Chapter 9: Implementing Controls to Protect Assets

Question 1

What is a Physical Security Control?

Answer 1

A safeguard to protect physical locations and assets from unauthorized access.

Question 2

What are some examples of Physical Security Controls?

Answer 2

Perimeter, Buildings, Secure Work Areas, Server Rooms, and Hardware.

Question 3

What are Access Badges?

Answer 3

A physical card used to authenticate and allow entry into secured locations.

Question 4

What are Security Guards?

Answer 4

They monitor, enforce access, and respond to physical security threats.

Question 5

What is Video Surveillance?

Answer 5

Monitoring and recording physical spaces to detect and deter unauthorized access.

Question 6

What are sensors?

Answer 6

Devices that detect changes and trigger alerts for potential intrusions or anomalies.

Question 7

What is a Motion Sensor?

Answer 7

Detects movements within its coverage zone and can trigger an alert.

Question 8

What is Noise Detection?

Answer 8

Device that detects unexpected or abnormal sounds that may indicate a breach.

Question 9

What is an Infrared Sensor?

Answer 9

A device that can detect heat signatures from bodies or objects.

Question 10

What is a Pressure Sensor?

Answer 10

A device that can detect changes in weight or force in an area.

Question 11

What is a Microwave Sensor?

Answer 11

A device that can sense motion by detecting changes in reflected microwaves.

Question 12

What is an Ultrasonic Sensor?

Answer 12

A device that uses sound waves to detect movement.

Question 13

What are Access Control Vestibules?

Answer 13

A secure area with two doors to control entry, allowing one person through at a time.

Question 14

What is Asset Management?

Answer 14

Keeping records of devices and systems to ensure accountability and security.

Question 15

What is Acquisition/Procurement?

Answer 15

Buying and onboarding assets following security policies.

Question 16

What is Assignment/Accounting?

Answer 16

Assigning responsibility for assets to users or teams.

Question 17

What is Monitoring and Asset Tracking?

Answer 17

Monitoring the location and state of assets to prevent loss or misuse.

Question 18

What is Hardware Asset Management?

Answer 18

Tracking and maintaining physical devices to ensure proper use and security.

Question 19

What can an effective asset management system help reduce?

Answer 19

Architecture and design weaknesses and system sprawl and undocumented assets.

Question 20

What is Software Asset Management (SAM)?

Answer 20

The process of tracking and managing software licenses, installations, and compliance to avoid legal and financial risks.

Question 21

What is Defense in Path? AKA layered security.

Answer 21

A cybersecurity strategy that uses multiple layers of security controls to protect against threats, so if one layer fails, others still protect the system.

Question 21

What is Data Asset Management?

Answer 21

Managing data as an asset by identifying, categorizing, and protecting it throughout its lifecycle.

Question 22

What are some example implementations of layered security?

Answer 22

Vendor diversity, Technology diversity, and Control Diversity.

Question 23

What is Skimming?

Answer 23

A method where attackers secretly install a device to capture credit/debit card data during legitimate transactions.

Question 24

What is Card Cloning?

Answer 24

Creating a duplicate of a legitimate card using data stolen via skimming or other techniques.

Question 25

What are Brute Force Attacks?

Answer 25

An attack that repeatedly tries different combinations of passwords or encryption keys until the correct one is discovered.

Question 26

What is a Single Point of Failure?

Answer 26

A critical part of a system that, if it fails, causes the whole system or service to become unavailable.

Question 26

What are Environmental Attacks?

Answer 26

Non-human threats like fire, flood, or power loss that can damage systems and interrupt operations.

Question 27

What is Redundancy?

Answer 27

The duplication of critical system components to ensure services continue if one part fails.

Question 27

What is Fault Tolerance?

Answer 27

A system's ability to remain operational even after a failure in one or more components.

Question 28

What are some Single Points of Failure examples?

Answer 28

Disks, Servers, Power, and Personnel.

Question 29

What is the Redundant Array of Inexpensive Disks (RAID)?

Answer 29

A data storage virtualization method that combines multiple physical drives for performance and redundancy.

Question 30

What is RAID-0 (stripping)?

Answer 30

Splits data across drives to increase speed; no redundnacy--if one disk fails, all data is lost.

Question 31

What is RAID-1 (mirroring)?

Answer 31

Duplicates data on two disks for redundancy; provides fault tolerance but sues twice the storage.

Question 32

What is Disk Duplexing?

Answer 32

RAID-1 variation where each drive has its own controller; it improves performance and fault tolerance.

Question 33

What is RAID-5?

Answer 33

Stripes data with distributed parity across 3+ disks; allows one disk to fail without data loss.

Question 34

What is RAID-6?

Answer 34

Like RAID-5 but with no parity blocks; can survive two simultaneous disk failures.

Question 34

What is RAID-10? AKA RAID-1+0.

Answer 34

Combines mirroring and stripping; requires at least 4 disks; fast and fault-tolerant.

Question 35

What is High Availability?

Answer 35

System design approach ensuring continuous operation and minimal downtime.

Question 36

What is a Load Balancer?

Answer 36

Distributes traffic across multiple servers to ensure availability and improve performance.

Question 36

What is Clustering?

Answer 36

Group of connected computers working as a single system to provide redundancy and load distribution.

Question 37

What is an Active/Active Load Balancer?

Answer 37

All servers handle traffic simultaneously; maximizes resource usage and performance.

Question 38

What is an Active/Passive Load Balancer?

