1
Q
Operational Assurance
A
Achieved by performing daily tasks and evaluating their effectiveness through testing
2
Q
4 Steps to Operational Assurance
PI/PE/AH/TR
A
- Protect Information
+CIA
+Balance (Functional Vs. Secure)
+Enforce Compliance - Privileged Entities (Administrators)
- Control Access to Hardware
+Logical
+Physical - Trusted Recovery
+Bring up security controls first
3
Q
10 Administrative Controls
DC/DD/SD/JR/MV/NK/LP/AL/SC/HF
A
- Due Care
- Due Diligence
- Separation of duties
- Job rotation
- Mandatory vacations
- Need-to-know
- Least privilege
- Invokes authorization levels
- Management software configuration
- Personnel hiring and firing
4
Q
Service Level Agreement (SLA)
A
The unit of time a vendor will repair a faulty product
5
Q
Mean Time Between Failure (MTBF)
A
- Expected lifetime of component
- Used to calculate risk of utility failure
6
Q
Mean Time To Repair (MTTR)
A
Amount of time to get device back into production
7
Q
Redundant Array of Inexpensive Disks (RAID)
A
Technology used for redundancy and performance improvement
8
Q
RAID Levels
A
- *Level 0: Striping, written to all drives, no fault tolerance, high performance
- *Level 1: Mirroring
- Level 2: Data striping over all drives at the bit level
- Level 3 Byte level parity
- Level 4: Byte level parity
- *Level 5: Interleave parity - data and parity over all disks
9
Q
2 Advantages of RAID 5
A
- If one drive fails you still have access to all the data, reconstruction can occur on new drive
- New drive will be rebuilt with parity data (Based on XOR
10
Q
4 Backup Types
A
- Full backup
- Incremental backup
- Differential backup
- Copy backup
11
Q
Full Backup
A
- Archive Bit is reset after backup (all bits)
12
Q
Incremental Backup
A
- Backs up files that have been modified since last backup
- Archive bit is reset (takes 1 and set to 0)
13
Q
Differential Backup
A
- Backs up files that have been modified since last full backup
- Archive bit is not reset (makes copies of archive bit)
14
Q
Copy Backup
A
- Archive bit is not reset
- Use before upgrades/system maintenance
15
Q
Network-Based IDS
A
- Monitors traffic on a network segment
- Computer or network device with NIC in promiscuous mode
- Sensors communication with central management console
16
Q
Host-base IDS
A
- Small agent program that resides on individual computers
- Detects suspicious activity on one system, not network segment
17
Q
3 IDS Components with Examples
S/AE/MC
A
- Sensors: Collect raw data and reports data
- Analysis engine: Analyzes for malicious software, reports
- Management console: Alerted about intrusion
18
Q
Signature Based IDS
A
Contains a database of signatures that continually have to be updated. Cant identify new attacks
19
Q
Behavior Based IDS
A
Maintains a profile of normal behavior for a better defense against new attacks. Creates many false positives
20
Q
Pattern Matching (Analysis Engine Method) (RB/SB/KB)
A
- Rule-based intrusion detection
- Signature-based intrusion detection
- Knowledge-based intrusion detection
21
Q
Profile Comparison (Analysis Engine Method) (SB/AB/BB)
A
- Statistically-based intrusion detection
- Anomaly-based intrusion detection
- Behavior-based intrusion detection
22
Q
5 IDS Response Options
A
- Page or e-mail administrator
- Log event
- Send reset packets to the attacker’s connections
- Change a firewall or router ACL to block an IP address or range
- Reconfigure router or firewall to block protocol being used for attack
23
Q
5 IDS Issues
A
- May not be able to process all packets on large networks (missing packets)
- Cant analyze encrypted data
- Switch-based networks make it harder to pick up traffic
- A lot of false alarms
- Not an answer to all security issues
24
Q
Honeypot
A
Loophole added to system on purpose to trap intruders
25
3 Basic Requirements to Penetration Testing
- Defined goal, clearly documented
- Limited timeline outlined
- Approved by senior management
26
Purpose of configuration management
