Idk Flashcards
A legal contract between the holder of confidential information and another person to whom that information is disclosed, prohibiting that other person from disclosing the confidential information to any other party is known as:
NDA
A type of document stipulating rules of behavior to be followed by users of computers, networks, and associated resources is referred to as:
AUP
Which of the acronyms listed below refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?
RTO
Recovery Time Objective
In business continuity planning, the maximum tolerable point in time to which systems and data must be recovered after an outage is called:
RPO
Recovery Point Objective
Which of the following terms is used to describe an average time required to repair a failed component or device?
MTTR
Mean Time To Recovery
Which term describes the predicted loss of value to an asset based on a single security incident?
SLE
Single Loss Expectancy
Which of the acronyms listed below refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?
ALE
Annual Loss Expectancy
An estimate based on the historical data of how often a threat would be successful in exploiting a vulnerability is known as:
ARO
Annualized Rate of Occurrence
In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat.
ARO
Annualized Rate of Occurrence
In forensic analysis, taking hashes ensures that the collected digital evidence retains:
Integrity
Disabling certain system functions or shutting down the system when risks are identified is an example of:
Risk Avoidance
Contracting out a specialized technical component when the company’s employees lack the necessary skills is an example of:
Risk Transference
Which of the following terms relates closely to the concept of residual risk?
Risk Acceptance
Assessment of risk probability and its impact based on subjective judgment falls into the category of:
Qualitative Risk Assessment
Quantitative Risk Assessment
A calculation of the Single Loss Expectancy (SLE) is an example of:
Which of the following would be of help in preserving the integrity of a digital evidence? (Select 2 answers)
- Disk Imaging
* Hashing
Indicating whether a file has been modified since the last backup.
Archive Bit
Which of the answers listed below refer to examples of deterrent security controls? (Select 3 answers)
- Warning Signs
- Lighting
- Login Banner
What are the examples of preventive security controls? (Select 3 answers)
- OS Hardening
- Separation of Duties
- Security Guards
Which of the following answers refer to examples of detective security controls (Select 3 answers)
- System Logs
- Security Audits
- CCTV
Which of the answers listed below refer to examples of corrective security controls? (Select 3 answers)
- IPS
- Alternate Site
- Backup Data Recovery
Which of the following answers refers to a compensating security control?
Backup Generator
Which of the terms listed below DO NOT fall into the category of technical security controls? (Select 3 answers)
- Barricades/Bollards
- Cable Locks
- Secure Cabinets/Enclosures
What are the examples of administrative security controls? (Select 3 answers)
- Risk Assessments
- Escalation Procedures
- Contingency Planning