CIS211 Review Questions
List and describe the choices an organization has when setting policy about how to employ digital forensics.
-Protect and forget (patch and proceed): defense of data and systems that house, use, and transmit it -Apprehend and prosecute (pursue and prosecute): identification and apprehension of responsible individuals, with additional attention to collection and preservation of potential EM that might support administrative or criminal prosecution
What minimum attributes for project tasks does the WBS document?
-Work to be accomplished (activities and deliverables) -The people or skill sets assigned to perform the task -Start and end dates for the task, when known -Amount of effort required for completion, in hours or work days -Estimated capital expenses for the task -Estimated noncapital expenses for the task -Identification of dependencies between and among tasks
List and describe the "Seven Major Sources of Physical Loss."
1. Extreme temperature: heat, cold 2. Gases: war gases, commercial vapors, humid or dry air, suspended particles 3. Liquids: water, chemicals 4. Living organisms: viruses, bacteria, people, animals, insects 5. Projectiles: tangible objects in motion, powered objects 6. Movement: collapse, shearing, shaking, vibration, liquefaction, flow waves, separation, slide 7. Energy anomalies: electrical surge or failure, magnetism, static electricity, aging circuitry; radiation: sound, light, radio, microwave, electromagnetic, atomic.
What tasks must be performed when an employee prepares to leave an organization?
Access to the organization's systems must be disabled. -Removable media must be returned. -Hard drives must be secured. -File cabinet locks must be changed. -Office door locks must be changed. -Keycard access must be revoked. -Personal effects must be removed from the organization's premises. -After the employee has delivered keys, keycards, and other business property, he or she should be escorted from the premises.
What are the requirements for a policy to become enforceable?
Distributed: It must be made available to the employee. Reviewed: It must be in a format the employee can understand. Comprehension: Must show that the policy is understood by the employee. Common ways include a test or answering questions to prove they comprehend. Agreed to: The employee must agree to the policy (i.e. with a signature or digital approval etc.) Equally enforced: must be able to demonstrate that the policy has been uniformly enforced, regardless of employee status or assignment.
One of the first components of risk identification is identification, inventory, and categorization of assets, including all elements, or attributes, of an organization's information system. List and describe these asset attributes.
People - Employees and non-employees Procedures - IT & Business standard procedures IT & Business sensitive procedures Data - In all states: Transmission, processing and storage Software - Applications, OSs & security components Hardware - System devices & peripherals, security devices, networking components
Describe symmetric and asymmetric encryption.
asymmetric encryption - A cryptographic method that incorporates mathematical operations involving both a public key and a private key to encipher or decipher a message. Either key can be used to encrypt a message, but the the other key is required to decrypt it. Symmetric encryption - A cryptographic method in which the same algorithm and secret key are both used to encipher and decipher the message.