Identifying, controlling, accounting for and auditing changes made to the baseline TCB
CISSP ISC2 2023
flashcards
Decks in class (90)
# Cards
-
CISSP (Glossary)27
-
CISSP Lesson 1 PreTest18
-
Domain 1 - Access Control25
-
CISSP (Chapter 3 - Access Control)32
-
CISSP (Domain 1 - Access Control)54
-
CISSP (Chapter 1)48
-
Access Control36
-
Video Content Lesson 149
-
CISSP Lesson 2 PreTest17
-
Domain 2 - Telecommunications and Network Security25
-
CISSP (Domain 2 - Telecommunications and Network Security)78
-
CISSP (Chapter 2 - Information Security Governance and Risk Management)38
-
Telecommunications and Network Security46
-
CISSP (Chapter 6 - Telecommunications and Network Security41
-
Video Content Lesson 246
-
CISSP Lesson 3 PreTest19
-
Domain 3 - Information Security Governance and Risk Management25
-
CISSP (Domain 3 - Information Security Governance and Risk Management)63
-
Information Security Guidelines and Risk Managerment44
-
Video Content Lesson 349
-
CISSP Lesson 4 PreTest15
-
Domain 4 - Software Development Security26
-
CISSP (Domain 4 - Software Development Security)63
-
CISSP (Chapter 10 - Software Development Security)30
-
Video Content Lesson 430
-
CISSP Lesson 5 PreTest20
-
Domain 5 - Cryptography25
-
Cryptography42
-
CISSP (Domain 5 - Cryptography)49
-
CISSP (Chapter 7 - Cryptography)32
-
Video Content Lesson 550
-
CISSP Lesson 6 PreTest15
-
Domain 6 - Security Architecture and Design26
-
CISSP (Domain 6 - Security Architecture and Design)47
-
Security Architecture and Design63
-
CISSP (Chapter 4 - Security Architecture and Design)31
-
CISSP (Chapter 5 - Physical and Environmental Security)30
-
Video Content Lesson 638
-
CISSP Lesson 7 PreTest18
-
Domain 7 - Operations Security26
-
CISSP (Domain 7 - Operations Security)26
-
Security Operations38
-
Video Content Lesson 746
-
CISSP Lesson 8 PreTest20
-
Domain 8 - Business Continuity and Disaster Recovery Planning25
-
CISSP (Domain 8 - Business Continuity and Disaster Recover Planning)40
-
Business Continuity and Disaster Recovery41
-
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)30
-
Video Content Lesson 842
-
CISSP Lesson 9 PreTest20
-
Domain 9 - Legal, Regulations, Investigations, and Compliance25
-
CISSP (Domain 9 - Legal, Regulations, Compliance, and Investigations)34
-
Legal Regulations Investigation and Compliance44
-
CISSP (Chapter 9 - Legal, Regulations, Investigations, and Compliance)31
-
Video Content Lesson 955
-
CISSP Lesson 10 PreTest15
-
Domain 10 - Physical (Environmental) Security25
-
Physical Environmental Security22
-
CISSP (Domain 10 - Physical (Environmental) Security)41
-
Video Content Lesson 1045
-
CISSP Lesson 11 PreTest14
-
Video Content Lesson 1148
-
Practice Test Mistakes88
-
CISSP Notes350
-
CISSP Notes 2100
-
CISSP Notes 3400
-
Chapter 1 - Security Governance Through Principles And Policies29
-
Chapter 2 - Personnel Security And Risk Management Concepts20
-
Chapter 3 - Business Continuty Planning13
-
Chapter 4 - Laws, Regulations, And Compliance22
-
Chapter 5 - Protecting Security Of Assets7
-
Chapter 6 - Cryptography And SYmmetric Key Algorithms47
-
Chapter 7 - PKI And Cryptographic Applications28
-
Chapter 8 - Principles Of Security Models, Design, and Capabilities58
-
Chapter 9 - Security Vulnerabilities, Threats, and Countermeasures5
-
Chapter 10 - Physical Security Requirements27
-
Chapter 11 - Secure Network Architecture and Securing Network Components51
-
Chapter 12 - Secure Communications and Network Attacks17
-
Chapter 13 - Managing Identity and Authentication3
-
Chapter 14 - Controlling And Monitoring Access15
-
Chapter 15 - Security Assessment and Testing12
-
Chapter 16 - Managing Security Operations10
-
Chapter 17 - Preventing and Responding To Incidents2
-
Chapter 18 - Disaster Recovery Planning18
-
Chapter 19 - Incidents And Ethics7
-
Chapter 20 - Software Development Security45
-
Chapter 21: Malicious Code and Application Attacks9
-
SYBEX -Wrong Questions from Skillset10
-
CISSP-Security and Risk Management-Domain 1110
-
ISO and NIST 218
