OBJ 3.2 X

Question 1

Change management

Answer 1

▪ Structured way of changing the state of a computer system, network, or IT procedure

▪ Make sure the risks are considered prior to implementing a system or
network change
● Planned
● Approved
● Documented

Question 2

Incident response plan

Answer 2

▪ Contains instructions to help network and system administrators detect, respond to, and recover from network security incidents

● Preparation
● Identification
● Containment
● Eradication
● Recovery
● Lessons learned

Question 3

Disaster recovery plan

Answer 3

▪ Documents how an organization can quickly resume work after an
unplanned incident

Question 4

Business continuity plan

Answer 4

o Outlines how a business will continue operating during an
unplanned disruption in service

o A disaster recovery plan will be referenced from a business
continuity plan

Question 5

System life cycle

Answer 5

Describes the approach to maintaining an asset from
creation to disposal

Question 6

Standard operating procedures

Answer 6

A set of step-by-step instructions compiled by an organization to help its employees carry out routine operations

Question 7

Password policy

Answer 7

A set of rules created to improve computer security by motivating users to create and properly store secure passwords

Question 8

Acceptable use policy

Answer 8

A set of rules that restricts the ways in which a network resource may be
used and sets guidelines on how it should be used

Question 9

Bring your own device (BYOD) policy

Answer 9

▪ Allows employees to access enterprise networks and systems using their personal mobile devices

▪ Create a segmented network where the BYOD devices can connect to

Question 10

Remote access policy

Answer 10

A document which outlines and defines acceptable methods of remotely connecting to the internal network

Question 11

Onboarding and offboarding policy

Answer 11

Onboarding- A documented policy that describes all the requirements for integrating a
new hire into the company and its cultures

Offboarding- A documented policy that covers all the steps to successfully part ways with an employee who’s leaving the company

Question 12

Security policy

Answer 12

A document that outlines how to protect the organization’s systems,
networks, and data from threats

Question 13

Data loss prevention

Answer 13

▪ A document defining how organizations can share and protect data
▪ Data loss prevention policy minimizes accidental or malicious data loss
▪ Set proper thresholds for your DLP policy

Question 14

Physical network diagram

Answer 14

Shows the actual physical arrangement of the components that make up the network

Question 15

Logical network diagram

Answer 15

Illustrates the flow of data across a network and shows how devices
communicate with each other

Question 16

Wiring diagram

Answer 16

Labels which cables are connected to which ports

Question 17

Site survey report

Answer 17

Process of planning and designing a wireless network to provide the
required wireless solution

Question 18

Audit and assessment report

Answer 18

Delivered after a formal assessment has been conducted

o Executive summary
o Scope and objectives
o Assumptions and limitations
o Methods and tools
o Environment and system diagram
o Security requirements
o Findings and recommendations
o Audit results

Question 19

Baseline configurations

Answer 19

▪ Set of specifications for an information system, or a configuration item within a system, that has been formally reviewed and agreed on

▪ Changes will be properly tested and approved to be part of the new
baseline

Question 20

Non-disclosure agreement (NDA

Answer 20

Defines what data is confidential and cannot be shared outside of that
relationship

Question 21

Service-level agreement (SLA)

Answer 21

Documents the quality, availability, and responsibilities agreed upon by a service provider and a client