Prevent Flashcards

1
Q

PR.AC-1

A

Identities and credentials are managedfor authorized devices and users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

PR.AC-2

A

Physical access to assets is managed and protected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

PR.AC-3

A

Remote access is managed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

PR.AC-4

A

Access permissions are managed, incorporating the principles of least privilege and separation of duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

PR.AC-5

A

Network integrity is protected, incorporating network segregation where appropriate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PR.AT-1

A

All users are informed and trained

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

PR.AT-2

A

Privileged users understand roles & responsibilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

PR.AT-3

A

Third-party stakeholders (e.g., suppliers, customers, partners) understand roles & responsibilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

PR.AT-4

A

Senior executives understand roles & responsibilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

PR.AT-5

A

Physical and information security personnel understand roles & responsibilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PR.DS-1

A

Data-at-rest is protected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

PR.DS-2

A

Data-in-transit is protected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

PR.DS-3

A

Assets are formally managed throughout removal, transfers, and disposition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

PR.DS-4

A

Adequate capacity to ensure availability is maintained

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

PR.DS-5

A

Protections against data leaks are implemented

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

PR.DS-6

A

Integrity checking mechanisms are used to verify software, firmware, and information integrity

17
Q

PR.DS-7

A

The development and testing environment(s) are separate from the production environment

18
Q

PR.IP-1

A

A baseline configuration of information technology/industrial control systems is created and maintained

19
Q

PR.IP-2

A

A System Development Life Cycle to manage systems is implemented

20
Q

PR.IP-3

A

Configuration change control processes are in place

21
Q

PR.IP-4

A

Backups of information are conducted, maintained, and tested periodically

22
Q

PR.IP-5

A

Policy and regulations regarding the physical operating environment for organizational assets are met

23
Q

PR.IP-6

A

Data is destroyed according to policy

24
Q

PR.IP-7

A

Protection processes are continuously improved

25
Q

PR.IP-8

A

Effectiveness of protection technologies is shared with appropriate parties

26
Q

PR.IP-9

A

Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed

27
Q

PR.IP-1

A

: Response and recovery plans are tested

28
Q

PR.IP-1

A

: Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening)

29
Q

PR.IP-1

A

: A vulnerability management plan is developed and implemented

30
Q

PR.MA-1

A

Maintenance and repair of organizational assets is performed and logged in a timely manner, with approved and controlled tools

31
Q

PR.MA-2

A

Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access

32
Q

PR.PT-1

A

Audit/log records are determined, documented, implemented, and reviewed in accordance with policy

33
Q

PR.PT-2

A

Removable media is protected and its use restricted according to policy

34
Q

PR.PT-3

A

Access to systems and assets is controlled, incorporating the principle of least functionality

35
Q

PR.PT-4

A

Communications and control networks are protected