Explaining Organizationals And Physical Security Concepts Flashcards
Settings for services and policy configuration for a network appliance or for a server operating in a particular application role (web server, mail server, file/print server and so on)
Configuration Baseline
Process for approving, preparing , supporting and a managing new or updated business processes or technologies
Change management
Documentation of best practice and work instructions to use to perform a common administrative task.
Standard operating procedure (SOP)
Detailed and specific evaluation of a process, procedure, organization, job function or system in which results are gathered and reported to ensure that the target of the audit is in compliance with the organizations policies, regulations and legal responsibilities
Audit reports
Controlled acquisition deployment use and decommissioning of assets.
System life cycle roadmap
Documentation detailing site premises using an accurate scale
floor plan
Documentation of connector pin outs and/or cable runs
Wiring diagram
Passive wiring panel providing a central termination point for cabling. It distributes backbone or vertical wiring through a building and connections to external access provider networks.
Main distribution frame (MDF)
Passive wiring panel providing a central termination point for cabling. An IDF is an optional layer of distribution frame hierarchy that cross-connects vertical backbone cabling to an MDF to horizontal wiring to wall ports on each floor of a building or each building of a campus network
Intermediate distribution frame (IDF)
Storage solution for server and network equipment. Racks are designed to a standard width and height (measured in multiples of 1U or 1.75”). Racks offer better density, cooling and security than ordinary office furniture.
Rack
Procedures and guidelines covering appropriate priorities, actions and responsibilities in the event of security incidents divided into preparation, detection/analysis, containment, eradication/recovery, and post-incident stages.
Incident response plan
Documented and resources plan showing actions and responsibilities to be used in response to critical incidents
Disaster recovery plan (DRP)
Collection of processes and resources that enable an organization to maintain normal business operations in the face of some adverse event.
Business continuity plan (BCP)
Process of bringing in a new employee, contractor or supplier
Onboarding
Process of ensuring that all HR and other requirements are covered when an employee leaves an organization. Also called an exit interview.
Offboarding
Security policy that promotes user selection of strong passwords by specifying a minimum password length, requiring complex passwords, requiring periodic password changes and placing limits on reuse of passwords
Password policy
Policy that governs employees’ use of company equipment and internet services. ISPs may also apply AUPs to their customers. Also called fair use policy.
Acceptable use policy (AUP)
Software solution that detects and prevents sensitive information from being stored on unauthorized systems or transmitted over unauthorized networks.
Data loss prevention (DLP)
Agreement that sets the service requirements and expectations between a consumer and a provider
Service level agreement (SLA)
Agreement that stipulates that entities will not share confidential information, knowledge, or materials with unauthorized third parties
Non disclosure agreement (NDA)
Usually a preliminary or exploratory agreement to express an intent to work together that is not legally binding and does not involve the exchange of money.
Memorandum of understanding (MOU)
Authentication mechanism that allows a user to present a smart card to operate an entry system
Badge reader
Authentication mechanism that allows a user to perform a biometric scan to operate an entry or access system. Physical characteristics stored as a digital data template can be used to authenticate a user. Typical features used include facial pattern, iris, retina, fingerprint patter and signature recognition.
Biometric
Secure entry system with two gateways, only one of which is open at any one time. Previously known as mantrap though this terminology is now deprecated.
Access control vestibule
