CISSP Concept study 6

151 what is need to know?
need to know is the requirement to have access to , knowledge of or possession of data or a resource in order to perform specific work tasks.

152 what principle states that users should be granted the least amount of access to the secure environment as possible for them to be able to complete their work tasks?

Principle of least privilege

153 what are due care and due diligence?
due care is using reasonable care to protect the interest of an organization.
Due diligence is practicing the activities that maintain the due care effort.

154 how are security and illegal activities related?
A secure environment should provide mechanism to prevent the committal of illegal activities, which are action that violate a legal restriction, regulation, or requirement.

155 With what level of security precautions should backup media be treated?
Backup media should be handled with the same security precautions as any other asset with the same data classification.

156 what are the goals of managing backup media?
preventing disclosure, destruction, or alteration

157 what are the processes that can e applied to used media in order to prepare them for reuse in various environments?

Erasing, clearing, and overwriting media that will be used in the same classification environments; purging, sanitization, and degaussing if media is used in different classification environments
purge --清除
sanitization--处理
degaussing -- 消磁


158 what are the five classifications of security control types?
Directive, preventative, detective, corrective, and recovery.

什么是五个级别的安全控制类型？
指令，预防，侦测，纠正，并恢复。

159 what is the purpose of auditing?
to ensure compliance with security policy and to detect abnormalities,
unauthorized occurrences, or outright crimes
以确保遵守安全政策和检测异常，
未经授权的情况发生，或直接罪行

160 what types of activities are labeled as auditing?
Recording of event/occurrence data, examination of data, data reduction, use of event/occurrence alarm triggers, log analysis, logging, monitoring, using alert, intrusion detection

记录的事件/发生的数据，检查数据，数据压缩，请使用事件/事件触发报警，日志分析，记录，监测，使用警报，入侵检测

161 what is the purpose of compliance testing? 兼容性测试
To ensure that all of the necessary and required elements of a security solution are properly deployed and functioning as expected
为了确保所有必要的和必要的组成部分是正确的安全解决方案部署和运作不如预期

162 how are audit trails used?
to reconstruct an event, to extract information about an incident, to prove or disprove culpability
审计跟踪是如何使用？
重建一个事件，提取信息的事件，以证明或推翻有罪

163 what types of activities can be used as penetration tests?
war dialing, sniffing, eavesdropping, radiation monitoring, dumpster diving, social engineering, port scanning, ping scanning
哪些类型的活动可作为渗透测试？
战争拨号，监听，窃听，无线电监测，翻垃圾堆，社会工程，端口扫描，ping扫描

164 what are some ways to keep inappropriate content to a minimum?
address the issue in the security policy, perform awareness training, use content filtering tools to filter or word content
有什么方法来使不适当的内容降到最低限度？
解决这一问题的安全政策，执行意识的培训，使用的内容过滤工具，来筛选或文字内容

165 why is it important to protect against resource waste?
if the storage space, computing power, or networking bandwidth capacity is consumed by inappropriate or non-work-related(non-profit-producing) data, the organization loses money.
以防止资源浪费为什么很重要？
如果存储空间，运算能力，或网络带宽的能力是消费的不适当或与工作无关（非营利生产）的数据，该组织在赔钱。

166 why is it important to protect against privilege abuse?
it can cause the disclosure of sensitive information, violating the principle of confidentiality.
为什么它很重要，以防止滥用特权？
它可能导致泄露敏感信息，违反了保密原则。


167 what countermeasure are moderately effective against errors and omissions?
Input validators and user training
什么对策是适度有效地打击错误和遗漏？
输入校验器和用户培训

168 how can you protect data against fraud and theft?
the use of access controls ( auditing and monitoring , for example) reduce fraud and theft
你怎么能保护数据免受诈骗和盗窃？
使用访问控制（审计和监测，例如）减少欺诈和盗窃

169 what are some safeguards against sabotage?
Intensive auditing, monitoring for abnormal or unauthorized activity, keeping lines of communication open between employees and managers, and compensating and recognizing employees for excellence.

有哪些保障措施，防止破坏行为？
强化审计，监测异常或未经授权的活动，维持员工和管理人员之间的畅通的通信线路，并认可卓越雇员。

170 why isn't there an effective direct countermeasure against the threat of malicious hackers or crackers?

most safeguards and countermeasures protect against one specific threat or another, but it is not possible to protect against all possible threats that a cracker represents

为什么不能有一个有效的直接对策的威胁，恶意黑客或破解？
最安全保障和防范措施的一个具体的威胁或其他，但它是不可能的，以防止一切可能的威胁，黑客代表

171 what is malicious code?
malicious code is any script or program that performs an unwanted, unauthorized, or unknown activity on a computer system


172 true or false? Senior management should be included in the BCP process from the beginning?
True

173 what resource is in greatest demand during the BCP testing, training, and maintenance process?
manpower
什么是最大的资源需求的BCP测试，培训和维修程序？
人力资源

174 what type of decision making is mainly concerned with metrics such as dollar values and downtime?
quantitative

什么样的决策，主要是关注的指标，如资金投入和停机时间？
定量

175 what Business Impact Assessment variable is used to describe the longest period of time a resource can be unavailable without causing irreparable harm to the business?
Maximum tolerable downtime(MTD)
什么商业影响评估的变数是用来描述时间最长的资源可以使用，而不会造成不可弥补的损害的业务？
最高可承受停工（最大耐受量）