OBJ 3.2 X Flashcards

1
Q

Change management

A

▪ Structured way of changing the state of a computer system, network, or IT procedure

▪ Make sure the risks are considered prior to implementing a system or
network change
● Planned
● Approved
● Documented

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Incident response plan

A

▪ Contains instructions to help network and system administrators detect, respond to, and recover from network security incidents

● Preparation
● Identification
● Containment
● Eradication
● Recovery
● Lessons learned

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Disaster recovery plan

A

▪ Documents how an organization can quickly resume work after an
unplanned incident

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Business continuity plan

A

o Outlines how a business will continue operating during an
unplanned disruption in service

o A disaster recovery plan will be referenced from a business
continuity plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

System life cycle

A

Describes the approach to maintaining an asset from
creation to disposal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Standard operating procedures

A

A set of step-by-step instructions compiled by an organization to help its employees carry out routine operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Password policy

A

A set of rules created to improve computer security by motivating users to create and properly store secure passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Acceptable use policy

A

A set of rules that restricts the ways in which a network resource may be
used and sets guidelines on how it should be used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Bring your own device (BYOD) policy

A

▪ Allows employees to access enterprise networks and systems using their personal mobile devices

▪ Create a segmented network where the BYOD devices can connect to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Remote access policy

A

A document which outlines and defines acceptable methods of remotely connecting to the internal network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Onboarding and offboarding policy

A

Onboarding- A documented policy that describes all the requirements for integrating a
new hire into the company and its cultures

Offboarding- A documented policy that covers all the steps to successfully part ways with an employee who’s leaving the company

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Security policy

A

A document that outlines how to protect the organization’s systems,
networks, and data from threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Data loss prevention

A

▪ A document defining how organizations can share and protect data
▪ Data loss prevention policy minimizes accidental or malicious data loss
▪ Set proper thresholds for your DLP policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Physical network diagram

A

Shows the actual physical arrangement of the components that make up the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Logical network diagram

A

Illustrates the flow of data across a network and shows how devices
communicate with each other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Wiring diagram

A

Labels which cables are connected to which ports

17
Q

Site survey report

A

Process of planning and designing a wireless network to provide the
required wireless solution

18
Q

Audit and assessment report

A

Delivered after a formal assessment has been conducted

o Executive summary
o Scope and objectives
o Assumptions and limitations
o Methods and tools
o Environment and system diagram
o Security requirements
o Findings and recommendations
o Audit results

19
Q

Baseline configurations

A

▪ Set of specifications for an information system, or a configuration item within a system, that has been formally reviewed and agreed on

▪ Changes will be properly tested and approved to be part of the new
baseline

20
Q

Non-disclosure agreement (NDA

A

Defines what data is confidential and cannot be shared outside of that
relationship

21
Q

Service-level agreement (SLA)

A

Documents the quality, availability, and responsibilities agreed upon by a service provider and a client