Documentation and Processes

Question 1

Used to provide a comprehensive security management framework for the organization | Policies, standards, baselines, guidelines, procedures

Answer 1

IT Governance

Question 2

Defines the role of security inside of an organization and establishes the desired end state for that security program | Organizational, system-specific, issue-specific

Answer 2

Policy

Question 3

Provides framework to meet the business goals and define the roles, responsibilities, and terms associated with it

Answer 3

Organizational

Question 4

Addresses the security of a specific technology, application, network, or computer system

Answer 4

System-specific

Question 5

Addresses a specific security issue such as email privacy, employee termination procedures, or other specific issues

Answer 5

Issue-specific

Question 6

Implements a policy in an organization

Answer 6

Standard

Question 7

creates a reference point in network architecture and design

Answer 7

Baseline

Question 8

Recommended action that allows for exceptions and allowances in unique situations

Answer 8

Guideline

Question 9

Detailed step-by-step instructions created to ensure personnel can perform a given task or series of actions

Answer 9

Procedure

Question 10

Shows the actual physical arrangement of the components that make up the network

Answer 10

Physical Network Diagram

Question 11

lllustrates the flow of data across a network and shows how devices communicate with each other

Answer 11

Logical Network Diagram

Question 12

Labels which cables are connected to which ports

Answer 12

Wiring Diagram

Question 13

Planning and designing a wireless network to deliver the required wireless solution

Answer 13

Radio Frequency (Wireless) Site Survey

Question 14

Determines if a site has the right amount of power, space, and cooling to support a new upgrade or installation

Answer 14

Wired Site survey

Question 15

Delivered after a formal assessment has been conducted

Answer 15

Audit and Assessment Report

Question 16

Set of specifications for an information system, or a configuration item within a system, that has been formally reviewed and agreed on

Answer 16

Baseline Configurations

Question 17

Changes will be properly tested and approved to be part of the new baseline

Question 18

Systematic approach to the governance and realization of value of things over their life cycle | Tangible assets, intangible assets

Answer 18

Asset Management

Question 19

Asset management is a systematic process of:

Answer 19

Development, operation, maintenance, upgrade, disposal

Question 20

A database system allows for the detailed management and configurations of assets

Question 21

With asset management how do you uniquely identify each and every workstation out there?

Answer 21

Unique Asset Tag - A barcode or a radio frequency ID tag that’s going to be assigned to that particular device and labeled onto it

Unique Asset ID

Question 22

Establish good change management practices

Question 23

Procurement Lifecycle - Birth to death of an asset

Question 24

What are the change management procedures?

Answer 24

Change Request - Verifies business impact

Procurement - Determines the budget

Deployment - Implements procedures in a secure configurations

Maintenance/Operations - Implements procedures for monitoring and support

Disposal - Implements procedures for sanitizing data remnants

Question 25

Warranty & Licensing

Answer 25

Most pieces of software are going to be commercially procured. You need a license to use them. Keep track of licensing & all of your licenses are valid across all of your devices Which assets need which pieces of software, and therefore you can buy licenses just for the software you need for those devices

Question 26

Asset management - how you're going to make sure you identify which user is assigned to which asset

Question 27

Methodology and suite of tools used to plan, track, and manage the IP address space in a network infrastructure | Tracking, Planning, & Managing

Answer 27

IP Address Management (IPAM)

Question 28

IPAM creates a systematic and error-resistant method of managing IP addresses in network enterprise

Answer 28

Automated systems detect and resolve IP conflicts and ensure two devices are not assigned to the same IP address

Question 29

Automated IPAM systems can be configured to seamlessly interact with DHCP and DNS servers

Answer 29

IPAM solutions can be used by network admins for comprehensive reporting | IPAM can also be used by cybersecurity teams to determine which devices are allowed to connect to the network | IPAM provides the ability to help identify any unauthorized devices or suspicious traffic patterns

Question 30

When it comes to IP address management (IPAM) remember the following:

Answer 30

Is the methodology and a suite of tools that are used to plan, track, and manage the IP address space inside your org's enterprise network infrastructure

Question 31

Defines what data is confidential and cannot be shared outside of a relationship | administrative control

Answer 31

Non-Disclosure Agreement (NDA)

Question 32

Non-binding agreement between two or more organizations to detail what common actions they intend to take | letter of intent

Answer 32

Memorandum of Understanding (MOU)

Question 33

Documents the quality, availability, and responsibilities agreed upon by a service provider and a client

Answer 33

Service-Level Agreement (SLA)

Question 34

When it comes to a version of Windows there is mainstream support and extended support

Answer 34

Mainstream support - minimum of 5 years Extended support - 3 to 5 years

Question 35

Product that is no longer supported

Answer 35

Legacy OS

Question 36

Orchestrated strategy to transition from an existing state to a more desirable future state

Answer 36

Change Management

Question 37

At the core disruption of existing processes by and kind of change will effect its efficiency and effectiveness

Answer 37

Change management ensures seamless integration of changes into existing architecture and processes

Question 38

Body of representatives from various parts of an organization that is responsible for evaluation of any proposed changes

Answer 38

Change Advisory Board (CAB)

Question 39

Individual or team that initiates the change request

Answer 39

Change Owner

Question 40

Any person who has a vested interest in the proposed change

Answer 40

Stakeholder

Question 41

Integral part of change management process that involves understanding the change's potential fallout

Answer 41

Impact Analysis

Question 42

What could go wrong? What would be the immediate effects? How would the long-term operations be impacted? Are there unforeseen challenges that might cause an issue?

Answer 42

Change management is a critical process that guides organizations safely through any changes or transformations needed

Question 43

Focuses on maintaining up-to-date documentation of a network's configuration | asset management, baselining, cable management, network documentation

Answer 43

Configuration Management

Question 44

Formalized system of tracking networks components and managing their lifecycle | Prepare, plan, design, implement, operate, optimize

Answer 44

Asset Management

Question 45

Collection of data under normal operating conditions | useful when checking what's normal when troubleshooting network issues

Answer 45

Create a Baseline

Question 46

Process of documenting the network's existing cable infrastructure | Diagrams, cable labeling, locations of punch-down blocks, cable location source, cable location destination

Answer 46

Cable Management

Question 47

Using standard naming convention is considered best practice

Question 48

Document the network appropriately | keep materials up to date | contact info of admins, policies, network maps and diagrams, documentation, wiring schematics, standard operating procedures and instructions

Answer 48

Network Documentation

Question 49

Involves planning, testing, implementing, and auditing of software patches | Provides security, increase uptime, ensures compliance, improves features

Answer 49

Patch Management

Question 50

Ensure patches don't create new problems once installed

Question 51

How to effectively conduct patch management by following four critical steps:

Answer 51

Planning - Tracks available patches and updates and determines how to test and deploy each patch Testing - Tests any patch received from a manufacturer prior to automating its deployment through the network Implementing/Implementation - Deploys the patch to all of the workstations and servers that require it Auditing

Question 52

Have a small test network, lab, or machine for testing new patches before deployment

Answer 52

Disable the Windows Update service from running automatically on the workstation & also implement patching through a mobile device manager (MDM), if needed

Question 53

Patch rings - Update computers in small groups instead of all at once.

Question 54

Scans the network and determines if the patch was installed properly and if there are any unexpected failures that may have occurred | conduct firmware management for network devices

Answer 54

Auditing

Question 55

Which term specifically denotes a formal contractual arrangement between a service provider and a client, detailing the anticipated standard of service?

Answer 55

SLA

Question 56

Which type of diagram would you use for information flow between networking devices?

Answer 56

Logical diagram - depict the logical relationships and info flow between network devices, making them the appropriate choice for illustrating info flow in a network

Question 57

Which of the following is a tangible asset?

Answer 57

Servers = are assets that can be touched or handled

Question 58

Which of the following is a key feature of an IPAM solution?

Answer 58

It allows comprehensive reporting for network performance analysis and anomaly detection & is a methodology and suite of tools to plan, track, and manage the IP address space in a network infrastructure.

Question 59

Which of the following is a formalized system for tracking network components and managing their life cycle?

Answer 59

Asset Management - Is a system to track and manage assets from the point of purchase to disposal.