Exam (elaborations)
SBOLC Security Fundamentals Exam Review 2024
- Course
- Institution
SBOLC Security Fundamentals Exam Review 2024
[Show more]
Content preview
SBOLC Security Fundamentals ExamReview 2024
AUP - ANSWER-Acceptable Use Policy
-Defines the conditions in which company resources may be used
-Object-centric: authorization ground rules
BIA - ANSWER-Business Impact Analysis / Assessment
-Management tool that helps determine the financial impact of business or
organizational changes
-Going through an organization to determine financial impact of disruption or change
Botnet Attack - ANSWER--A network of compromised systems containing malware
which acts as a robot
-Take over multiple machines and allows you to communicate with the bots and exhaust
the victim of resources
Change Management - ANSWER--Policy that defines the formalized manners to
introduce transformations/change within the organization
-Documents and introduces change to the organization
-Change may introduce new risk
-Updates the baselines
Cold Site - ANSWER-Empty facility with established power, HVAC, and network
connectivity to the building
DAC Model - ANSWER-Discretionary Access Control Model
-Creator/owner decides access
-Network users have some flexibility regarding how information is accessed
-Vulnerable to social engineering attacks, example, Trojan horse attacks.
Data Controller - ANSWER-The person who controls the data being released
-Coud release data to a 3rd party and handles sensitive information internally
, Difference between Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP)
- ANSWER-DRP: Immediately invoked after a disaster, prioritizing the restoration
BCP: How to operate in a reduced state
DLP - ANSWER-Data Loss Prevention
-Security control that mitigates the accidental unauthorized disclosure of data
-Examples:
--Removing PII/PHI from emails
--Preventing the use of removable media (USB blocking)
--Preventing the uploading of sensitive company information to social media sites or
untrusted cloud services
Domain Hijacking - ANSWER--Unethical actor registers a web domain with a name very
similar to a legitimate organization
-comptia.org vs comtia.biz
-Unethical actor changes the Top Level Domain (TLD: .com/.org/.biz/etc.)
Entry Point Security Controls - ANSWER--Security cameras and CCTV
-Object detection
-Motion-sensitive
-Alarms and sensors
-Motion detection sensors
-Noise sensors
-Detect environmental changes
-Temperature sensors
-Moisture sensors
-Proximity cards and readers
Hash - ANSWER--A hash is a mathematical function that converts an input of arbitrary
length into an encrypted output of a fixed length
-Fixed link output (message digest)
Hot Site - ANSWER-Warm site capabilities plus established computer, servers, and
software
Hypervisor - ANSWER--Software component that enforces the sandbox security model
-Type 1 Hypervisor: Runs natively within the host's hardware (bare-metal)
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller CLOUND. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
80435 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now