1. Home
  2. Flashcards
  3. Preview

BEC 6 - Info Security & Availability

  1. What is the function of program-level information security policy
    • The "mission statement" for the IT security program.
    • Prescribes the need for information security
    • Delegates the creation and management to a role within the IT dept
  2. What is the function of the program-framework security policy
    • The IT security strategy.
    • Establishes the overall approach to computer security
    • Describes the elements and organization of the program
    • Includes issue-specific, such as cloud computing and
    • system-specific, such as payroll
  3. What is another name for topic-specific documents that describe overall requirements for info security
    Standards
  4. What is another name for system-specific documents that describe overall requirements for info security
    Baselines
  5. What are the min requirements for a strong password
    • Min of 8 characters
    • Contains the following 4 types of characters
    • ** uppercase
    • ** lowercase
    • ** numeric
    • ** ASCII
    • Does not contain personally identifiable info
  6. General controls to protect system info include...
    • systems development standards
    • security management controls
    • change management procedures
    • software acquisition, development, operations, and maintenance controls
  7. The function of application-specific controls to protect system info include...
    • Methods that prevent, detect, and correct transaction error and fraud
    • Designed to ensure accuracy, completeness, and validity of the info entered into the application
  8. The focus of a disaster recovery plan is to ensure...
    business continuity
  9. What are the steps in developing a disaster recovery plan
    • Assess the risks
    • Identify mission-critical applications and data
    • Develop a plan for handling the mission-critical applications
    • Determine and assign the responsibilities of the personnel involved in the plan
    • Test the disaster recovery plan
  10. What is a cold site
    An off-site location that has all the electrical connections and other physical requirements for data processing, but it does not have the actual equipment
  11. What is a hot site
    An off-site location that is fully-equipped to take over the company's data processing, including ready access to all back-up data
Author
BethM
ID
330577
Card Set
BEC 6 - Info Security & Availability
Description
Becker Review
Updated

  1. Home
  2. Flashcards
  3. Preview