IS Chapter 7

Ace your homework & exams now with Quizwiz!

What is the general rule for illumination (foot candles of light at a height), around a building?

2x8

Which fence may not keep determined attackers out of the area; however, the difficulty of overcoming a barrier of this height will serve as a deterrent for most people?

5 to 6 feet

What is the process of blocking known applications, services, traffic, and other transmission to and from your systems?

Blacklist

What are obstacles designed to stop a vehicle? They are strategically placed to provide a physical barrier. They may be as simple as a concrete post or large concrete planters. Designs that are more sophisticated might include carefully planted trees and even sculptures designed to withstand impact.

Bollards

What is the record of evidence history from collection, to presentation in court, to return or disposal?

Chain of custody

What encompasses a series of process phases that are used to ensure that a system's confidentiality, integrity, and availability (CIA) triad is well maintained?

Change Management

Which gate would be used at a warehouse property entrance not intended to serve the general public?

Class III: Industrial

Which alternate site is a predetermined alternate location where a network can be rebuilt after a disaster? This site can be a space in a facility with appropriate power, environmental controls, and communications facilities? To use this site, an organization should order and install new hardware, transport the data and software to the location, hook up communications, and then begin operation.

Cold site

Who tries to uncover digital data such as emails or erased files?

Computer Forensics Analyst

What tool can automatically inventory and keep track of hardware and software assets on the network, including versions and licensing?

Configuration Management (CM)

What is a central repository that stores information about all the significant items in your IT environment?

Configuration Management Database (CMDB)

What is a strategy for making sure that users do not accidentally or deliberately send sensitive information outside the organization? The products are software based solutions that help the network administrator control what data end users can and cannot transfer to others. The solution monitors, detects, and blocks data that you categorize as sensitive.

Data loss prevention (DLP)

Which backup copies all modifications since the last full backup to the backup media. It does not turn off the archive bit; over a period between full backups, the amount of media required for this backup continues to grow.

Differential backup

What is a mechanism that uses steganographic techniques to embed data within media to enforce copyright protection?

Digital watermarking

What is a policy that defines how people and resources will be protected in case of a natural or man-made disaster, and how the organization will recover from the disaster?

Disaster Recovery Plan (DRP)

What is the most important aspect of data leakage prevention? Any time a user attempts to send an email, upload a file, post to a website, or any other activity that could potentially send data out of the organization, the action is temporarily blocked while undergoing analysis. If the activity fails the data leakage test, the activity is permanently blocked and the attempt, including the user's identification, is logged. The system can also be configured to send an alert to the user's manager, describing the blocked attempt.

Egress monitoring

What is the process of looking for, locating, securing, and searching through electronic data in the hopes of finding evidence that can be used in a civil or criminal trial?

Electronic discovery (e-discovery)

Which is NOT an incident response team role and responsibility?

External audit

IDS/IPS has four points of concern, in which does the alarm not sound even though there is an actual incident?

False negative

What is a decoy computer used to distract would-be hackers from attacking the real network?

Honeypot

What keys that have chips embedded provide higher levels of protection? The lock can recognize the key and provide access control decisions based on user, time, and more.

Intelligent keys

What is a common technique to minimize fraud and abuse? If one person stays in a single position for too long without oversight, it is very common for that person to begin to abuse their privilege. If a user with privileged access knows that someone else will come in behind them, accessing and managing the same systems, any fraud or misuse will be exposed.

Job rotation

In physical security, what is a mechanism that begins from the perimeter and continues inward through the building grounds, entry points, and interior of the building?

Layered protection

What is one of the most foundational concepts of security? Giving a user exactly what they need to do their job, and no more.

Least privilege

What includes an analysis of security events and incidents that can provide insight into directions you may take to enhance security for the future?

Lessons learned report (LLR)

Which RAID level is the mirroring or duplexing of data on drives for redundancy? In mirroring, the two disks share a drive controller. In duplexing, each disk has its own drive controller, so the controller card does not impose a failure. Data is written to both halves of the mirror simultaneously.

Level 1

Which RAID level striping of the data and the parity information spread across all drives for redundancy, it tolerates a single drive failure without forcing a recovery?

Level 5

Which alarm system is mostly used in residential homes?

Local activation/remote response

What is a physical entry portal with two doors, one on each end of a secure chamber? An individual enters a secure area through an outer door. The outer door must be closed before an inner door can open. Identity is sometimes verified before an individual enters the secure area through the first door, and other times while they are confined to the secure area between the two doors.

Man traps

What is the longest period of time that a business outage may occur without causing serious business failures?

Maximum Tolerable Downtime (MTD)

What is the average time taken for a business to recover from an incident or failure?

Mean time to recovery (MTTR)

Which investigation seeks to discover the root cause of why or how something happened within an organization so that updated controls can be put in place?

Operational

What is the primary goal of physical security?

Personnel safety

Which is NOT one of the four basic steps of an investigative technique?

Prosecute

Which security operation theme must protect a wide range of assets and resources, from data to equipment to human?

Protect Valuable Assets

What perimeter intrusion detection system (PIDS) emits a calculable electrical field while in use? Also called a capacitance detector, it measures the change in the electrical field.

Proximity detector

What recovery strategy a standing agreement with a competitor to allow each other to run reduced operations at the other's location?

Reciprocal agreement

What is the point in time, relative to a disaster, where the data recovery process will begin?

Recovery Point Objective (RPO)

What is the length of time within which normal business operations and RTOs activities can be restored following a disturbance?

Recovery Time Objective (RTO)

What is used to provide better disk performance or data redundancy?

Redundant Array of Independent Disks (RAID)

Which is NOT a short-term response approach?

Relocation

What is the final part of disaster recovery, and should be part of the disaster recovery plan?

Restoration

Which is NOT a common rule of evidence admissibility?

Reusable

What seeks to uncover that ultimate cause of an incident?

Root cause analysis

What surveillance type is an effective, rapid response mechanism against trespassers or other disturbances? They are helpful in identifying threats to alert security guards who need to respond. While they cannot actually remove suspicious individuals, they employ scare tactics that encourage intruders to vacate the premises or delay escape until the guards can respond to a particular situation.

Security dogs

What is a common technique to limit how much power a single user has? The goal is to require at least two people to perform a complete cycle of a task. This means that malicious activity would require collusion between at least two people. It also minimizes mistakes by preventing the same people who created or implemented something from auditing or testing it.

Separation of duties

What is a disk-performance-enhancement feature in which data is spread across multiple drives to improve read and write access speeds?

Striping

Which disaster recovery plan (DRP) test type specifically focus on each DRP process phase? Planners and testers address the individual steps to validate the logical flow of the sequence of events.

Structured Walkthrough

Which alternate site is a location that is dormant or performs non-critical functions under normal conditions, but which can be rapidly converted to a key operations site if needed?

Warm site

Communications teams must be able to notify stakeholders; unions are NOT one of these stakeholders?

false


Related study sets

Microsoft Power BI 70-778 Certification Exam

View Set

Rev. Dr. Martin Luther King Jr. - Why We Celebrate Dr. King's Birthday

View Set