Operational Procedures Flashcards
Includes procedures and guidelines for use of network resources written in terms appropriate to the user’s access level and technological knowledge, such as password creation and responsible network use
Acceptable use policies (AUPs)
Govern codified expectations of user privacy and consent to security-based monitoring of user activity.
Privacy policies
Specify exactly what steps will be taken in response to a security incident, in order to minimize and repair damage without exposing the network to further risk.
Incident response policies
Specify the steps that will be taken to secure assets, protect staff, and maintain business operations in terms of natural or artificial disasters and disruptions.
Disaster planning and business continuity
Guidelines for updating policies and procedures to suit changing needs, without introducing new vulnerabilities.
Change management policies
Lists of step by step instructions to perform routine tasks.
Standard operating procedures (standing operating procedures in military organizations)
Regulations for all federal government agencies
FISMA
Regulations for patient data in health care systems
HIPAA
Regulations for corporate financial data
Sarbanes-Oxley (SOX)
Standards for systems handling payment card data
PCI-DSS
Network and system documentation
- Physical and logical diagrams of the network
- A list of IT assets including hardware and software
- Vendor documentation and configuration baselines
for listed assets - Vendor documentation for deployed assets
- Assigned MAC and IP addresses, and available IP
addresses
Managing IT inventory
IT asset management (ITAM)
A way to track all assets in an automated fashion.
configuration management database (CMDB)
The change management process
- Identification
- Change request
- Approval
- Preparation
- Implementation
- Follow-up
Authority to determine whether the request is reasonable and necessary, and to identify any oversights or errors the original proposal might have.
change advisory board (CAB)
A statement describing how management intends the organization is to be run
Policy
A description of best practices or recommendations for achieving a certain policy goal
Guideline
A technical definition of specific methodologies or requirements which are needed to satisfy policies
Standard
A specific and ordered instruction for complying with a particular element of a policy or standard
Procedure
Responding to an incident
Identify the problem
Report the incident
Preserve the data and devices involved in the incident.
Documenting incidents
- A general description of the incident
- The total impact of the incident, including its scope,
cost, and duration - Policies which may have been violated
- Problems with the response process
- Recommendations for preventing recurrence
The maximum expected amount of time needed to fully restore service after a disaster
RTO: Recovery time objective
The maximum period of data which will be lost in the case of a disaster
RPO: Recovery point objective
The average amount of time between when you install a device and when it will fail.
MTTF: Mean time to failure
The average amount of time a component or system can remain online before it needs to be taken down for repair
MTBF: Mean time between failures
The average amount of time a component or system will remain offline for repair in the event of a disaster
MTTR: Mean time to repair
The ability of a system to continue operating in at least partial capacity despite the failure of one or more components.
Fault tolerance
Preserve important files or folders so that they can be restored to the same or a different system when needed.
File level backups
Copy entire hard drives or other storage volumes, allows you to quickly restore a fully configured computer to an operative state.
Image level backups
Designed to back up application servers running database software or other critical, constantly running applications
Application-aware backups
Backs up all files that are included in the backup policy regardless of their archive bits, then clears the bit for all files
Full Backup
Backs up only files with a set archive bit, then clears the bit
Incremental Backup
Backs up files with a set archive bit, but does not clear the bit after
Differential
What are the three parts of first response when an incident occurs?
Identify
Report through proper channels
Data/device preservation
According to the A+ exam guide, what is the purpose of the chain of custody?
Tracking of evidence/documenting process
What does the acronym PCI denote?
Payment Card Industry
What does the acronym GDPR denote?
General Data Protection Regulation
Which documentation is maintained by hardware or software vendors?
knowledge base/articles
What should be documented to ensure that you can return to normal operations and reverse a change if a change does not work or causes problems?
backout plan
Which type of backup uses maximum disks and tapes for storing data?
Full backup
Which device contains a battery and Automatic Voltage Regulation (AVR) circuitry to protect a computer from power sags?
Uninterruptible Power Supply (UPS)
The average amount of time a component or system can remain online before it needs to be taken down for repair
Mean time between failures (MTBF)
The maximum period of data which will be lost in the case of a disaster
Recovery point objective (RPO)
The average amount of time between when a device is installed and when it will fail
Mean time to failure (MTTF)
The average amount of time a component or system will remain offline for repair in the event of a disaster
Mean time to repair (MTTR)
The maximum expected amount of time needed to fully restore service after a disaster
Recovery time objective (RTO)
