Topic 7A

Question 1

Asset management

Answer 1

monitor for unauthorized activity, and identify potential vulnerabilities

ensuring that all devices and systems are appropriately secured, patched, and updated to mitigate the risks of cyberattacks

supports incident response activities, enabling security teams to quickly identify and isolate affected assets during a security incident

Question 2

An asset management process

Answer 2

tracks all the organization’s critical systems, components, devices, and other objects of value in an inventory.

It also involves collecting and analyzing information about these assets so that personnel can make informed changes or work with assets to achieve business goals.

Question 3

assignment/accounting

Answer 3

In asset management, processes that ensure each physical and data asset have an identified owner, and are appropriately tagged and classified within an inventory.

Question 4

Monitoring/asset tracking

Answer 4

Enumeration and inventory processes and software that ensure physical and data assets comply with configuration and performance baselines, and have not been tampered with or suffered other unauthorized access.

Question 5

Ways to perfrom asset enumeration:

Answer 5

Manual Inventory - manually taking inventory. More feasible in smaller companies. Involves physically inspecting assets, such as computers, servers, and network devices, and recording relevant information, such as serial numbers, make and model, and location.

Network Scanning - Nmap, Nessus, or OpenVAS, can automatically discover and enumerate networked devices, including servers, switches, routers, and workstations. These tools can identify open ports, services, and sometimes OS

Asset Management Software - Lansweeper, ManageEngine, or SolarWinds, can automatically discover, track, and catalog various types of assets, including hardware, software, and licenses. Creates a centralized dashboard

Configuration Management Database (CMDB) - centralized repository of information related to an organization’s IT infrastructure, including assets, configurations, and relationships

Mobile Device Management (MDM) Solutions - For organizations with a significant number of mobile devices, MDM solutions like Microsoft Intune, VMware Workspace ONE, or MobileIron can help enumerate, manage, and secure smartphones

Cloud Asset Discovery - With organizations increasingly adopting cloud services, cloud-native tools, such as AWS Config or Azure Resource Graph, or third-party solutions like CloudAware or CloudCheckr, can help discover and catalog assets deployed in the cloud.

Question 6

acquisition/procurement

Answer 6

Policies and processes that ensure asset and service purchases and contracts are fully managed, secure, use authorized suppliers/vendors, and meet business goals

Question 7

RFID tag

Answer 7

Used to identify a device for asset identification. Barcodes are also an option

is a chip programmed with asset data. When in range of a scanner, the chip activates and signals the scanner. The scanner alerts management software to update the device’s location.

Question 8

standard naming convention

Answer 8

makes the environment more consistent for hardware assets and for digital assets such as accounts and virtual machines.

The naming strategy should allow administrators to identify the type and function of any particular resource or location at any point in the configuration management database (CMDB) or network directory.

Question 9

Configuration management

Answer 9

ensures that each configurable element within an asset inventory has not diverged from its approved configuration

Question 10

Change control

Answer 10

The process by which the need for change is recorded and approved.

Question 11

change management

Answer 11

The process through which changes to the configuration of information systems are implemented as part of the organization’s overall configuration management efforts

Question 12

Critical capabilities for enterprise backup solutions typically include the following features:

Answer 12

Support for various environments (virtual, physical, and cloud)

Data deduplication and compression to optimize storage space

Instant recovery and replication for quick failover

Ransomware protection and encryption for data security

Granular restore options for individual files, folders, or applications

Reporting, monitoring, and alerting tools for effective management

Integration with popular virtualization platforms, cloud providers, and storage systems

Question 13

Data deduplication

Answer 13

Instead of storing multiple copies of the same data, deduplication stores a single copy and creates references or pointers to that copy for all other instances.

can be performed at different levels, such as file-level, block-level, or byte-level.

Question 14

Filesystem snapshots

Answer 14

like those provided by ZFS or Btrfs, capture the state of a file system at a given moment, enabling users to recover accidentally deleted files or restore previous versions of files in case of data corruption.

Question 15

SAN snapshots

Answer 15

are taken at the block-level storage layer within a storage area network. Examples include snapshots in NetApp or Dell EMC storage systems, which capture the state of the entire storage volume, allowing for rapid recovery of large datasets and applications.

Question 16

database mirroring

Answer 16

where an organization maintains primary and secondary mirrored databases.

Any changes made to the primary database are automatically replicated to the secondary database, ensuring data consistency and availability if the primary database encounters any issues.

Question 17

Journaling

Answer 17

records changes to data in a separate, dedicated log known as a journal.

It enables the system to identify and undo any incomplete transactions that might have caused inconsistencies, or replay transactions that occurred after the full system backup was

Question 18

Secure data destruction

Answer 18

At the end of a data retention period, organizations must destroy data in accordance with internal policies and external regulations while optimizing storage resources.

Legal and regulatory compliance, such as adhering to the General Data Protection Regulation (GDPR) or the Health Insurance Portability and Accountability Act (HIPAA), also requires the deletion or destruction of specific data when it is no longer needed or if requested by the data subject.

Periodically destroying obsolete or outdated data can help maintain efficient storage utilization and reduce the risk of data breaches.

Question 19

Asset disposal/decommissioning concepts

Answer 19

focus on the secure and compliant handling of data and storage devices at the end of their lifecycle or when they are no longer needed.

Question 20

Sanitization

Answer 20

Refers to the process of removing sensitive information from storage media to prevent unauthorized access or data breaches.

This process uses specialized techniques, such as data wiping, degaussing, or encryption, to ensure that the data becomes irretrievable

Question 21

Destruction

Answer 21

Involves the physical or electronic elimination of information stored on media, rendering it inaccessible and irrecoverable.

Physical destruction methods include shredding, crushing, or incinerating storage devices, while electronic destruction involves overwriting data multiple times or using degaussing techniques to eliminate magnetic fields on storage media.

Question 22

Destruction Certification

Answer 22

Refers to the documentation and verification of the data sanitization or destruction process.

This often involves obtaining a certificate of destruction or sanitization from a reputable third-party provider, attesting that the data has been securely removed or destroyed in accordance with industry standards and regulations.

Question 23

Configuration Item (CI)

Answer 23

an asset that requires specific management procedures to be used to deliver the service. Each CI must be labeled, ideally using a standard naming convention.

Question 24

Service assets

Answer 24

things, processes, or people that contribute to delivering an IT service.

Question 25

NTFS

Answer 25

New Technology Filing System

When activated, can become a journaling system providing logged changes

Question 26

CMDB

Answer 26

Configuration management database

self explanatory. Configuration items are stored here