StudyXY
RegisterLog in
Information Technology /Security+ (SY0-701): Lesson 15: Risk Management Part 3

Security+ (SY0-701): Lesson 15: Risk Management Part 3

Information Technology30 CardsCreated about 2 months ago

This deck covers key concepts and metrics related to risk management, including business impact analysis, recovery objectives, key performance indicators, and third-party risk assessments.

PrintEmbedImportReport

Define 'Business impact analysis (BIA)'

A process that helps businesses understand the potential effects of disruptions on their operations.
Tap or swipe ↕ to flip
Swipe ←→Navigate
SSpeak
FFocus
1/30

Key Terms

Term
Definition
Define 'Business impact analysis (BIA)'
A process that helps businesses understand the potential effects of disruptions on their operations.
How is business impact analysis (BIA) performed?
Identifying and assessing the impact of various unplanned threat scenarios on the business, such as accidents, emergencies, and disasters.
What is the outcome of performing business impact analysis (BIA)?
To proactively create recovery strategies to minimize the impact of disruptions and ensure operational resilience.

What four metrics help determine mission critical functions?

  1. Maximum tolerable downtime (MTD)

  2. Recovery time objective (RTO)

  3. Work Recovery Time (WRT)

  4. Recove...

Define the 'Maximum tolerable downtime (MTD)' metric
The longest period that a process can be inoperable without causing irrevocable business failure; Max amount of recovery time that system and asset ow...
What is a typical maximum tolerable downtime (MTD) for a mission critical process?
Could be 24hrs or less.
Log in to view all terms

Related Flashcard Decks

Information Technology

Security+ (SY0-701): Additional Knowledge

This flashcard set explores various cybersecurity topics including credential-stuffing attacks, data classification (e.g., private data), and key disaster recovery metrics like RTO. It also highlights protective measures such as hashing for data integrity, automation support challenges, and the use of URL scanning in web filtering to prevent malware infections.

10 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 5.0 Security Program Management and Oversight

This flashcard set covers key concepts in cybersecurity governance frameworks, including centralized governance, data stewardship roles, and compliance laws like SOX. It also addresses environments supporting development and change management, as well as recovery strategies like Recovery Point Objective (RPO) to minimize data loss during system failures.

8 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 4.0 Security Operations

This flashcard set explores advanced cybersecurity practices including refining SIEM alert handling, email security protocols (DKIM, DMARC), secure authentication methods, and strategic threat-hunting. It emphasizes how to enhance incident response efficiency and leverage proactive defense techniques like maneuvering to counteract potential threats.

11 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 2.0 Threats, Vulnerabilities, and Mitigations

This deck covers key concepts related to threats, vulnerabilities, and mitigations in cybersecurity, focusing on virtual machine security.

1 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 1.0 General Security Concepts

This flashcard deck covers key concepts from the Security+ (SY0-701) exam, focusing on general security concepts such as technical and operational controls, policy enforcement, and tokenization.

6 cards
View Deck
Information Technology

Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 2

This flashcard deck covers key concepts from the Security+ (SY0-701) Lesson 16, focusing on data protection methods, DLP components, and security awareness training.

25 cards
View Deck

Study Tips

  • Press F to enter focus mode for distraction-free studying
  • Review cards regularly to improve retention
  • Try to recall the answer before flipping the card
  • Share this deck with friends to study together
Security+ (SY0-701): Lesson 15: Risk Management Part 3
TermDefinition
Define 'Business impact analysis (BIA)'
A process that helps businesses understand the potential effects of disruptions on their operations.
How is business impact analysis (BIA) performed?
Identifying and assessing the impact of various unplanned threat scenarios on the business, such as accidents, emergencies, and disasters.
What is the outcome of performing business impact analysis (BIA)?
To proactively create recovery strategies to minimize the impact of disruptions and ensure operational resilience.

What four metrics help determine mission critical functions?

