Print Options

Font size:

← Back to notecard set|Easy Notecards home page

To print: Ctrl+PPrint as notecards

BA 2010 1002 exam 2

1.

Digital supply chain management

Managing the flow of goods and services through digital technologies

2.

Id management

the process of managing and controlling the digital identities of individuals or entities accessing information systems, applications, or other resources

3.

Authentication

the process of verifying the identity of a user or process

4.

Authorization

what assets you are approved to access

5.

Identity and Access management (IAM)

a specialty discipline within cybersecurity designed to ensure only the right people can access the appropriate data and resources

6.

Access management

the practices and tools that monitor and manage network access

7.

Identity governance

the act of using IT software and systems to manage user access and compliance

8.

Identity provisioning

manages user accounts and ensures users have access to the right resources and are using them appropriately

9.

Deprovisioning

the act of removing user access to applications, systems, and data within a network

10.

Authorization management

the process of controlling access to assets / resources

11.

MFA

Multi-Factor Authentication

12.

Single Sign on

is an authentication method that enables users to authenticate with multiple applications and websites by using 1 set of credentials

13.

Single Log off

the process of ending all sessions that SSO authenticated

14.

Incident

an event that negatively affects IT systems and impacts on the business

15.

Event

Any observable occurrence in the IT infrastructure

16.

Disaster

a catastrophic event that will have great negative effect on IT systems and impact on the business

17.

IRP preparation

This phase will be the workhorse of your incident response planning, and in the end, the most crucial phase to protect your business.

18.

IRP identification

This is the process where you determine whether you’ve been breached. A breach, or incident, could originate from many different areas

19.

IRP containment

Contain the breach so it doesn’t spread and cause further damage to your business

20.

IRP eradication

Fixing the problem

21.

IRP recovery

the process of restoring and returning affected systems and devices back into your business environment

22.

IRP Lessons learned

A post-incident meeting with all stakeholders where you discuss everything that happened

23.

Computer security incident response team

s a group of IT professionals that provides an organization with services and support surrounding the assessment, management and
prevention of cybersecurity-related emergencies, as well as coordination of incident response efforts

24.

Incident response plan

The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of malicious cyber attacks against an organization's information systems

25.

Disaster recovery plan

a formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents & business disruptions to ensure critical IT support systems are resumed quickly with minimal loss of data

26.

RTO

recovery time objective

27.

RPO

recovery point objective

28.

MTBF

Mean time between failure

29.

MTTR

mean time to repair

30.

Auditing

verification activity of a process or system to ensure compliance to requirements

31.

Data auditing

the assessment of data for quality throughout its lifecycle to ensure its accuracy and efficacy for specific usage

32.

System auditing

the process in which an organization’s information systems and processes are tested to validate effectiveness, efficiency, and security

33.

Access Auditing

discussing who has access to data

34.

paper test

Team reads through the DRP and discusses validity

35.

walkthrough

Group walks through a simulation DRP to identify any issues or needed modifications

36.

simulation

Run a simulation disaster

37.

parallel test

Recovery systems are tested while primary systems continue to run full workload

38.

cutover

Primary systems are cut over to recovery systems

39.

Centralized

an internal body that handles incident response for the entire organization

40.

distributed

multiple incident response teams, with each one responsible for a physical location (e.g. branch office)

41.

coordinated

a central incident response team that works together with distributed incident response teams

42.

external audits

Audits you hire an auditing business to do an audit for you.

43.

Internal audits

Audits that are done by employees for that business

44.

SANS

1) preparation

2) identification

3) containment

4) eradication

5) recovery

6) Lessons learned

45.

NIST

1) preparation

2) identification

3) containment, eradication, recovery

4) Lessons learned