Ch9: Implementing Controls to Protect Assets

Question 1

Layered security/defense-in-depth practices

Answer 1

uses control diversity, implementing administrative, technical, and physical security controls

Question 2

Vendor diversity

Answer 2

utilizes controls from different vendors

Question 3

User training

Answer 3

informs users of threats, helping them avoid common attacks

Question 4

In the event of a fire, door access systems should…

Answer 4

allow personnel to exit the building without any form of authentication

Question 5

Access points to data centers and server rooms should be limited to…

Answer 5

a single entrance and exit whenever possible

Question 6

Proximity cards

Answer 6

credit-card sized access cards. Users pass the card near a proximity card reader and it reads data on the card. Some access control points use proximity cards with PINs for authentication

Question 7

Door access systems include

Answer 7

cipher locks, proximity cards, and biometrics

Question 8

Cipher locks do not…

Answer 8

identify users

Question 9

Proximity cards can…

Answer 9

identify and authenticate users when combined with a PIN

Question 10

Biometrics can..

Answer 10

identify and authenticate users

Question 11

Tailgating

Answer 11

a social engineering tactic that occurs when one user follows closely behind another user without using credentials

Question 12

Mantraps

Answer 12

allow only a single person to pass at a time

Question 13

Sophisticated mantraps can

Answer 13

identify and authenticate individuals before allowing access

Question 14

Video surveillance provides

Answer 14

reliable proof of a person’s location and activity. It can identify who enters and exits secure areas and record theft of assets

Question 15

These provide physical security

Answer 15

fencing, lighting, and alarms. Often used together to provide layered security

Question 16

To increase the effectiveness of fencing, lighting, and alarms, use…

Answer 16

motion detection methods

Question 17

Infrared detectors…

Answer 17

detect movement by objects of different temperatures

Question 18

Barricades

Answer 18

provide stronger barriers than fences and attempt to deter attackers

Question 19

Bollards

Answer 19

effective barricades that can block vehicles

Question 20

Effective threat deterrents for small equipment such as laptops and workstations

Answer 20

cable locks

Question 21

Locked cabinets prevent…

Answer 21

unauthorized access to equipment mounted in server bays

Question 22

Higher-tonnage HVAC systems

Answer 22

provide more cooling capacity. This keeps server rooms at lower temperatures and results in fewer failures

Question 23

HVAC systems increase…

Answer 23

availability by controlling temperature and humidity

Question 24

Temperature controls help ensure

Answer 24

a relatively constant temperature

Question 25

Humidity controls

Answer 25

reduce the potential for damage from elecrostatic discharge and damage from condensation

Question 26

HVAC systems should be integrated with

Answer 26

fire alarm systems and either have dampers or the ability to be turned off in the event of a fire

Question 27

EMI shielding

Answer 27

Electromagnetic interference (EMI) shielding prevents outside interference sources from corrupting data and prevents data from emanating outside the cable

Question 28

Cable troughs

Answer 28

protect cables distributed throughout a building in metal containers

Question 29

Faraday cage

Answer 29

prevents signals from emanating beyond the cage

Question 30

Single point of failure is

Answer 30

any component whose failure results in the failure of an entire system

Question 31

Elements to remove single points of failure include

Answer 31

RAID, failover clustering, UPSs, and generators

Question 32

RAID is an inexpensive method to

Answer 32

add fault tolerance and increase availability

Question 33

RAID-5

Answer 33

can survive the failure of one disk

Question 34

RAID-6

Answer 34

can survive the failure of two disks

Question 35

Failover clusters

Answer 35

are one method of server redundancy and they provide high availability for servers, removing one server as a single point of failure

Question 36

Load balancing

Answer 36

increases the overall processing power of a service by sharing the load among multiple servers

Question 37

Scheduling methods (load balancing)

Answer 37

round-robin and source IP address affinity

Question 38

Source IP address affinity scheduling

Answer 38

ensures clients are redirected to the same server for an entire session

Question 39

Full backup

Answer 39

For unlimited time and money, this provides the fastest recovery time

Question 40

Full/incremental backup

Answer 40

reduces the amount of time needed to perform backups

Question 41

Full/differential

Answer 41

reduces the amount of time needed to restore backups

Question 42

Best way to test the integrity of a company’s backup data

Answer 42

test restores

Question 43

Backup media should be protected with…

Answer 43

the same level of protection as the data on the backup

Question 44

Geographic considerations for backups

Answer 44

storing backups off-site, choosing the best location, considering legal implications and sovereignty

Question 45

BIA

Answer 45

The Business Impact Analysis identifies mission-essential functions and critical systems that are essential to the organization’s success. Identifies maximum downtime limits for these systems, various scenarios that can impact these systems, and potential losses from an incident

Question 46

Privacy threshold assessment

Answer 46

typically a simple questionnaire completed by system or data owners that helps identify if a system processes data that exceeds the threshold for PII

Question 47

Privacy impact assessment

Answer 47

For systems that process PII, helps identify and reduce risks related to potential loss of the PII

Question 48

RTO

Answer 48

The recovery time objective identifies the maximum amount of time it should take to restore a system after an outage. Derived from the maximum allowable outage time in the BIA. RPO refers to the amount of data you can afford to lose

Question 49

Hot site

Answer 49

includes personnel, equipment, software, and communication capabilities of the primary site with all the data up to date. Provides the shortest recovery time (compared to warm and cold sites) and is the most effective disaster recovery solution, but also most expensive to maintain

Question 50

Cold site

Answer 50

will have power and connectivity needed for a recovery site, but little else. Least expensive and hardest to test

Question 51

Warm site

Answer 51

compromise between hot site and a cold site (e.g. contains all necessary hardware, but not all data is up-to-date)

Question 52

Mobile site

Answer 52

does not have a dedicated location but can provide temporary support during a disaster

Question 53

DRP

Answer 53

Disaster Recovery Plan includes a hierarchical list of critical systems and often prioritizes services to restore after an outage. Testing validates the plan

Question 54

Final phase of disaster recovery includes

Answer 54

a review to identify any lessons learned and may include an update of the plan

Question 55

You can validate BCPs (business continuity plans) through

Answer 55

testing

Question 56

Tabletop exercises are

Answer 56

discussion-based only and are typically performed in a classroom or conference setting

Question 57

Functional exercieses are

Answer 57

hands-on exercises