Mnemonics helpful Flashcards

1
Q

OSI

A

Open Systems Interconnection

OSI model divides different networking requirements into seven layers: physical, data link, network, transport, session, presentation, application.

mnemonic: Please Do Not Throw Sausage Pizza Away.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

RMF

A

Risk Management Framework

identifies and manages risk. Seven steps (miscount?): prepare, categorize info sys, select security controls, assess security controls, authorize info sys, monitor security controls

Mnemonic: Please catch some angry ants Mom!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

COOP

A

Continuity of Operations

Phase I - Readiness and Preparedness
Phase II - Activation and Relocation: transfer activities, personnel, records, and
equipment to alternate facilities
Phase III - Continuity Operations: full
execution of essential operations at
alternate operating facilities
Phase IV – Reconstitution: operations at
alternate facility are terminated and normal
operations resume

(need a mnemonic)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

eDiscovery

A

reference model. Phases include identification, collection, processing, review, and production. Attorney review of collected material takes place in the Review phase.

Mnemonic: I collect peer review processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cyber Kill Chain

A

Attack model created by Lockheed Martin. Phases are: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command & Control, Actions on Objective.

Mnemonic: Real Women Date Engineers In Commando Armor

NOTE: this model never has the attacker retreating. Several other popular models are more flexible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Incident Response Process

A

Cycle steps are preparation, identification, containment, eradication, recovery, lessons learned. It’s a cycle so it continues back at preparation.

Mnenomic: Perhaps I Can Eat Rice Later

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Diamond Model of Intrusion Analysis

A

Incident response approach that gives a graphical diagram of the intrusion. Core elements are:

  • Adversary (the attacker)
  • Capability (tools and techniques used by the adversary)
  • Infrastructure (what the adversary uses to attack)
  • Victim (who or what was attacked)

Mnemonic: Any captain is victorious.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

NIST CSF elements

A

identify, protect, detect, respond, recover

Mnemonic: I protect dangerous rescued rodents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

CVSS3 ratings

A

AC: Attack Complexity
PR: Privileges Required
UI: User Interface
AV: Attack Vector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly