SSCP
RAID 0
A RAID array in which every time data is written to disk, a portion (block) is written to each disk in turn, creating a "stripe" of data across the member disks. RAID 0 uses the total disk space in the array for storage, without protecting the data from drive failure. (2)
What kind of control is IDP considered
A technical control
RAID 5
A technique that stripes data across three or more drives and uses parity checking, so that if one drive fails, the other drives can re-create the data stored on the failed drive. RAID 5 drives increase performance and provide fault tolerance. Windows calls these drives RAID-5 volumes.
RAID 1
Also called mirroring, this RAID array type provides fault tolerance because all the data is written identically to the two drives in the mirrored set. (2)
Governing body for change management efforts
Change Control Board
Who should be appointed to manage policies and procedures related to change managemment?
Change Manager
What tenant of CIANA+PS does Wireshark violate when used maliciously?
Confidentiality
Which of the following actions might be taken as a part of a business continuity plan?
Got this wrong, answer was: Implementing RAID. RAID technologies provide fault tolerance for hard drive failures and is an example of a business continuity action.
You are concerned about the availability of data stored on each office's server. You would like to add technology that would enable continued access to files located on the server even if a hard drive server fails. What integrity control allows you to add robustness without adding additional servers?
Got wrong. RAID uses additional hard drives to protect the server against the failure of a single device.
There are historical records stored on the server that are extremely important to the business and should never be modified. You would like to add an integrity control that allows you to verify on a periodic basis that the files weren't modified. What control can you add?
Got wrong. Should be hashing. Hashing allows you to computationally verify that a file has not been modified between hash evaluations.
What isn't a crucial element of a change request?
Incident Response Plan
Earliest stage a fire can be detected
Incipient
What security control can provide the strongest defense against buffer overflow attacks?
Parameter checking
What type of fire suppression system fills with water when the initial stages of a fire are detected and then requires a sprinkler head heat activation before dispensing water?
Preaction fire suppression
Under what type of software license does the recipient of the software have an unlimited right to copy, modify, distribute, or resell a software package?
Public domain
When introducing a patch, an admin is concerned that the new patch will introduce new flaws, she wants to test if this will happen. What is this called?
Regression Testing
How can Jack best ensure accountability for actions taken on systems in his environment? A Log review and require digital signatures for each log. B Require authentication for all actions taken and capture logs centrally. C Log the use of administrative credentials and encrypt log data in transit. D Require authorization and capture logs centrally
Require authentication for all actions taken and capture logs centrally
SCIF
Sensitive Compartmented Information Facility
When a manager and other manager need to approve a request for access before it goes through, what is this considerd
Two-person control
RAID 10
a combination of RaID 1 and RaID 0 that requires at least four disks to work as an array of drives and provides the best redundancy and performance.
RAID 2,3,4
arrays that are striped in different ways. Obsolete