Answer 38

Primary server handles traffic; backup server takes over if the primary server fails.

Question 38

What is NIC Teaming?

Answer 38

Combines multiple network interface cards to increase bandwidth or provide failover.

Question 39

What is Backup Media?

Answer 39

Physical or digital devices used to store backup data (tape drives, hard disks, SSDs).

Question 39

What are other types of media used to store backups?

Answer 39

Disks, Network-attached Storage (NAS), Storage Area Network (SAN), and Cloud Storage.

Question 39

What is Network-attached Storage (NAS)?

Answer 39

A storage device connected to a network that allows multiple users to retrieve and store data centrally.

Question 40

What is Cloud Storage?

Answer 40

Data storage hosted on the Internet by third-party providers, accessible from anywhere.

Question 40

What are some examples of power supplies that provide redundancy?

Answer 40

Uninterruptible power supplies (UPSs), Dual Supply, Generators, and Managed Power Distribution Units (PDUs).

Question 41

What are Offline Backups?

Answer 41

Backups stored on devices not connect to the network to prevent cyber threats.

Question 42

What is Storage Area Network (SAN)?

Answer 42

A dedicated network that provides block-level storage to servers, used for high-performance, large-scale storage needs.

Question 43

What are Online Backups?

Answer 43

Backups done while the system is running, ensuring continuous availability during the backup process.

Question 44

What are Full backups?

Answer 44

A complete copy of all data, serving as the foundation for other backup types.

Question 45

What are Differential Backups?

Answer 45

A backup of all changes made since the last full backup.

Question 46

What are Incremental Backups?

Answer 46

A backup of changes made since the last backup of any type.

Question 47

What are Snapshot and Image Backups?

Answer 47

Snapshot captures the system's state; image backup includes the entire system for full restoration.

Question 48

What is the process for conducting an Differential Backup?

Answer 48

Backup data changed since the last full backup.

Question 48

What is the process for conducting a Full Backup?

Answer 48

1. Select all data to back up. 2. Prepare backup destination. 3. Start a full data copy. 4. (Optional) Verify integrity. 5. Log and schedule next backup.

Question 49

What is Replication?

Answer 49

The process of duplicating data to another location for redundancy.

Question 50

What is Journaling?

Answer 50

Logging data changes before applying them to help with recovery and integrity.

Question 51

What is the process for conducting an Incremental Backup?

Answer 51

Backup only the data changed since the last backup (of any type).

Question 52

When it comes to backups, what are some important geographic considerations to take into account?

Answer 52

Offsite vs onsite storage, Distance, Location Selection, Legal Implications, Data Sovereignty, and Encryption.

Question 53

What is a Business Continuity Plan (BCP)?

Answer 53

A documented strategy to maintain critical operations during and after a disruption.

Question 54

What is a Business Impact Analysis (BIA)?

Answer 54

An evaluation that identifies how disruptions affect critical operations and outlines potential impacts.

Question 54

What are Mission-essential Functions?

Answer 54

Core business operations must must continue or quickly resume after a disruption.

Question 55

What is Site Risk Assessment?

Answer 55

An evaluation of physical sites to identify threats that may disrupt operations.

Question 56

What is Recovery Time Objective (RTO)?

Answer 56

The max time a system can be down before recovery must occur.

Question 57

What is Recovery Point Objective (RPO)?

Answer 57

The max acceptable data loss in time (e.g last 4hrs of data).

Question 58

What is Site Resiliency?

Answer 58

The capability of a location to continue operating during/after a disruption.

Question 58

What is Mean Time Between Failures (MTBF)?

Answer 58

The average time a system operates before failing.

Question 59

What is Mean Time to Repair (MTTR)?

Answer 59

The average time it takes to fix a failure and restore service.

Question 59

What is Continuity of Operations Planning (COOP)?

Answer 59

A plan that ensures essential functions continue during emergencies.

Question 59

What is a Recovery Site?

Answer 59

A location used to recover and restore business operations during a disaster.

Question 60

What is Failover?

Answer 60

Automatic switching to a backup system or site when a primary system fails.

Question 61

What is Geographic Dispersion?

Answer 61

Placing backup systems in physically separate locations.

Question 62

What is a Hot Site?

Answer 62

A fully functional operational recovery site with real-time data replication.

Question 63

What is a Cold Site?

Answer 63

A site with infrastructure but no active data or systems.

Question 64

What is a Warm Site?

Answer 64

A partially equipped recovery site with updated backups and hardware.

Question 65

What is a Disaster Recovery Plan (DRP)?

Answer 65

A documented strategy to restore IT systems and data after a disruption.

Question 66

What are the different phases of a DRP?

Answer 66

Active DRP, Implement Contingencies, Recover Critical Systems, Test Recovered Systems, After-Action Report.

Question 67

What are Tabletop Exercises?

Answer 67

A discussion-based simulation to test plans and roles without real systems.

Question 68

What is a Simulation?

Answer 68

Hands-on training that imitates disaster scenarios without real system interruption.

Question 69

What is Parallel Processing?

Answer 69

Running systems simultaneously at a backup site to mirror production.

Question 70

What is a Failover Test?

Answer 70

Intentional switching to a backup system/site to verify readiness.

Question 71

What is Capacity Planning?

Answer 71

Forecasting resource needs (CPU, RAM, storage, bandwidth, people) for growth or failure.

Question 72

What are the three typical areas that businesses should conduct Capacity Planning?

Answer 72

People, Technology, and Infrastructure.