2.3 Security, Privacy, Policies and Procedures

Descripción

Compare security, privacy, policies and procedures based on organizational requirements.
DJ Perrone
Fichas por DJ Perrone, actualizado hace más de 1 año
DJ Perrone
Creado por DJ Perrone hace alrededor de 7 años
13
1

Resumen del Recurso

Pregunta Respuesta
What is a top-down business approach? Where the management initiates, supports and directs the security program.
What is a bottom-up business approach? Where staff members develop a security program prior to receiving direction and support from management.
What is legal advocacy? The process carried out by or for an org that aims to influence public policy, economic and social systems and institutions.
What does the Sarbanes-Oxley (SOX) act affect? - Any organization that is publicly traded. - Regulates accounting and financial reporting.
What does the Health Insurance Portability and Accountability (HIPPA) act affect? - Health care facilities, health insurance companies and healthcare clearing houses. - Provides standards for storing medical information and healthcare data.
What is an RA? Risk Assessment
What does an RA provide? Tool used in risk mangement to identify vulnerabilities and threats and assess their impact.
How many steps are part of an RA and what are they? - 4 steps - Identify assets and asset value - Identify vulnerabilities and threats - Calculate threat probability and business impact - Balance threat impact with countermeasure cost.
What is an SOA? Statement of Applicability
What does an SOA provide? Identifies the controls chosen by an organization and explains how and why the controls are appropriate.
What is BIA? Business Impact Analysis
What does a BIA provide? A functional analysis that occurs as part of business continuity and disaster recovery.
How many steps are part of a BIA and what are they? - 4 Steps - Identify critical processes and resources - Identify outages impacts and estimate downtime - Identify resource requirements - Identify recovery priorities
What terms define how critical an asset is? -MTD - MTTR - MTBF - RTO - WRT - RPO
What does MTD(MPTD) stand for? - Maximum Tolerable Downtime - Maximum Period Time of Disruption
What is MTD? The maximum amount of time that an org can tolerate a single resource being down.
What does MTTR stand for? - Mean Time To Repair
What is MTTR? The average time required to repair a single resource or function when a disaster occurs.
What does MTBF stand for? - Mean Time Between Failures
What is MTBF? The estimated amount of time a device will operate before failure occurs. - Calculated by device vendor.
What does RTO stand for? Recovery Time Objective
What is RTO? The shortest time period after a disaster which a resource or function must be restored to avoid unacceptable consequences. - Should be smaller than MTD
What does WRT stand for? Work Time Recovery
What is WRT? The difference between RTO and MTD.
What does RPO stand for? Recovery Point Objective
What is RPO? The point in time to which the disrupted resource must be returned.
What are the organizational resource importance levels? - Critical - Urgent - Normal - Non essential
What is an Interoperability Agreement (IA)? An agreement to allow information exchange between two or more organizations.
What is an Interconnection Security Agreement (ISA)? An agreement between two organizations laying out the detail for connecting IT systems.
What is split knowledge? When two or more people are required to complete a certain task.
What is DAC? Discretionary Access Control - Lets people control access to content they own.
What is RBAC? Role Based Access Control - Separates responsibilities based on assigned roles.
What are 6 steps on the Incident Response plan? - Detect - Respond - Report - Recover - Remediate - Review
Mostrar resumen completo Ocultar resumen completo

Similar

Operadores Python
Giovanni Sanhuez
ESTILOS DE ARQUITECTURA
andres silva a
Compás de 4/4
mariajesus camino
Escuelas de la Comunicación
nathalieramirez9
CLASIFICACIÓN DE LAS EMPRESAS
ivon nieto
Matematicas exanii-ii
Monica Sanchez8667
AMBIENTES VIRTUALES DE APRENDIZAJE (AVA)
naansara1993
LA INDEPENDENCIA DE ESTADOS UNIDOS
ROSA MARIA ARRIAGA
Enlaces Químicos
Camila Barbosa
CLASIFICACIÓN DE LOS SERES VIVOS
pochopupi4802
ANATOMÍA...
Ulises Yo