inaccessible,
destroyed, or otherwise experiencing a disaster.

106
Q

hot site

A

A configuration in which a backup facility is maintained in constant working
order, with a full complement of servers, workstations, and communications links ready to
assume primary operations responsibilities. A location that can provide complete operations
support within hours of a failure to minimize or eliminate downtime in the event of a disaster
affecting a company’s primary location.

107
Q

warm site

A

A middle ground between hot sites and cold sites for disaster recovery specialists. A warm site always contains the equipment and data circuits necessary to rapidly establish operations but does not typically contain copies of the client’s data

108
Q

mobile sites

A

Nonmainstream alternatives to traditional recovery sites that typically consist
of self-contained trailers or other easily relocated units

109
Q

mutual assistance agreement (MAA)

A

An agreement in which two organizations pledge to
assist each other in the event of a disaster by sharing computing facilities or other technological resources. Aka reciprocal agreement.

110
Q

electronic vaulting

A

A storage scenario in which database backups are transferred to a
remote site in a bulk transfer fashion. The remote location may be a dedicated alternative
recovery site (such as a hot site) or simply an off-site location managed within the company
or by a contractor for the purpose of maintaining backup data.

111
Q

remote journaling

A

Transferring copies of the database transaction logs containing the
transactions that occurred since the previous bulk transfer.

112
Q

remote mirroring

A

Maintaining a live database server at the backup site. It is the most
advanced database backup solution.

113
Q

differential backup

A

A type of backup that copies only new files or files that have
changed since the last full backup onto the backup media. Differential backups differ from
incremental backups in that they don’t clear the archive bit or change the timestamp on
completion.

114
Q

full backup

A

A complete copy of data contained on the protected device on the backup media.
This process also clears the archive bit or changes the timestamp of files upon completion.

115
Q

incremental backup

A

A type of backup that includes only new files or files that have
changed since the last full backup or the last incremental backup. Incremental backups clear
the archive bit or change the timestamps of files on completion.

116
Q
A

CISSP - Terms (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions