Shared Flashcard Set

Details

CISSP Sellers
V1D1
359
Accounting
Not Applicable
03/19/2017

Additional Accounting Flashcards

 


 

Cards

Term
HIPPA
Definition
Protection of Medical Records in transit and or stored
Term
Gramm-Leach Bliley Act (GLB)
Definition
Restricts what banks can use of your PII
Term
Children Online Protection Act
Definition
Under 13 (Preteen), Facebook
Term
Familey Education Privacy act
Definition
No release of transcripts students
Term
ISO 27001
Definition
Regulation for GOVERNANCE of Information Security
Term
ISO 27002
Definition
Information Sec CONTROLS
Term
SOX Act
Definition
Sarbanes Oxley Act, passed to prevent false reporting of financial data. Publicly trading Company
Term
ISO 27001
Definition
Adopts Management process
ongoing testing of controls
Term
Plan Do Check Act
Definition
Measure twice and cut once it's in reverse alphabetical order
Term
Payment Card Industry (PCI DSS) Data Security Standard
Definition
Not a US Law, Anything it touches should be in compliance. Everything under the merchants control
Term
How to maintain a vulerablity management program
Definition
Use and regularly update anti-virus software program
Term
PCI-DSS stuff that business can't collect and keep as it prertains to credit card transactions
Definition
Full track data
CVC Pin number
PIN number (Card
Term
Due Care (Negilence)
Definition
Act on proper (Planning)
Term
Due Diligence
Definition
Proper preparation (Planning)
Term
Negligence
Definition
Duty , Breach of Duty, Causation, Damages
Term
US Prudent Person Rule
Definition
Perform duties sensible
Term
Breach of Contract (Contract Law)
Definition
Not Punitive Damages
Term
Normal Civil Law
Definition
Preponderance of Evidence (51/49%)
Term
Fraud Cases
Definition
Clear and Convincing (75/25%)
Term
Criminal Case
Definition
Beyond reasonable doubt (95/100%)
Term
Auditing
Definition
Compliance levels (pin testing/vul testing) KPI (Key performance Indicator)
KGI (Key Goal Indicator)
Term
KPI (Key Performance Indicator)
Definition
Current Compliance
Term
KGI (Key Goal Indicator)
Definition
Future Compliance
Term
Best way to stop a data breach
Definition
Limit the amount of PIIor DATA received
Term
PII
Definition
Anything you can use to identity someone
Term
OECD (Organization Economical Fair Information Practice
Definition
Trans border data flow of PII
Term
4th Admentment
Definition
Not businesses only Cititizens
Term
NDA's
Definition
Businesses expectations for Privacy
Term
Acceptable Use Policy
Definition
How the business deals with your private information
Term
Breach of Data Reportable
Definition
Management will report or not (was it actally breached)
Term
copyright
Definition
first sale (allowed to sale what you bought)
Fair use (Non profit/educational use only)
Term
trade secrets
Definition
don't register, last for a lifetime
Term
WTO question
Definition
focused on commercial rentals, who they can rent to
Term
DRM (Digital Rights Management)
Definition
Protects digital content (Data in Use)
Term
Control (Data in Use) Benifet
Definition
prevents the user from printing document
Term
Wassenaar Arrangement
Definition
For countries who don't allow data encyrption.
encryption for personal use only not companys
Term
Safe Harbor
Definition
Permits US based org to cerifty themselves properly handling of european peoples pii.
Term
ISC2 Code of Ethics Canons
Definition
Know them all
Term
Laws
Definition
Prohibited by society
Term
ethics
Definition
Socially acceptal
Term
Org security Documets
Definition
Policies, standards, procedures, guidlines
Term
Standards
Definition
Rules
Term
Procedures
Definition
Step by steps instructions in a given situation
Term
Guidlines
Definition
Recommendations only
Term
PolicY
Definition
Must be followed, binding mandatory
Term
Standards
Definition
Rules, mandatory
Term
Guidlines
Definition
non-binding, recommendations only, not mandatory
Term
Documentation v/s Non-documentation
Definition
go though the procedure
Term
4 things Mgt to risk
Definition
transfer/SLA's
accept/
migitgate/Controls
avoid/get
Term
Memorandum of Understanding/MOU
Definition
Used to support SLA/ISA and Not binding
Term
ISA
SLA
Definition
Interconnection security agreement/binding
Service Level Agreement/binding
Term
Contractor controls
Definition
Onsite assessment
Document Review
Process/Policy Review
Term
Someone in a police uniform
Definition
Social Engineering
Term
MiM Passive
Definition
Sniffing and taking it offline to analyze, not replaying
Term
MiM Active
Definition
Sniffing and Replaying (credentials involved)
Term
CRacker
Definition
Criminal Hacker (BLack Hat) for personal gain
Term
Script Kiddies
Definition
Unskilled attacker using hacking tools (scripts) created by others
Term
Hacktivist
Definition
blackhat hacker for political reasons
Term
Gray Hat Hacker
Definition
skilled hackers security research without permission no malichous intent
Term
Advanced Persistant Threat APT (mole)
Definition
foothold and wait, foreign gov
Term
Risk Analysis
Definition
Identify threats, events and vulnerablitlity
Term
Quantitative
Definition
Management needs monetary value to make decision
Term
First step in Qualitiative or Quanitative Risk Analysis
Definition
Asset value
Term
Single Lose Expectancy
Definition
Asset value X Exp Factor(%loss if event occurred)
Term
Annualized Loss Expectancey
Definition
SLE x How many in a year
Term
Low Risk Impact
Moderate
Hight
Definition
Limited
Serious
Sever/Catastrophic
Term
Residual Risk
Definition
risk after countermeasures or safeguards
Term
Total Risk
Definition
any risk before controls
Term
Accepted Risk
Definition
chooses not to impliment risk based on total dollar/risk
Term
Appropriate Response to Risk (Management)
Definition
Mitigate-Reduce/control risk
Accept Risk-live with it
Risk Transferance-SLE or Insurance
Avoidance-Change the activety that causes risk
Term
NIST RMF Framework
Definition
Categorize
Select
Implement
Assess
Authorized
Monitor
Term
Four Common Control Types
Definition
Administrative/directive
Term
Threat modeling
Definition
Prioritize Identified Risk
Term
STRIDE threat modeling stands for.
Definition
Spoofing, Tampering, Repudiation, Information Disclosure (stuff left in code), Denial of Service, Elevation of Privelage
Term
bUSINESS iMPACT analysis Steps
Definition
Dermine Mission/Business processes that are critical
Identify Resource Requirements
Identify recovery priorities for systems
Term
Quality Control
Definition
Based on internal standards
Term
Quality Assurances
Definition
meets predetermined external policies
Term
Applications whitelisting trans
Definition
Enforcement(Block)
Audit
Term
protect solid state drives from
Definition
destroy it
Term
Magnetic Media destroy data
Definition
erase
zero
deguase
destroy
Term
what is a way to erase data in cloud envir
Definition
encrypt it and throw away the key
Term
symetric
Definition
same key (1 key) for encrypt and decrpt
AES (any algorith with a S in name or abbreviation) (Robert exception) R starts not symetric
Term
asymetric
Definition
A means NOT one key two keys, public and private.

ECC, GMAL, RSA, DIFF Helman
Public key is only for encrypting
Term
AES comes in 3 sizes for the KEY
Definition
128, 192, 256. Block sized 128 bits
Term
What is an advantage to Link encryption?
Definition
encrypts All data along a route
Term
PGP-Pretty Good Privacy
Definition
Email security self authentication users create there own. built on own Web of trust not CA
Term
S/SMM
Definition
elimates email spoofing
Term
Hashing
Definition
MD5 (128bits), SHA1 (160 bits)
Can't de-hash something. Signature. reflexts what's actually in the message.
Term
Rainbow table
Definition
pre-computed list of pre-hashed passwords
Term
SALT
Definition
adding a random varible to hash to change the hash
Term
Birthday attack
Definition
23 people in a room greater than 50% chance that they have the same birthday.
Term
RSA ECC El-GAmal, Diffied Hellman (Asymetrical Encyrption
Definition
REED
Term
Symetric Keys use what type
Definition
AES
Term
Defactor Symetric Key
Definition
AES
Term
AES drawback
Definition
initial key exchange
Term
Triple DES is more powerful then DES
Definition
Yes 3 keys (3Rounds of Encyrption/Decryption)
Term
Meet in the Middle (Triple DES)
Definition
Only talks about triple des 1st and 3rd keys are sniffed
Term
DES
Definition
Obsolete/broken symmetric Algorithm
Term
Cypher block chaining
Definition
frequency anylisis
Term
symetric encryption
Definition
confidentiality not
Term
all algorithms
Definition
Blocks (AES 128bit size),
Term
RC4
Definition
Bit Encypher
Term
How many keys are in Asymetric Encrypted
Definition
Public key is used for encrypting, private key used for decrypting
Term
HTTPS standard uses RSA Assmetric encryption
Definition
PKI uses RSA encyrption for certificates
Term
ECC used for Smartphones
Definition
Term
PKI issues
Definition
Term
Hybrid
Definition
taking a asymetric key and exchanging a symeteric key
Term
Online certificates S protocol
Definition
Term
Perfect Foward Secrecy
Definition
only used 1 session
Term
entropy
Definition
more randomness of numbers
Term
x509v3
Definition
standard format for certificates
Term
Registration Authority
Definition
verifies identy
Term
Certificate Authorities
Definition
Public Outside sell/issue (verisign), Private make your own, not valid online
Term
what goes in the Certificate Revocation List
(suspended/revoked only)
Definition
Certificate Serial Number
Term
DoS for user to bank
Definition
hack CRL list and paste user cert serial number in it.
Term
MofN
Definition
1/3rd of key given out (split knowledge)
Term
OCSP & CRL
Definition
Validation Athorities
Term
RSA
Definition
Used for PKI
Term
El gumal
Definition
digital signature
Term
Diffi Helmman
Definition
IPSEC
Term
IPSEC has how many modes
Definition
2
Transport
Tunnel
Term
how many phases in IPSEC
Definition
IKE phase 1, IKE phase 2
Term
2 Layers of IPSEC
Definition
Layer 2, Layer 3
Term
IPSEC made of 2 protocols
Definition
L2F & L2TP (PPTP)
Term
IPSEC is a VPN
Definition
Term
IPSEC
Definition
a way to send info from one location to another in secret
Term
IPSEC tunneling protocol
Definition
L2TP
Term
sending data using IPSEC privately on your own network uses which mode
Definition
using transport mode
Term
Sending data over internet using IPSEC uses what mode
Definition
Tunneling Mode
Term
ESP mode
Definition
NOT THE Header
Term
AH
Definition
Hashed whole header with packet
Term
ESP only
Definition
transport
Term
encrypting for IPSEC (ESP)
Definition
is Layer 3
Term
IKE
Definition
Internet Key Echange
Term
IKE phase 1
Definition
exchange session key (setup secure channel)
Term
IKE phase 2
Definition
setup encryption type
Term
what a key exhange for IPSEC
Definition
Diff Hellman
Term
Quantum Key Crytography
Definition
photons to do key exchange, only for key exchange (diffie hellman
Term
Port 20-21 FTP
Definition
File Transfer Protocol
Term
22SSH-23TELENET
Definition
TELNET/ SSH (Encryption on Layer 7)
Term
ESP encyrption is on what layer
Definition
layer 3
Term
Ports 80/443
Definition
HTTP/HTTPS
Term
Ports 53
Definition
DNS
Term
Ports 67
Definition
DHCP
Term
Port 3389
Definition
RDP (Remote Desktop Protocol)
Term
Brute force attack
Definition
always successful but not quick, youll die before it happens
Term
what is cypher text only
Definition
attacker captures cypher text only
Term
Birthday attack
Definition
Term
RC4 is bit not block cypher
Definition
Yes
Term
MD5 "D" Digest/Hash
Definition
Digest is another name for HASH
Term
Message authentication without Asymmetric encryption
Definition
Message Authenication Code (MAC/HMAC)
Term
Is there integrety in encryption
Definition
yes implicet
Term
Verification means it meets specifications
Definition
Term
Validation means it solves a real world problem
Definition
Term
What are the phases of Systems engineer process lifecycle
Definition
Concept of Op, req and Artch, Det Design, Implement, Integrate test verification, System verifcation and validation, Op and Maint
Term
Framework for Enterprise Security Architechure
Definition
SABSA
Term
Place security from the beginning
Definition
Term
Subject/Objects
Definition
Users/Resource
Term
Lattis based security Model
Definition
Deals with Mandatory Access Control (MAC)
Term
Matrix Models Rows are Capability Table,
Definition
Matrix Columns are Objects
Term
reading and writing data from one level to next
Definition
Beba
Term
Bell LaPadula deals with Confidentuality only
Definition
True, Lattus Based (MAC Model)
Term
Simple Security Property
Definition
deals with reading not writing
Term
* Property LaPadula
Definition
Can't write down star is writing
Term
Strong * Propety of LaPadula
Definition
read up read down write up or write down.
Term
Biba is what type of model
Definition
Integrity (NO WURD-WriteUpReadDown)
Term
Invocation Property
Definition
Users at one level can't even request service from someone at a higher level
Term
Simple/Reading
Star/Writing
Definition
Term
Bib
Definition
Term
Bibi Model-No WURD write down
Bella LaPadula Model WDRU
Definition
Term
Clark Wilson Model Integrity calls for
Definition
Well Formed Transactions
Seperations of Duty
Term
Brewer Nash Model (Competition)
Definition
Dynamic Rules
No Conflict of Intrist
Term
Common Criteria
Definition
Protection Profile Document
Term
What is the name of the object your making meet the protection profile
Definition
Target of Evalutation
Term
Evaluation Assurance Level
Definition
EAL- F&F
Term
Security Peremeter
Definition
Boundary around a trusted protected mechanism
Term
Race Condition
Definition
Problem with Multiple thread processing
Term
HAL Hardware Abstraction Layer
Definition
Term
where is HAL implemented
Definition
Operation system software
Term
what enforces security inside of a computer system
Definition
Security COL
Term
Mandatory Vacations enforce Job Rotation
Definition
Term
maintenance hook
Definition
code written with backdoor
Term
Internet Messaging
Email
Definition
Mobile Code is used
Term
How do you ensure a software company that goes out of business doesn't leave your company who bought there software from leaving you high and dry?
Definition
Make a copy of the software and put it in escrow
Term
Covert Timing Channel
Covert Storage Channel
Definition
Stretch time to allow them to get in
Hiding on someone else channel reading data
Term
Joint tenants
Definition
important when deciding best facility location
Term
how to mitigate threat at active user station
Definition
disable portable device inputs
Term
CPTED
Definition
Crime Prevention through environment design
Term
Deter, Detect, Delay, Respond
Definition
Four D's
Term
Bollards
Definition
Cement Pillars to stop someone from raming the facilty
Term
Guards offer dicernment
Definition
Guards and Dogs Difference
Term
Authentication Types
Something you know Type 1
Something you have Type 2
Something you are Type 3
Definition
Type 3 is the best
Term
Guards are more expensive then dogs
Definition
Discernment is why you select guards v/s dogs
Term
CCT needed in BCD
Definition
blind spots, cash, doors
Term
Data centers should be located where in building
Definition
Core(center) of the facility not on top floor or in basement
Term
anylizing the questions eliminate the wrong answers
Definition
Slow down and anylize the questions
Term
Definition
PLC used industrial
Term
Fire extingisures PLEM
Definition
Paper, Liquid, Electric, compustable metals
Term
Facility Control Summary
Definition
Administrative, Technical, Physical KNOW THEM
Term
ARP and Reverse ARP
Definition
Layer 2
Term
OSI Model
Definition
Term
logical link controller
MAC
Definition
layer two sublayer
Term
Cabling
Definition
Layer 1 in OSI Model
Term
coaxal (analog)
fiber optic
twisted pair
Definition
Broadband (more than one signal on one line)

Ethernet connection
Term
bottom floor
Other floor wiring closets
Definition
Main Distribution Frame
Intermediate distribution frame
Term
Fiber is immune to efi/rfi
Definition
Term
NO T in Cable 100Base -**T**
Definition
fiber
Term
base band
Definition
one signal on line
Term
broadband
Definition
multiple signals on line (multiplexing)
Term
crosstalk
Definition
two cables talking to each others
Term
single fiber goes farther
Definition
Term
synchronious Transmission
Definition
doesn't use start and stop bits (stream of data)uses external clock with data
Term
asynchronous
Definition
uses start stop bit
Term
Unicast
Definition
one to one
Term
multicast
Definition
one to select few (IGMP)
Term
broadcast
Definition
one to everyone
Term
anycast
Definition
one to closest one
Term
Bus Network
Definition
multiple points of failure
Term
star
Definition
single point of failure
Term
ring
Definition
multiple points of failure
Term
Aplication Protocol Interface API
Definition
layer 7
Term
SNMP, install a agent
Definition
Layer 7, Agent software on device
Term
socket
Definition
IP address plus port number
Term
segments, packets, frames, bits
Definition
4, 3, 2, 1
Term
flow control done on which layer
Definition
transport layer
Term
Christmas tree attack (flags)
Definition
done on transport layer
Term
IP Header is on what layer
Definition
Network
Term
IPv4 IP Address bit length
Definition
32 Bits, 8 in each octet
Term
IPv4 Classes
Definition
A-1-126
B 128-191
c 192-223
D 224
Term
Private IP address/internal network only
Definition
10.xxx.xxx.xxx
172.16.xxx.xxx-172.31.xxx.xxx
192.168.xxx.xxx
Term
APIP
Definition
Automatic Private IP Address
169.254.xxx.xxx (sign of no DHCP)
Term
Local Loopback
Definition
127.0.0.1
Term
N.H.H.H Class A Network name and Computer Number
N.N.H.H. Class B Network Name and Computer Number
N.N.N.H ClassC Network Name and Computer Number
Definition
Term
ICMP (ping)is on what layer of OSI Model
Definition
Layer 3 Network
Term
Routers breakup broadcast domain
Definition
Switches breakup collision domain
Term
ARP (Layer 2)
Definition
IP address to Mac address
Term
Reverse ARP (Layer 2)
Definition
MAC to IP Address
Term
Frame Relay is on which Layer of OSI
Definition
Layer 2
Term
803.3 LLC, 803.2
Definition
Layer
Term
PDU Protocol Data Unit
Definition
Encapsulated on Layer 4,3,2
Term
802.3x
Definition
ethernet
Term
509.3x
Definition
certificates
Term
Private Address of IPv6
Definition
Link Local starts with FE80:
Term
Public Address of IPv6
Definition
<2000-2999
Term
how many block in IPv6
Definition
8 (16bits in each block)
Term
ICMP is not a snch flood (TCP/UDP attack)
Definition
on layer 3
Term
Utility Control System, Supervisor Control Systems,
Definition
Term
VOIP
Definition
Unsecure
QoS (traffic Shape)
SIP (session Initiation protocol)
RTP (Real Time Transfer Protocol)
Term
Attacks
Definition
Sniffing Eavesdropping
SPIT (Spam over IT)
SPIM (Spam over Internet Messaging)
Vishing
Fishing-Email
Pharming-DNS
Term
wireless (only to tower or ap)
Definition
802.11
802.11i
Term
Direct Seq Spread Spectrum (DSSS) wireless uses how much of the bandwidth
Definition
All of it
Term
Freq hopping spread spectrum (FHSS)
Definition
uses only part of the bandwith
Term
WEP wireless uses and why it's bad
Definition
RC4
Initialation vector
Key was short (64 bit)
Term
WPA
Definition
128 bit key
TKIP (renegotiate keys every hour)
problem (RC4 is used also)
Term
WPA 2
Definition
802.11i
uses AES 256 bit
Term
802.1x
Definition
Radius
Term
802.1q
Definition
VLAN
Term
rogue access point
Definition
different ssid used to steal bandwith
unauthorized device on a network
Term
evil twin
Definition
same ssid ap
Term
DNS poisoning
Definition
DNS Sec Dig Signatures
Term
block zone transfer
Definition
TCP port 56
Term
DDOS Distributed Denial of Service
Definition
Botnets, Handles, zombies
Term
DDOS
Definition
looks like common network commo
Term
Blue Snarfing /steal
Blue jacking /send
Definition
stealing info
sending spam
Term
tcp wrapper
Definition
linux software based firewalls
Term
Packet filtering firewall (ACL)
Definition
L3 packet filtering(uses access control list filtering)
doesn't care about content
Term
Dynamic Stateful firewall
Definition
operates on multiple layers (3,4,5)
Term
Application Layer Firewall
Definition
do deep packet inspection
(performance suffers from lag)
Term
Anonymizer proxy
Definition
hides real senders ID
Term
(TOR)Onion Browser
Definition
hides your ip address
Term
Hardened (Endpoint Security)
Definition
Do every conceivable to it to secure it
Term
Bastion Host (usually inside DMZ)
Definition
Host that has been hardened
Term
dual homed host
Definition
Computer with two NIC's
to isolate traffic from internet
Problem accidentally internal routing of the two NIC cards
Term
DMZ
Definition
area between trusted and untrusted network, Packet filtering firewall, Honeypot
Term
Honeytoken
Definition
just alert someone is in the DMZ
Term
screened subnet
Definition
two routers
Term
Detection system
Prevention system
Definition
only detects
Can detect and block
Term
IDS anyomoly based
Definition
behavior, downfalls, prevent good things
Term
IDS Signature Based
Definition
compares to known attack signatures, downfall outdated people get throught
Term
Host based detection system
Definition
can only detect unencrypted traffic
Term
packet switching
Definition
bad-not get every packet in sequence
Term
CHAP
Definition
Challenge Han shake Authentication Protocol
Term
Extensible A Protocol
Definition
works with radius 802.1x
Term
last mile
Definition
distance between local internet to your building
Term
CSU/DSU (Converter box used in the last mile)
Definition
csu on providers side
dsu connects on cutomer side
Term
Packet switching con
Definition
packets show up out of sequence
Term
Frame Relay
Definition
PVC SVC
Term
Symmetic DSL
asymetric dsl
Definition
same up and down speed
fast down slow up
Term
SONET
Definition
over the ocean Fiber
Term
Anything that has a S is symetric including the Robert rule RC5
Definition
Term
BIBA NO WURD BellaLaPulla NO WDRU
Definition
Term
802.1x
802.1q
Definition
RADIUS
VLAN (Logically Segmented not Physically)
Term
DNS
Definition
Term
Hypervisor Type 1
Hypervisor Type 2
Definition
Cloud (NO OS)
OS home
Term
VDI Virtual Desktop Infrastruction
Definition
thin client and OS hosted one central/cloud server
Term
vm escape
Definition
virus breaking out of vm into os
Term
cloud bursting
Definition
moving data from private cloud to public cloud (Hybrid Cloud)
Term
sofware defined network
Definition
using computer as router, switches, etc v/s hardware
Term
Administrative Control
Definition
Managment
Term
Technical (Logical Controls)
Definition
Term
physical
Definition
card
Term
Id, authentication, authorized, account
Definition
Term
LDAP
Definition
directory service (native LDAP Con-Password is sent in cleartext)
Term
injection attacks
Definition
usually on databases
Term
Kerberos
Definition
symmetric keys (confidentiality?integrity)port 123 NTP (time stamp)
subject to brute force attack since all users info is on one server
Term
x509v3
Definition
certificates
Term
Definition
Anti Tampering Device
Term
Smart card attack
Definition
Microprobing
Term
biometric things needed to set it up
Definition
acceptability, enrollment, throughput, cost, accuracy
Term
exact match biometric
Definition
replay attack on bio metric (normal is usually threshold 75%)
Term
type 11 error
Definition
false Acceptance Rate
Term
