Network Plus Chapter 12 – Flashcards
Unlock all answers in this set
Unlock answersquestion
True
answer
The first step in asset management is to inventory all the components on the network.?
question
True
answer
Cipher locks are not designed for physical security, such as on an outside door.
question
False
answer
Any device in an ICS that is motorized and can control the physical system is called a fieldbus.
question
True
answer
Every security policy should include a response policy, which specifically defines the characteristics of an event that qualifies as a formal incident and the steps that should be followed as a result.
question
False
answer
The first step of a response policy should be to secure the area.?
question
I/O server ?acquisitions server
answer
A server that collects and stores raw data, and connects to field devices from which it receives raw data and passes data on to other SCADA systems, is known as what two terms below??
question
?open loop system ?closed loop system
answer
What two methods might be used by an ICS to control a physical system??
question
?downgrading ?backleveling
answer
A rollback is also known by what two terms below??
question
?eDiscovery ?electronic discovery
answer
?What two terms describe the process that can reveal a great deal of information, called ESI (electronically stored information)?
question
?active data ?ambient data
answer
eDiscovery and computer forensics reveal what two different types of data??
question
?150 m
answer
?An active card, which contains an internal battery, can provide a usable range of up to what distance?
question
?patch
answer
What type of software is a correction, improvement, or enhancement to a piece of software??
question
?ambient data
answer
?In computer forensics, hidden data such as deleted files and file fragments are known as what term?
question
dispatcher
answer
Which team role is the person on call who first notices or is alerted to a problem??
question
manager
answer
What team member role coordinates the resources necessary to solve a problem??
question
?technical support specialist
answer
What team member role focuses on only one thing: solving the problem as quickly as possible??
question
?public relations specialist
answer
What team member role, if necessary, learns about the situation and the response and then acts as official spokesperson for the organization to the public or other interested parties??
question
?Attempt to access files to determine if they are compromised
answer
Which of the following is NOT a step that should be taken as part of a ?response policy?
question
Determine if escalation is necessary
answer
What should be the first step of a response policy??
question
hot site
answer
At what type of recovery site would computers, devices, and connectivity necessary to rebuilt a network exist, and all are appropriately configured, updated, and connected to match your network's current state??
question
warm site
answer
Which type of recovery site is a place where computers, devices, and connectivity necessary to rebuild a network exist, with some pieces ?appropriately configured, updated, or connected?
question
cold site
answer
Which type of disaster recovery site is a place where the computers, devices, and connectivity necessary to rebuild a network exist, but they are not appropriately configured, updated, or connected?
question
?biorecognition access
answer
What type of physical security solution involves a device that scans an individual's unique physical characteristics??
question
maintenance window
answer
The time period in which a change can be implemented is known as what option below??
question
?proprietary source code
answer
When performing inventory on software packages, which of the following is not something that should be inventoried??
question
DMZ
answer
In order to provide access to a historian by personnel working on the corporate network that are not authorized to work on the ICS network, where should the historian be placed??
question
A centralized database of collected and analyzed data and control activities.
answer
What is a historian??
question
?degausser
answer
What type of device can be used to erase contents of a hard drive using a magnetic field??
question
Pull the power cable
answer
If a destructive program is running that might be destroying evidence, what should be done??
question
legal hold
answer
Upon receipt of what type of notification is a company required to activate a defensible policy for the preservation of relevant data??
question
Faraday cage
answer
A ______________ is an enclosure made of a conductive material that is designed to block electromagnetic signals, including Wi-Fi.?
question
testing lab
answer
A _____________ is a small network that is segmented from the rest of the network, and contains computers, called test beds.?
question
service pack
answer
Microsoft sometimes releases a major group of patches to Windows or a Microsoft application, which it calls a __________________.
question
business continuity
answer
The goal of a disaster recovery plan is to ensure ______________.?
question
computer forensics
answer
________________ is a process of investigating deeper data on a computer and will essentially autopsy the computer to discover hidden data, such as deleted files and file fragments, and who has accessed that data and when.
