Chapters 1-3

Question 1

Define CIA

Answer 1

Confidentiality - information cannot be read
Integrity - attackers cannot change or destroy info
Availability - info is always available for authorized people

Question 2

What is a Compromise?

Answer 2

• Successful Attacks, breaches or incidents

Question 3

What are Countermeasures?

Answer 3

• Used to Thwart attacks

Question 4

What are the Types of Countermeasures?

Answer 4

• Preventative: cost-effective, prevents attacks
• Detective: keeps attacks from succeeding
• Corrective: minimize and restore systems after an attack

Question 5

What are the Payment Card Industry-Data Security Standards?

Answer 5

• Build and Maintain a Secure Network
• Protect Cardholder Data
• Maintain a Vulnerability Management Program
• Implement Strong Access Control Measures
• Regularly Monitor and Test Networks
• Maintain an Information Security Policy

Question 6

How are Employees and Ex-employees Dangerous?

Answer 6

• They have knowledge of internal systems
• Often have permission to access systems
• Know how to avoid detection
• Generally trusted

Question 7

Define Employee Vulnerabilities

Answer 7

• Sabotage
• Hacking
• Financial Theft
• Intellectual Property Theft
• Extortion (employee is victim)
• Sexual or Racial Harassment of Other Employees
• Internet Abuse
• Carelessness

Question 8

Define Potential Attackers Aside from Employees

Answer 8

• Contract Workers

Question 9

What is a Virus

Answer 9

Malware that attaches itself to legitimate programs

Question 10

What is a Direct-Propagation Worm?

Answer 10

Malware that doesn’t need humans to jump between computers

Question 11

What is a nonmobile Malware?

Answer 11

Malware that needs humans to propagate

Question 12

What is a RAT

Answer 12

Remote Access Trojan - allows a machine to be remotely controlled

Question 13

What is a Downloader

Answer 13

A smaller trojan that downloads larger trojans

Question 14

What is a Reconnaissance Probe?

Answer 14

scans to identify network vulnerabilities

Question 15

What is an Exploit?

Answer 15

attacker breaks into a computer

Question 16

What is a Chain of Attack?

Answer 16

An attacker attacks through a chain of victim computers to remain untraceable

Question 17

Differentiate Expert Attackers and Script Kiddies

Answer 17

Expert hackers are technically skilled and persistent while script kiddies have low skill but are more numerous

Question 18

What is Cyberwar

Answer 18

Attacks conducted by governments against financial and communication infrastructure

Question 19

What is Cyberterror

Answer 19

Attacks conducted by terrorists against IT resources

Question 20

What is Comprehensive Security

Answer 20

A state in which defenders have closed off all possible venues of attack

Question 21

What makes Security Management a Disciplined Process?

Answer 21

• Complex
• Need Formal Processes
• Continuous Process
• Compliance Regulation

Question 22

What is the Cycle for Security Management

Answer 22

Plan-protect-Respond

Question 23

What is Vision

Answer 23

Understanding your role concerning the company

Question 24

Strategies for IT Security planning

Answer 24

• Identify Current IT Security Gaps
• Identify Driving Forces
• Identify Corporate Resources Needing Protection

Question 25

What is a Remediation Plan

Answer 25

Identifying and addressing threats and vulnerabilities to prevent and limit security breaches

Question 26

What is an Investment Portfolio

Answer 26

investments made for protection methods to mitigate vulnerabilities based on risk

Question 27

What are Compliance Laws and Regulations

Answer 27

Create requirements for corporate security

Question 28

What is the Sarbanes-Oxley Act of 2002

Answer 28

Requires firms to report material deficiencies in financial reporting processes

Question 29

What is the Data Breach Notification Laws

Answer 29

Requires notification of any California citizen whose private information is exposed

Question 30

What is the CSO (CISO)

Answer 30

The Chief Security Officer (Chief Information Security Officer) oversees IT and cyber security

Question 31

Differentiate Effects of IT Location

Answer 31

- Within IT: will be responsible for security - Outside IT: gives independence - Hybrid: planning and auditing outside IT but also firewall operation within IT

