BA 2010 1002 exam 2 Flashcards


Set Details Share
created 1 year ago by JimmyJeanShorts
13 views
updated 1 year ago by JimmyJeanShorts
show moreless
Page to share:
Embed this setcancel
COPY
code changes based on your size selection
Size:
X
Show:

1

Digital supply chain management

Managing the flow of goods and services through digital technologies

2

Id management

the process of managing and controlling the digital identities of individuals or entities accessing information systems, applications, or other resources

3

Authentication

the process of verifying the identity of a user or process

4

Authorization

what assets you are approved to access

5

Identity and Access management (IAM)

a specialty discipline within cybersecurity designed to ensure only the right people can access the appropriate data and resources

6

Access management

the practices and tools that monitor and manage network access

7

Identity governance

the act of using IT software and systems to manage user access and compliance

8

Identity provisioning

manages user accounts and ensures users have access to the right resources and are using them appropriately

9

Deprovisioning

the act of removing user access to applications, systems, and data within a network

10

Authorization management

the process of controlling access to assets / resources

11

MFA

Multi-Factor Authentication

12

Single Sign on

is an authentication method that enables users to authenticate with multiple applications and websites by using 1 set of credentials

13

Single Log off

the process of ending all sessions that SSO authenticated

14

Incident

an event that negatively affects IT systems and impacts on the business

15

Event

Any observable occurrence in the IT infrastructure

16

Disaster

a catastrophic event that will have great negative effect on IT systems and impact on the business

17

IRP preparation

This phase will be the workhorse of your incident response planning, and in the end, the most crucial phase to protect your business.

18

IRP identification

This is the process where you determine whether you’ve been breached. A breach, or incident, could originate from many different areas

19

IRP containment

Contain the breach so it doesn’t spread and cause further damage to your business

20

IRP eradication

Fixing the problem

21

IRP recovery

the process of restoring and returning affected systems and devices back into your business environment

22

IRP Lessons learned

A post-incident meeting with all stakeholders where you discuss everything that happened

23

Computer security incident response team

s a group of IT professionals that provides an organization with services and support surrounding the assessment, management and
prevention of cybersecurity-related emergencies, as well as coordination of incident response efforts

24

Incident response plan

The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of malicious cyber attacks against an organization's information systems

25

Disaster recovery plan

a formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents & business disruptions to ensure critical IT support systems are resumed quickly with minimal loss of data

26

RTO

recovery time objective

27

RPO

recovery point objective

28

MTBF

Mean time between failure

29

MTTR

mean time to repair

30

Auditing

verification activity of a process or system to ensure compliance to requirements

31

Data auditing

the assessment of data for quality throughout its lifecycle to ensure its accuracy and efficacy for specific usage

32

System auditing

the process in which an organization’s information systems and processes are tested to validate effectiveness, efficiency, and security

33

Access Auditing

discussing who has access to data

34

paper test

Team reads through the DRP and discusses validity

35

walkthrough

Group walks through a simulation DRP to identify any issues or needed modifications

36

simulation

Run a simulation disaster

37

parallel test

Recovery systems are tested while primary systems continue to run full workload

38

cutover

Primary systems are cut over to recovery systems

39

Centralized

an internal body that handles incident response for the entire organization

40

distributed

multiple incident response teams, with each one responsible for a physical location (e.g. branch office)

41

coordinated

a central incident response team that works together with distributed incident response teams

42

external audits

Audits you hire an auditing business to do an audit for you.

43

Internal audits

Audits that are done by employees for that business

44

SANS

1) preparation

2) identification

3) containment

4) eradication

5) recovery

6) Lessons learned

45

NIST

1) preparation

2) identification

3) containment, eradication, recovery

4) Lessons learned