Security Policies Flashcards

1
Q

Order of Volatility

A

Most volatile to least volatile:
Data in cache memory, data in RAM, a paging file, data stored in local disk drives, logs stored on remote systems, archive media

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IRP

A

Incidence Response Plan. Provides more detail than the Incidence Response Policy. Provides formal, coordinated plan personnel can use when responding to an incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

ISA

A

Interconnection Security Agreement.
Specifies technical and security requirements for planning, establishing, maintaining, and disconnecting a secure connection between two or more entities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SLA

A

Service Level Agreement.
Agreement between a company and a vendor that stipulates performance expectations, such as minimum uptime and maximum downtime levels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

MOA/MOU

A

Memorandum of agreement or Memorandum of Understanding.
Expresses an understanding between two or more parties indicating their intention to work together toward a common goal. Often used to support an ISA. Doesn’t include details. Less formal than a SLA and doesn’t include monetary penalties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

BPA

A

Business Partners Agreement.
Written agreement that details the relationship between business partners, including obligations toward the partnership. Identifies shares of profits or losses that each partner will take. What happens if a partner chooses to leave the partnership.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AUP

A

Acceptable Use Policy.

Defines proper system usage or the rules of behavior for employees when using IT systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Mandatory Vacations

A

Help detect when employees are involved in malicious activity such as fraud or embezzlement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Separation of Duties

A

Prevents any single person or entity from being able to complete all the functions of a critical or sensitive process. Designed to prevent fraud, theft and errors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly