C172 WGU COMPLETE v3
Occupational Safety and Health OSH Act
Act
Occupational Safety and Health OSHA
Administration
NFPA;
National Fire Protection
Association creates standards and codes to help form safe environments and
prevent accidents
Code of Federal Regulations CFR
Emergency action plan EAP
Fire prevention plan FPP
SDS;
Safety data sheets required documentation that identifies
potential hazards; formerly MSDS (material
SDS)
Systems that measure and analyze specific characteristics
Biometric Systems
of the human body for the purpose of authentication
FERPA (Family Educational federal law that requires all educational institutions to
Rights and Privacy Act) protect the privacy of student education records
FISMA (Federal Information a federal law that was developed to protect government
Security Management Act) information, operations, and assets against security
threats
federal law that requires all financial institutions to protect
GLBA (Gramm-Leach-Bliley Act) customer financial information data, to safeguard the
financial information against security threats, and to deny
any unwarranted access to financial data
HIPAA (Health Insurance federal law that requires all health-related agencies to
Portability and Accountability protect the personally identifiable information (PII) of
Act) patients
PCI DSS (Payment Card Industry standard set by the Payment Card Industry that holds banks
Data Security Standard) and merchants accountable for any credit card breach
a formal agreement between two or more parties to
MOU (memorandum of establish official service partnerships;
understanding) sometimes called letter of intent (LOI)
a formal agreement typically between a service provider and
SLA (Service Level Agreement)
a client or end user that defines the level of service
expected from the provider
an overarching document that creates a framework for
MSA (master service agreement) multiple service level agreements;
, facilitates the creation of future agreements
MLA (Master license agreement) defines the owner rights, terms, and conditions related to intellectual
property
a legal agreement to bind a party or parties to not disclose
NDA (Non-Disclosure
Agreement) or share specific information
a document often used in conjunction with an MSA that
SOW (Statement of work) contains all the specifics of the service;
includes deliverables, schedules, responsibilities
AUP (Acceptable Use Policy) outlines the acceptable use of IT equipment and related services
1. preparation
2. identification
3. containment
incident response policy
4. eradication
5. recovery
6. follow-up
establishes expectations for the conduct of individuals
privileged user agreement
granted privileged access to an organization's enterprise
systems and services
a procedure document that describes routine operations
SOP (Standard Operating accompanied by step-by- step instructions showing how to
Procedure) perform routine activities;
ensures quality and consistency of operations
password policy sets rules for computing passwords for an organization
MTBF (Mean Time Between measures the system's reliability by identifying the average time between
Failures) failures
predicts the equipment runtime before a failure requires the
MTTF (mean time to failure)
equipment to be replaced
MTTR (mean time to recover or measures the average time it takes to bring a system back from failure
repair)
most complete type of backup, where all data is copied to a
full backup
designed backup location or medium
differential backup includes all data that has changed since the last full backup
only include data that has changed since the
incremental backup
previous backup copy; takes the least time and
the least storage space
describes systems that are in continuous operation for a long
HA (High Availability)
time, with minimal downtime
cold site empty facility with only power and cooling, but no equipment or racks
full-blown operational facility with power, cooling, and
hot site
equipment racked and powered up and connected to the
network; a duplicate of the current data center
a not-yet-operational facility with power, cooling, and rack
warm site
space; equipment is onsite but not racked or powered up
protect assets and prevent misuse/loss of assets by
asset management
establishing self-inventory that can be used in the audit
Occupational Safety and Health OSH Act
Act
Occupational Safety and Health OSHA
Administration
NFPA;
National Fire Protection
Association creates standards and codes to help form safe environments and
prevent accidents
Code of Federal Regulations CFR
Emergency action plan EAP
Fire prevention plan FPP
SDS;
Safety data sheets required documentation that identifies
potential hazards; formerly MSDS (material
SDS)
Systems that measure and analyze specific characteristics
Biometric Systems
of the human body for the purpose of authentication
FERPA (Family Educational federal law that requires all educational institutions to
Rights and Privacy Act) protect the privacy of student education records
FISMA (Federal Information a federal law that was developed to protect government
Security Management Act) information, operations, and assets against security
threats
federal law that requires all financial institutions to protect
GLBA (Gramm-Leach-Bliley Act) customer financial information data, to safeguard the
financial information against security threats, and to deny
any unwarranted access to financial data
HIPAA (Health Insurance federal law that requires all health-related agencies to
Portability and Accountability protect the personally identifiable information (PII) of
Act) patients
PCI DSS (Payment Card Industry standard set by the Payment Card Industry that holds banks
Data Security Standard) and merchants accountable for any credit card breach
a formal agreement between two or more parties to
MOU (memorandum of establish official service partnerships;
understanding) sometimes called letter of intent (LOI)
a formal agreement typically between a service provider and
SLA (Service Level Agreement)
a client or end user that defines the level of service
expected from the provider
an overarching document that creates a framework for
MSA (master service agreement) multiple service level agreements;
, facilitates the creation of future agreements
MLA (Master license agreement) defines the owner rights, terms, and conditions related to intellectual
property
a legal agreement to bind a party or parties to not disclose
NDA (Non-Disclosure
Agreement) or share specific information
a document often used in conjunction with an MSA that
SOW (Statement of work) contains all the specifics of the service;
includes deliverables, schedules, responsibilities
AUP (Acceptable Use Policy) outlines the acceptable use of IT equipment and related services
1. preparation
2. identification
3. containment
incident response policy
4. eradication
5. recovery
6. follow-up
establishes expectations for the conduct of individuals
privileged user agreement
granted privileged access to an organization's enterprise
systems and services
a procedure document that describes routine operations
SOP (Standard Operating accompanied by step-by- step instructions showing how to
Procedure) perform routine activities;
ensures quality and consistency of operations
password policy sets rules for computing passwords for an organization
MTBF (Mean Time Between measures the system's reliability by identifying the average time between
Failures) failures
predicts the equipment runtime before a failure requires the
MTTF (mean time to failure)
equipment to be replaced
MTTR (mean time to recover or measures the average time it takes to bring a system back from failure
repair)
most complete type of backup, where all data is copied to a
full backup
designed backup location or medium
differential backup includes all data that has changed since the last full backup
only include data that has changed since the
incremental backup
previous backup copy; takes the least time and
the least storage space
describes systems that are in continuous operation for a long
HA (High Availability)
time, with minimal downtime
cold site empty facility with only power and cooling, but no equipment or racks
full-blown operational facility with power, cooling, and
hot site
equipment racked and powered up and connected to the
network; a duplicate of the current data center
a not-yet-operational facility with power, cooling, and rack
warm site
space; equipment is onsite but not racked or powered up
protect assets and prevent misuse/loss of assets by
asset management
establishing self-inventory that can be used in the audit
