Security + Certification In Organizational Security

The most recent backup is the son. After another backup is done, the son becomes the father and then the grandfather.

The Health Insurance Portability and Accountability Act (HIPAA) is a regulation that mandates national standards and procedures for the storage, use, and transmission of personal medical information. The Family Educational Rights and Privacy Act (FERPA) dictates that educational institutions may not release information to unauthorized parties without the express permission of the student or their parents. The Cyberspace Electronic Security Act (CESA) gives law enforcement the right to gain access to encryption keys and cryptography methods. The Gramm-Leach-Bliley Act requires financial institutions to develop privacy notices and notify customers that they are entitled to privacy.

A user management policy identifies the various actions that must occur in the normal course of employee activities. An administrative policy lays out guidelines and expectations for upgrades, monitoring, backups, and audits. A usage policy covers how information and resources are used. A security policy defines the configuration of systems and networks, including the installation of software, hardware, and network connections.

An archive is a collection of data that is removed from the system because it's no longer needed on a regular basis. A backup is a restorable copy of any set of data that is needed on the system. The other two choices are not relevant.

All of the choices listed are various types of access attacks. In an eavesdropping attack, the attacker listens in on or overhears parts of a conversation. In a snooping attack, someone looks through your files in hopes of finding something interesting. In a passive interception attack, someone routinely monitors network traffic. In an active interception attack, a computer is placed between the sender and receiver to capture information while it's sent.

Onsite storage refers to backup information stored locally; this is often the most recent set of backups.

RAID 1, mirroring, requires a minimum of two disks. RAID 0, disk striping, requires a minimum of two disks. RAID 3, disk striping with a dedicated parity disk, requires a minimum of three disks. RAID 5, disk striping with parity, requires a minimum of three disks.

A usage policy covers how information and resources are used. An administrative policy lays out guidelines and expectations for upgrades, monitoring, backups, and audits. A user management policy identifies the various actions that must occur in the normal course of employee activities. A security policy defines the configuration of systems and networks, including the installation of software, hardware, and network connections.

A service-level agreement (SLA) is an agreement between your company and a service provider stipulating the performance you can expect or demand from the vendor.

The common levels within an information policy are public (for all advertisements and information posted on the Web), internal (for all intranet-type information), private (for personnel records, client data, and so on), and confidential (PKI information and other restricted data).

A chain-of-custody policy should exist that defines the requirements, responsible parties, and procedures to follow after the collection of evidence. Preservation of evidence needs to happen, but it is not a policy in and of itself. An information retention policy details how long data is retained. A storage policy defines how information is stored.

A journaling file system contains a log file of all changes and transactions that have occurred within a set period of time.

An administrative policy lays out guidelines and expectations for upgrades, monitoring, backups, and audits. A usage policy covers how information and resources are used. A user management policy identifies the various actions that must occur in the normal course of employee activities. A security policy defines the configuration of systems and networks, including the installation of software, hardware, and network connections.

RAID 0, disk striping, requires a minimum of two disks. RAID 1, mirroring, requires a minimum of two disks. RAID 3, disk striping with a dedicated parity disk, requires a minimum of three disks. RAID 5, disk striping with parity, requires a minimum of three disks.

A due care policy identifies the level of care used to maintain the confidentiality of private information. A separation of duties policy is intended to reduce the risk of fraud and prevent losses in an organization. A document disposal and destruction policy is used to define how information that is no longer needed is handled. An incident response policy defines how an organization will respond to an incident.

The three key steps of the forensics process are acquiring the evidence, authenticating the evidence, and analyzing the evidence.

Availability of 99.999 percent is known as five nines availability.

A security policy defines the configuration of systems and networks, including the installation of software, hardware, and network connections. An administrative policy lays out guidelines and expectations for upgrades, monitoring, backups, and audits. A usage policy covers how information and resources are used. A user management policy identifies the various actions that must occur in the normal course of employee activities.

Mean Time Before Failure (MTBF) is a measure of the anticipated incidence of failure for a system or component. Mean Time To Repair (MTTR) is a measurement of how long it takes to repair a system or component after a failure has occurred. The other two choices do not represent metrics.

A hot site is a location that can provide operations within hours of a failure. A warm site provides some of the capabilities of a hot site but requires more work to become operational. A cold site is a facility that isn't immediately ready to use; you must bring along your own network and equipment. There is no such entity as a round site.

After replacing the failed drive, you would restore the full backup from Sunday. Following that, you would restore the most recent differential backup, which was done at 7 a.m. Wednesday.

During the evidentiary process, a forensics investigator must be able to prove that the data being presented as evidence is the same data that was collected on the scene.

The archive bit is turned off after a full or incremental backup. The archive bit is left on after a differential or daily backup.