Managing Security Operations Flashcards by Daniel Bardenstein

Need to Know

Only people with legit need to access data/info can

How well did you know this?

Not at all

Perfectly

Lease Privilege

Subjects only granted privileges needed to do their work tasks and no more

How well did you know this?

Not at all

Perfectly

Entitlement

Amount of privileges granted to users, usually when provisioning an account (least privilege)

How well did you know this?

Not at all

Perfectly

Aggregation

Number of privileges a user collects (least privilege)

How well did you know this?

Not at all

Perfectly

Transitive trust

Least privilege. All subdomains of a non-transitive trust can access objects in the other domain.

How well did you know this?

Not at all

Perfectly

separation of privilege

applies sep duties to apps, processes

How well did you know this?

Not at all

Perfectly

Segregation of duties

Sep of duties + least privilege. Related to SOX Act of 2002

How well did you know this?

Not at all

Perfectly

2-person rule

takes 2 people to do critical task

How well did you know this?

Not at all

Perfectly

Job Rotation

deterrent + less dependent on a single person

How well did you know this?

Not at all

Perfectly

Monitor special privileges

Good to do

How well did you know this?

Not at all

Perfectly

Managing the Info Life Cycle

Marking Data
Handling Data
Storing Data
Destroying data

How well did you know this?

Not at all

Perfectly

SLAs

Performance expectations for outside vendor

How well did you know this?

Not at all

Perfectly

Brainscape's Knowledge GenomeTM

Managing Security Operations Flashcards

Brainscape's Knowledge Genome^TM