Question 32

Define Top Forms of Management Support

Answer 32

- Budget - Support in Conflicts - Setting Personal Examples

Question 33

What is an MSSP

Answer 33

Managed Security Service Providers are Outsourced IT security

Question 34

What is Risk Analysis

Answer 34

Manage risk to be of reasonable threat

Question 35

What is EF

Answer 35

Exposure Factor is the percentage loss in asset value if a compromise occurs

Question 36

What is SLE

Answer 36

Single Loss Expectancy is the expected loss in case of a compromise

Question 37

What is ARO

Answer 37

Annualized Rate of Occurrence is the annual probability of a compromise

Question 38

What is ALE

Answer 38

Annualized Loss Expectancy is the expected loss per year of compromise

Question 39

What are the Problems with Classic Risk Analysis Calculations

Answer 39

- Uneven Multilayer Cash Flows - Total Cost of Incident (TCI): damage usually does not come from asset loss - Impossibility of knowing Annualized Rate of Occurrence - Problems with "Hard-Headed Thinking" - Perspective

Question 40

What is Risk Reduction

Answer 40

Implement countermeasures to reduce harm

Question 41

What is Risk Acceptance?

Answer 41

Accepting loss when protecting against it would be too expensive

Question 42

What is Risk Transference

Answer 42

Transferring loss to a different party (insurance)

Question 43

What is Risk Avoidance

Answer 43

Avoiding risky actions

Question 44

What are the 4 Choices when Encountering a Risk

Answer 44

- Risk Reduction - Risk Acceptance - Risk Transference - Risk Avoidance

Question 45

What is the Technical Security Architecture?

Answer 45

A company's technical countermeasures and how these countermeasures are organized

Question 46

What is legacy Technology?

Answer 46

Previously installed tech that may be too expensive to upgrade immediately fully

Question 47

What is Depth in Defence

Answer 47

Multiple independent countermeasures must be defeated in series

Question 48

What is the Weakest Link

Answer 48

Single countermeasure with multiple interdependent components that must all succeed for the countermeasure to succeed

Question 49

What are Policies

Answer 49

Statements of what is to be done, provides clarity and implementation

Question 50

What is an Acceptable Use Policy?

Answer 50

Summarizes key points of special importance for users

Question 51

Factors to consider when Writing Policies

Answer 51

- IT security cannot act alone in policy-making - There should be policy writing teams for each policy - Team approach gives authority to policies - Different viewpoints prevent mistakes

Question 52

What is Implementation Guidance

Answer 52

Limits discretion of implementers

Question 53

Standards vs Guidelines

Answer 53

Standards are mandatory while guidelines are not but must be considered

Question 54

What are Procedures

Answer 54

Detailed specifications of how something should be done

Question 55

What are Processes

Answer 55

Less detailed specifications of what actions should be taken

Question 56

What are baselines?

Answer 56

Checklists of what should be done without processes or procedures

Question 57

What are the Types of Implementation Guidance

Answer 57

- Best Practices: most appropriate actions in other companies - Recommended Practices: normative guidance

Question 58

Who Should Be Held Accountable

Answer 58

Owner of a resource

Question 59

What are Ethics

Answer 59

Person's system of values that can be guided by company code

Question 60

What are Kickbacks

Answer 60

Given by sellers to secure orders or future orders

Question 61

What is Oversight

Answer 61

Term for a group of tools for policy enforcement

Question 62

What is Electronic Monitoring

Answer 62

Electronically-collected information on behaviour

Question 63

What is Security Metrics

Answer 63

Indicators of compliance that are measured periodically

Question 64

What is Auditing

Answer 64

Sampling information to develop an opinion about the adequacy of controls

Question 65

What is an Anonymous Protected Hotline

Answer 65

An anonymous and protected hotline where employees can call in

Question 66

What is the Fraud Triangle

Answer 66

- Opportunity - Pressure - Rationalization

Question 67

What is a Vulnerability Test?

Answer 67

An attack on own systems to find vulnerabilities

Question 68

Who is COSO

Answer 68

The Committee of Sponsoring Organizations of the Treadway Commission provides guidance on financial controls

Question 69

Who is CobiT

Answer 69

The Control Objectives for Information and Related Technologies offers documents on how to improve IT management practices

Question 70

Who is the main professional accrediting body of IT auditing

Answer 70

CobiT

Question 71

What are the 4 Major CobiT Domains?

Answer 71

1. Planning and Organization 2. Acquisition and Implementation 3. Delivery and Support 4. Monitoring

Question 72

What is the ISO/IEC 27000?

Answer 72

A family of IT security standards with several individual standards

Question 73

Who is the ISO/IEC

Answer 73

The International Organization for Standardization and the International Electrotechnical Organization