RFI Flashcards
Bit-copy-tool
Creates bit for bit copy and hashes the contents.
Integrity
Preservation of internal and external consistency
Config management ensures…
Changes do not adversely affect the orgs security policy
What determines how often to change a crypto key?
Confidential importance of the info being protected
Cloud deployment model types…
Public, Private, Community,
Dynamic password
Changes at every logon
Best practices are…
Suggestions. Not reasons for constructing policy
Continuous monitoring involves
Policy, process, and technology used to detect risk.
Nontechnical means to enforce security
Training
Gov’t classification levels
Unclassified, sensitive but unclassified, confidential secret, top secret
“Classified” is not a level.
Every policy should have an…
Enforcement statement
Primary security categories (3)
Prevention, Detection, Recovery
Are biometrics an authentication factor or Accountability
Authentication
Kerberos can use…
Symmetric keys
Certificate contains which key?
Public key
x509 certificate fields
Issuers ID, Subjects public key, Subjects x500 name
RPO belongs to which plan
BCP (not DRP)
Change control process ensures changes are correct or effective?
Correct
Tokens generate…
passwords that authenticate
Qualitative impact analysis identify…
Areas for immediate improvement
Account control triple
Prevention, detection, reaction
Functional IR Team
Members from different departments that can bring expertise to a specific type of IR
What is a Security Kernel
HW, firmware, and SW elements of a TCB that implement a reference monitor concept.
Criteria that must be met by the organization
Standards
