Chapter 7: Security Operations (Domain 7) 385
- D. The hypervisor runs within the virtualization platform and serves as the moderator
between virtual resources and physical resources. - D. Entitlement refers to the privileges granted to users when an account is first
provisioned. - A. The service-level agreement (SLA) is between a service provider and a customer and
documents in a formal manner expectations around availability, performance, and other
parameters. An MOU may cover the same items but is not as formal a document. An OLA
is between internal service organizations and does not involve customers. An SOW is an
addendum to a contract describing work to be performed. - A. The IT Infrastructure Library (ITIL) framework focuses on IT service management.
The Project Management Body of Knowledge (PMBOK) provides a common core of
project management expertise. The Payment Card Industry Data Security Standard
(PCI DSS) contains regulations for credit card security. The Open Group Architecture
Framework (TOGAF) focuses on IT architecture issues. - D. Latency is a delay in the delivery of packets from their source to their destination.
Jitter is a variation in the latency for different packets. Packet loss is the disappearance
of packets in transit that requires retransmission. Interference is electrical noise or other
disruptions that corrupt the contents of packets. - B. Running the program in a sandbox provides secure isolation that can prevent
the malware from impacting other applications or systems. If Joe uses appropriate
instrumentation, he can observe what the program does, what changes it makes, and any
communications it may attempt. ASLR is a memory location randomization technology,
process isolation keeps processes from impacting each other, but a sandbox typically
provides greater utility in a scenario like this since it can be instrumented and managed
in a way that better supports investigations, and clipping is a term often used in signal
processing. - D. A transformer failure is a failure of a manmade electrical component. Flooding,
mudslides, and hurricanes are all examples of natural disasters. - C. The (ISC)^2 code of ethics applies only to information security professionals who are
members of (ISC)^2. Adherence to the code is a condition of certification, and individuals
found in violation of the code may have their certifications revoked. (ISC)^2 members who
observe a breach of the code are required to report the possible violation by following the
ethics complaint procedures. - B. The principle of least privilege says that an individual should only have the privileges
necessary to complete their job functions. Removing administrative privileges from
nonadministrative users is an example of least privilege. - D. There is no need to conduct forensic imaging as a preventative measure. Rather,
forensic imaging should be used during the incident response process. Maintaining patch
levels, implementing intrusion detection/prevention, and removing unnecessary services
and accounts are all basic preventative measures.