The concept of ______________ states that individual personnel should have access to only the information that they require in order to perform their stated duties.
What is need-to-know
100
_______________ is used to control who and what can access specific business records.
What is Access management
100
A _____________ is a group of servers that logically functions as a single server.
What is cluster
100
__________________ensure the survival of business records even if malfunctions, errors, or disasters destroy original records.
What is Backups
100
The ____________________ of controls are detective, deterrent, preventive, corrective, recovery, and compensating.
What is categories
200
The concept ______states that users should have the fewest or lowest numbers of privileges required to accomplish their duties.
What is least privilege
200
_______________ governs the minimum and maximum periods of time that specific business records must be retained.
What is Records retention
200
A ________________ is an event that occurs in a cluster where the role of an active server is transitioned to another server in the cluster.
What is failover
200
_________________________ is the process of securely discarding data when it is no longer needed.
What is Data destruction
200
__________ protection ensures that the buildings, equipment, and systems used to operate the business are protected from harm, damage, or loss.
What is Resource
300
The concept of_____________ states that high-value or high-risk tasks should be designed to require two or more individuals to complete it.
What is separation of duties
300
A _______________ is an event in which some aspect of an organization’s security policy has been violated.
What is security incident
300
___________________facilitates the operation of multiple operating system instances running on a single server platform.
What is Virtualization
300
_____________________ has the capacity to disrupt the operation of user workstations as well as servers, which could result in loss or compromise of business information and the inability to access or process business information
What is Malware
300
_____________________ is a vulnerability management activity that is used to identify vulnerabilities in an application.
What is Application scanning
400
The concept of___________ moves individual workers through a range of assignments over time.
What is job rotation
400
A ________________ architecture is a system or application architecture that includes one or more of the following characteristics: fault tolerance, clusters, failover, and replication.
What is high availability
400
______________________ management is a collection of activities all concerned with the identification and remediation of vulnerabilities in an environment.
What is Vulnerability
400
___________________equipment enables workers not on physical premises to access network based resources such as file servers, applications, and internal web sites.
What is Remote access
400
_________ management is a vulnerability management activity that is used to identify important software patches and the systems and devices where they should be installed.
What is Patch
500
___________________ is the practice of assigning security levels and handling procedures to documents and databases.
What is Data classification
500
_______________devices typically are equipped with redundant components that can be changed while the device continues operating.
What is Fault tolerant
500
________________________________ is a vulnerability management activity that is used to identify active and exploitable ports and services on servers and network devices.
What is Penetration testing
500
The _________________ of controls are technical, physical, and administrative.
What is types
500
__________ management is an operations process where all changes in an environment are analyzed in a peer review process prior to implementation.