Managing Risk Flashcards
process for how a company deals with bad things on the network(s)
risk management
any written documente descibing how a company protects its IT infrastructure
security policy
document that explains what is and is not acceptable to do on an organization’s computers; typically describes ownership, network access, privacy/consent to monitoring, and illegal use
acceptable use policy (AUP)
document that explains who can access a company’s network, how they may access it, and what they may access on it
network access policy
company document that describes how a company addresses the risk of data loss or theft
data loss prevention (DLP) policy
provision of some security policies that restrict what hardware and software can be exported
international export controls
rules on commercial software that determine whether (and where?) that software can be taken to other countries
licensing restrictions
permission granted to data stored on a laptop or device to be taken to another country
export license
group of people in an organization in charge of investigation, testing, and implementing/authorizing all but the smallest change in the organization
change management team
process for approving a change request based on the details from a change request, management approval, and funding
approval process
in the process of making an IT infrastructure change, this is the period of time for implementing and testing a desired change
maintenance window
permission by the change management team for systems, departments, etc. to be down when implementing a change
authorize downtime
final step of an IT change, it includes documenting all changes, such as network configurations, additions to the network, and physical location changes
change management documentation
one system that, if it failes, will cause significant stoppage - bring down an entire process, workflow, or the entire organization
single point of failure
something that is critical to the operation of a company, not necessarily IT
critical assett
devices that are critical to a business’s operation, unique to IT
critical node
the making of critical nodes to be constantly working without interruption or downtime
high availability (HA)
a single IP address that is shared by multiple systems, allowing for failover
virtual IP
open standard protocol that gangs multiple routers together into a single virtual router that uses one virtual IP address as the default gateway
Virtual Router Redundancy Protocol (VRRP)
Cisco proprietary protocol that gangs multiple routers together to acts as one virtual router with one virtual IP address
Hot Standby Router Protocol (HSRP)
the combining of multiple machines to work together and share operational work; not provided by VRRP and HSRP
load balancing
having multiple pieces of equipment working together, connected, and presenting as one logical device
clustering
document between a customer and a service provider defining the scope, quality, and terms of services to be provided; common for ISPs
service-level agreement (SLA)
document that describes an agreement between two companies where a legal agreement would not be appropriate in certain situations; would define costs, contacts, logistics, etc., such as hospitals taking over another’s patients in event of a tornado
memorandum of understanding (MOU)
document between two parties that describes the interoperability between their components, such as a GBIC manufacturer’s devices working with Cisco and Juniper switches
multi-source agreement (MSA)
a legal contract between a vendor and client, detailing the services and products the vendor will supply and time frame to supply them; Ex. IT company and client; explains what vendor needs to do, with milestones of the completion of the work
statement of work (SOW)
legal document that many employees and even potential employees might sign, where they agree not to disclose any company secrets to outside sources
nondisclosure agreement (NDA)
a program that will inspect your network for a large number of potential vulnerabilities, then create a report for you to act upon
vulnerability scanner
Microsoft vulnerability analyzer that tests one Windows machine for vulnerablities
Microsoft Baseline Security Analyzer (MBSA)
a popular, Free, and well-maintained software tool that tests a network for vulnerabiliteies and has other tools
Nmap
by Tenable Network Security, this is a more aggressive and powerful comprehensive test (vulnerability test); requires subscription
Nessus
the use of a “white hat” friendly hacker to find vulnerabilities in a network and exploit them, then create a report for the purpose of hardening the network
penetration testing
document about how to limit damage and recover quickly from an incident
contingency plan
response to an incident that involves stopping, containing, and remediating the incident without outside resources; such team might have responsible for determining whether an incident qualifies, the level of severity, scope and cause, prevent further disruption, resolve the cause, restore affected systems, and ID ways to prevent a reoccurence
incident response
response to an incident that cannot be contained and cuases significant damage or danger to the immediate infrastructure; team gets IT infrastructure up and running as soon as possible at primary locations and restores from backups they created
disaster recovery
backs up every file, with the archive bit turned off for every file; standard
full backup
backs up only files with the archive bit turned on, then turns off the bit for those files; takes up less storage, but takes longer to restore
incremental backup
backs up all files changed since the last full backup - backs up files with the archive bit turned on and does not turn off the archive bit; uses up more space, but is faster as restoring
differential backup
the state of the backup when data is recovered - how much data is lost
recovery point objective (RPO)
the amount of time to restore full functionality from when an organization ceases of function
recovery time objective (RTO)
factor describing an estimated time between one failure and the next failure of a hardware component by the manufacturer
mean time between failures (MTBF)
factor describing an estimated time until a hardware component fails and will need to be replaced
mean time to failure (MTTF)
factor describing the estimated amount of time it takes for a hardware component to recover from a failure
mean time to recovery (MTTR)
response to an incident that enable an organization to function at a remote location when the primary inftrastructure is inoperational; must include backup sites
business continuity
document or plan to fill a position in the event someone in a critical position is incapacitated or lost in an incident
succession planning
document where one, such as the first responder, reports their findings from a computer crime, if any
forensics report
process of an organization preserving and organizing data in anticipation of or in response to a legal issue
legal hold
process of providing or requesting data (forensics reports and/or data from a device) in a legal way
electronic discovery (e-discovery)
the existence of a voltage differential between two parts of a network
ground loop
system that can detect fire, cut power to equipment, displace oxygen, activate sprinklers, and alert staff; needed for a server room (also need to get out any electrical spark, with this?)
fire suppression system