type 1 error
Definition
false reject rate
Term
crossover Error Rate
Definition
type 1 equals type 2 errors
Term
soap
Definition
simple object access protocol (object languages)
Term
SAML
Definition
Term
Federated ID management SSO
Definition
Portable ID Accross buisness boundries
Term
SAML assertion
Definition
Security Assersion markup langage
Term
Federated ID online
Definition
OAuth 2.0 (Access Tokens used for authorization)
Term
Discretionary Access Control
Definition
Owner sets permission
Term
Mandatory Access Control (lattic based)with Labels
Definition
Strongest form of Access conrol (Bibba/Bella Lapadula)
Term
Role Based Access Control
Definition
Based on users/roles (Separation of Duties)
Term
Rule Based Access Control
Definition
Packet filtering ACL
Term
Keyboard is not a technique to restric Access Control Technique
Definition
Menus, Shells, Database views, physically constrained, Encryption
Term
subject/role/user-capability (row)
Objects/file-access control list (colum)
Definition
Term
Security Test/Assess
Definition
Design and validate assessment and test strategies
Term
Auditing
Definition
Form of integrety, software, logs, etc.monitoring the controls
Term
Categorize
Select baseline controls
Implement the controls
assess/test control
authorized
monitor the security controls
Definition
Term
two types of databases
Definition
object and relational
Term
Object databased
Definition
No seq lang between you and database
Term
Relational Database
Definition
Term
ACID Test
Definition
Atomicity
Term
Ediscovery
Definition
Term
Is a Supervisor a Administrative Control
Definition
Yes
Term
IC2 Business Continnuty Plan
Definition
NIST contingency plan
Term
Planning/preparation is a function of Due Diligence
Definition
Term
Acting on the plan/preparation is Due Care
Definition
Term
Critical IT functions moved/transferred to alternate site for up to 30 days
Definition
COOP
Term
Occupant Emergency Plan
Definition
security of the people
Term
BRP Business Resumption Plan
Definition
To restore everything back to original site
Term
First thing you do in Incident Response
Definition
Follow the freaking plan
Term
when is the disaster over
Definition
when you have moved back to original site or a new permanent site
Term
no single point of failure
Definition
Term
MTBF (Mean time before falure)
Definition
how long before equip go down, manufacture should provide
Term
MTTR (Mean time to repair)
Definition
How long to get it repaired
Term
Which RAID uses interleaving
Definition
Raid 5
Term
Load Balancing v/s Server
Definition
LB on frontend of network
Server on Backend
Term
COOP
Definition
Moving everything/mangement HQ to alternated site
Term
If a there is a disaster Rescue Team (First REsponders)
Definition
First Responders/Understand priority
Term
Recovery team moves everything to alt site
Definition
Term
Salvage Team try to fix original site
Definition
Term
BCP/DRP Testing
Definition
Checklist
Performing Walkthru
Conducting Simulations (scenarios)
Parallel Testing (testing alt site
Full Interruption testing (shutdown and relocate all resources) Most costly best way to prepare
Term
How often should a DRP tested
Definition
Annually
Term
DR priority
Definition
1st protect people
2nd get it assets up and running
Term
Three phases following disruptioin
Definition
Notificaton/Activation after Disaster Delcared
Recovery Phase
Reconstitution
Move most critical moved first
Term
Occupant Emergency Plan (OEP)
Definition
Who works with OEP and forensics: rescue team
Term
CERT team (Computer Em Response Team)is
Definition
Rescue team
Term
who is responsible for implementing the COOP
Definition
Recovery team
Term
business resumption plan
Definition
Term
Spiral Software development method
Definition
Requires a Risk Analysts in each spiral
Prototyping
Supporting users have an ad free experience!