Ans: Confidentially, Integrity and Availability.
2). Least privilege /need-to-know basis
Ans: Giving someone the most limited access required to so they can perform their
job.
3). Defence in depth
Ans: Protecting a company's data with a series of protective layers.
4). Annual risk assessment
Ans: A risk register where the financial director will look at all of the risks associated
with money and the IT manager will look at all of the risks posed.
5). Annual security awareness training
Ans: Where you are reminded about what you should be doing on a daily basis to keep
the company safe.
6). Change advisory board (cab)
Ans: Assists with the prioritisation of changes.
7). Business continuity plan (bcp)
Ans: Contingency planning to keep the business up and running when a disaster
occurs, by identifying single points of failure.
8). Firewall rule
PaperStoc.com Page 1 of 96
, Ans: A rule in the firewall specifying if a connection is allowed or denied.
9). Antivirus/antimalware
Ans: Software or hardware that protects against or removes malicious software.
10). Screen saver
Ans: A feature that logs computers off when they are idle.
11). Screen filter
Ans: A device which prevents people from viewing your screen, while they are walking
past.
12). Closed circuit television (cctv)
Ans: Equipment used to record events through cameras and or sensors.
13). Log files
Ans: Text files that record events and times that occur.
14). Write-once read-many drive (worm)
Ans: A hard drive that can only be written to once, but read many times.
15). Fire suppression system
Ans: An oxygen suppressant system that starves a fire to prevent damage to
equipment.
16). Disable user accounts
Ans: When someones leaves a company, their account is disabled and password
changed immediately.
17). Operating system hardening
PaperStoc.com Page 2 of 96
, Ans: The operating system is fully patched, all unused features and services are
disabled.
18). Identification (access controls)
Ans: An identifying piece of information such as a number or list of characters.
19). Security identifier (sid)
Ans: An identifier, that is tied to an account.
20). Authentication (access controls)
Ans: The person making the request, is who they say they are.
21). Authorisation (access controls)
Ans: The amount of access given to a user.
22). New technology file system (ntfs)
Ans: A proprietary file system created by Microsoft.
23). Discretionary access control (dac)
Ans: A control system, that the user is only given access, that they need to perform
their job.
24). Full control (dac)
Ans: The user has full control.
25). Modify (dac)
Ans: The user can change, read and execute data.
PaperStoc.com Page 3 of 96
, 26). Read and execute (dac)
Ans: The user can read the data or run the program.
27). List folder contents (dac)
Ans: The user can see the directory and its subdirectories.
28). Read (dac)
Ans: The user can read the data.
29). Write (dac)
Ans: The user can write to the file.
30). Special permissions (dac)
Ans: The user has granular access.
31). Data creator/owner (dac)
Ans: The user has permission to get permissions for other users.
32). Mandatory access control (mac)
Ans: A classification of data based on how much damage it could cause.
33). Top secret (mac)
Ans: The highest level of damage.
34). Secret (mac)
Ans: Causes serious damage.
35). Confidential (mac)
Ans: Causes damage.
PaperStoc.com Page 4 of 96
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Academik001. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