  1. Maximum tolerable downtime (MTD)

  2. Recovery time objective (RTO)

  3. Work Recovery Time (WRT)

  4. Recovery point objective (RPO)

Define the 'Maximum tolerable downtime (MTD)' metric
The longest period that a process can be inoperable without causing irrevocable business failure; Max amount of recovery time that system and asset owners have to resume operations.
What is a typical maximum tolerable downtime (MTD) for a mission critical process?
Could be 24hrs or less.
Define the 'Recovery time objective (RTO)' metric
Represents the amount of time it takes to identify that there is a problem and then perform recovery (restore from backup or switch to an alternative system, for instance).
Define the 'Work Recovery Time (WRT)' metric
In disaster recovery, time additional to the RTO of individual systems to perform reintegration and testing of a restored or upgraded system following an event.
When considering the Recovery time objective (RTO) and the Work Recovery Time (WRT), what must be kept in mind determining Maximum tolerable downtime (MTD)?
RTO+WRT must not exceed MTD.
Define the 'Recovery point objective (RPO)' metric
The amount of data loss that a system can sustain, measured in time.
What does determining Recovery point objective (RPO) impact?
Impacts the frequency of data backups, data replication requirements, recovery site selection, and technologies that support failover and high availability.
How does Recovery point objective (RPO) impact data backups/replication or failover/high availability mechanisms?
The RPO can determine backup frequency or replication for applications/services or a recovery sites/high availability based on RPO.
Define 'key performance indicators (KPIs)'
Metrics used to measure the reliability and efficiency of systems, processes, and equipment.

What are the two key performance indicators (KPIs)?

  1. Mean time between failures (MTBF)

  2. Mean time to repair (MTTR)

What do key performance indicators (KPIs) help make decisions in?
Risk management processes, providing measurable insights into potential risks and supporting risk mitigation strategies.
Define 'Mean time between failures (MTBF)'
Represents the expected lifetime of a device/component; Predicts the expected time between failures.
How is Mean time between failures (MTBF) calculated?
The number of devices/components multiplied by the lifetime of the device before failure, and the sum of that divided by the number of failures; (n*t)/f
Define 'Mean time to repair (MTTR)'
Represents the average time taken for a device or component to be repaired, replaced, or otherwise recover from a failure.
How is Mean time to repair (MTTR) calculated?
The total number of hours of unplanned maintenance divided by the number of failure incidents.
What does a low Mean time to repair (MTTR) indicate?
Indicates quicker restoration of functionality, reducing downtime and potential disruptions to operations.
What is the purpose of calculating Mean time between failures (MTBF)?
To identify the average time between system or equipment failures.
What does a high Mean time between failures (MTBF) indicate?
Suggests greater reliability and longer intervals between failures.
What metric(s) could be used to make a quantitative calculation of risk due to a specific threat to a specific function or asset?
Single Loss Expectancy (SLE) or Annual Loss Expectancy (ALE).
What are the components of '3rd party risk assessments'
Vendor due diligence, risk identification and assessment, ongoing monitoring, and incident response planning.
Define 'vendor due diligence'
Involves evaluating and selecting vendors based on their security practices, financial stability, regulatory compliance, and reputation.
Define a 'right-to-audit clause'
A contractual provision that grants an organization the authority to conduct audits or assessments of vendor operational practices, information systems, and security controls.
Define a 'Memorandum of Understanding (MOU)'
A preliminary, nonbinding agreement that outlines the intentions, shared goals, and general terms of cooperation between parties.
Define a 'Memorandum of Agreement (MOA)'
A formal, legally binding, agreement that defines the parties' specific terms, conditions, and responsibilities.
Define a 'Business Partnership Agreement (BPA)'
Agreement by two companies to work together closely for governing collaborative and mutually beneficial relationships.
Define a 'Master Service Agreement (MSA)'
Outlines the overall terms and conditions of a specific contract.