Detective access control

What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the
organization’s systems cannot be unavailable for more than 24 hours?
A. Warm site
B. Hot site
C. Mirror site
D. Cold site
Answer: A

warm site A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. A warm site features an equipped data center but no customer data.

How do you calculate RTO The recovery time objective (RTO) is the maximum tolerable length of time that a computer, system, network or application can be down after a failure or disaster occurs.

Detective access control A detective access control is deployed to discover unwanted or unauthorized activity.

Types of Access Control

Access Control Overview

Controlling access to resources is on of the central themes of security. Access control address more than just controlling which users can access which files or services. Access control is about the relationships between subjects and objects. The transfer of information from and object to a subject is called access. However, access is not just a logical or technical concept; don’t forget about the physical realm where access can be disclosure, use, or proximity. A foundational principle of access control is to deny access by default if access is not grated specifically to a subject.

Subjects are active entities that, through the exercise of access, seek information about or data from passive entities, or objects. A subject can be a user, program, process, file, computer, database, and so on. An object can be a file, database, computer, program, process, file, printer, storage media, and so on. The subject is always the entity that alters information about or data stored within the object. The object is always the entity that provides or hosts the information of data. The roles of subject and object cans switch as two entities, such as a program and a database or a process and a file, communicate to accomplish a task

CIA Triad The essential security principles of confidentiality, integrity, and availability are often referred to as the CIA Triad.

Each domain address these principles in unique ways, so it is important to understand them both in general terms and within each specific domain:

  • Confidentiality is the principle that objects are not disclosed to unauthorized subjects.
  • Integrity is the principle that objects retain their veracity and are intentionally modified by authorized subjects only.
  • Availability is the principle that authorized subjects are granted timely access to objects with sufficient bandwidth to perform the desired interaction.

An organization is found lacking the ability to properly establish performance indicators for its Web hosting
solution during an audit. What would be the MOST probable cause?
A. Absence of a Business Intelligence (BI) solution
B. Inadequate cost modeling
C. Improper deployment of the Service-Oriented Architecture (SOA)
D. Insufficient Service Level Agreement (SLA)
Answer: D

An organization has doubled in size due to a rapid market share increase. The size of the Information
Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose
onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations
and has a backlog of account management requests.
Which contract is BEST in offloading the task from the IT staff?
A. Platform as a Service (PaaS)
B. Identity as a Service (IDaaS)
C. Desktop as a Service (DaaS)
D. Software as a Service (SaaS)
Answer: B

Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in
progress?
A. Intrusion Prevention Systems (IPS)
B. Intrusion Detection Systems (IDS)
C. Stateful firewalls
D. Network Behavior Analysis (NBA) tools
Answer: D

An external attacker has compromised an organization’s network security perimeter and installed a sniffer
onto an inside computer. Which of the following is the MOST effective layer of security the organization
could have implemented to mitigate the attacker’s ability to gain further information?
A. Implement packet filtering on the network firewalls
B. Install Host Based Intrusion Detection Systems (HIDS)
C. Require strong authentication for administrators
D. Implement logical network segmentation at the switches
Answer: D