Managing Risk Flashcards

1
Q

Security Policy

A

A written document that defines how an organization will protect its IT infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AUP

A

Acceptable Use Policy; defines what is and what is not acceptable to do on an organization’s computers.

  • Ownership
  • Network Access
  • Privacy/consent to Monitoring
  • Illegal Use
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Network Access Policy

A

defines who may access the network, how they may access the network, and what they can access.

  • Pricileged user agreement policy
  • Passwork Policy
  • Data Loss PreventionPolicy
  • Remote Access Policy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Change Management

A

The process of creating change in your infrastructure in an organized, controlled, and safe way.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Patch Management

A

The process of regularly updating operating systems and application to avoid security threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

VRRP & HSRP

A

Virtual Router Redundancy Protocol (open standard) & Hot Standby Router Protocol (cisco)

Both protocols take multiple routers and gang them together into a single virteal router with a single virteal IP address that clients use as a default gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Standard Business Documents

A
  • Service Level Agreement
  • Memorandum of Understanding
  • Multi-Source Agreement
  • Statement of Work
  • Nondisclosure Agreement
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Service Level Agreement

A

A document between a customenr and a service provider that defines the scope. puality. and terms of the service to be proided.

A typical SLA from and ISP contains the following:

  • Definition fo the service provided
  • Equipment
  • Technical Support
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Memorandum of Understanding

A

A document that defines an agreement between two parties in sitiation swhere a legal contract wouldn’t be appropriate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Multi-Source Agreement

A

A document that details the interoperability of network hardware from a variety of manufacturers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Statment of Work

A

A contract that defines the services, porducts, and time frames for the vendor to achieve.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

MTBF

A

Mean Time Between Failures:

A factor typically applied to a hardware component that represent the manufacturer’s best guess regarding how much time will pass between major failures of that component

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

MTTR

A

Mean Time To Recovery:

The estimated amount of time it takes to recover from a hardware component failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Computer Forensics

A
  • Secure the area
  • Document the scene
  • Dollect evidence
  • Interface with authorities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly