policies to organizational security Flashcards
The _____ for a software product occurs when a product will no longer be produced or sold. These products are most likely to be replaced by a newer version or model.
end of life (EOL)
The _____ describes when a vendor will no longer support a product. As well, updates and patches will no longer be produced.
end of service life (EOSL)
A _____ is an outdated computing software or hardware that is still in use. Legacy systems generally receive no support or maintenance.
legacy system
_____ analysis is the process of gathering and analyzing data from social media platforms.
Social media
_____ identify the procedures and rules that an employee must abide by in an organization.
Rules of behavior
An _____ policy describes the purpose of a system and the responsibilities of users when accessing the system. An _____ policy contains a privacy statement informing users of what is considered private.
acceptable use
When an employee or contractor signs a _____, they are confirming they will not share confidential information with a third party. Signing such a contract legally protects internal intellectual property.
Non-Disclosure Agreement (NDA)
_____ refers to creating an account for the user to access the computer system with the appropriate privileges.
Identity and Access Management (IAM)
A _____ is an onboarding process that involves identifying the roles and permissions users need.
workflow
_____ is the process by which accounts are deleted or disabled. When personnel no longer need access to specific resources, permissions are withdrawn.
Offboarding
_____ is an account management practice that involves giving users permission to a resource for the duration of a specific project or a need-to-know situation.
Privilege bracketing
_____ is a Windows-specific function that prevents users from invoking administrative privileges without specific authorization.
User Account Control (UAC)
A _____ is a documented list of steps or actions used to perform a task to a specified and expected standard.
Standard Operating Procedure (SOP)
_____ is a mix of training techniques in the form of workshops, seminars, gamification, etc. to foster user engagement and retention.
Training diversity
_____ is a training technique to engage users by adding game-like elements to content to encourage participation.
Gamification
A _____ is a preliminary or exploratory agreement to express an intent to work together. _____ usually tend to be relatively informal and do not act as binding contracts.
Memorandum of Understanding (MOU)
A _____ is a formal agreement or contract that contains specific obligations rather than a broad understanding.
Memorandum of Agreement (MOA)
Analyze and select the statements that accurately distinguish the differences between Mean Time to Failure (MTTF) and Mean Time Between Failures (MTBF). (Select all that apply.)
MTTF should be used for non-repairable assets, while a server (repairable by replacing the hard drive) would be described with an MTBF.
MTTF and MTBF can determine the amount of asset redundancy a system should have.
A _____ is a contractual agreement setting out detailed terms (including support metrics) for future provided services.
Service Level Agreement (SLA)
An _____ is used when any federal agency interconnecting its IT system to a third-party.
Interconnection Security Agreement (ISA)
