Bash, the Crucial Exams Chat Bot
AI Bot
SSCP - Security Operations and Administration Flashcards
ISC2 Systems Security Certified Practitioner (SSCP) Flashcards
| Front | Back |
| Acceptable Use Policy (AUP) | Rules outlining the proper use of organization systems and data |
| Backup Strategies | Methods for creating copies of data, such as full, incremental, or differential backups |
| Business Continuity Plan (BCP) | A strategy for ensuring essential functions continue during disasters |
| Change Management Process | A standardized approach to handling changes in IT systems to minimize impact |
| CIA Triad | The core principles of security: Confidentiality, Integrity, Availability |
| Data Classification | Categorizing data based on its sensitivity and impact on the organization |
| Defense-in-Depth | Implementing multiple layers of security controls to protect assets |
| Disaster Recovery Plan | A documented process for restoring IT operations after a disruption |
| Encryption | Process of converting data into a secure format to prevent unauthorized access |
| Incident Response Plan (IRP) | A documented approach to identifying, managing, and mitigating incidents |
| Incident Response Steps | Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned |
| Log Monitoring | Ongoing review of system logs to identify and respond to anomalies |
| Multifactor Authentication (MFA) | Security mechanism combining two or more authentication factors |
| Password Policy Best Practices | Enforce strong passwords, set expiration dates, and prevent reuse |
| Patch Management | Regular updating of systems to fix vulnerabilities and improve performance |
| Personnel Security | Steps to minimize insider threats through background checks and training |
| Principle of Least Privilege | Limiting user access rights to only what is necessary for their job roles |
| Risk Assessment | Process of identifying, analyzing, and evaluating risks to assets |
| Role-Based Access Control (RBAC) | Access control model based on users’ roles and responsibilities |
| Security Awareness Training | Educating employees about security threats and best practices |
| Security Policy | A set of rules and practices that regulate how organizational assets are protected |
| Separation of Duties | Dividing tasks among multiple people to prevent fraud or errors |
| Vulnerability Assessment | The process of identifying, quantifying, and prioritizing system vulnerabilities |
| Zero Trust Model | Security principle of not automatically trusting anyone inside or outside the network |
This deck focuses on day-to-day security operations, best practices for administrative tasks, and incident response protocols critical to SSCP knowledge.