Cybersecurity Risks and Controls Flashcards by John Hall

What are the phases of an attack?

Before, During, After

How well did you know this?

Not at all

Perfectly

What is the risk equation for managed assets?

Risk = { Threats * Vulnerabilities * Asset Value } / Strong Controls

How well did you know this?

Not at all

Perfectly

What is the risk equation for unmanaged assets?

Risk = { Threats * Vulnerabilities * Asset Value } / Weak Controls

How well did you know this?

Not at all

Perfectly

What are the Business Controls that NIST references?

ISO 27002 Code of Practice

How well did you know this?

Not at all

Perfectly

What are the Technical Controls that NIST references?

CIS 20 Critical Controls

How well did you know this?

Not at all

Perfectly

What is Critical Infrastructure?

Assets, systems and networks, whether physical or virtual, so vital to the United States that their incapacitation or destruction would have a debilitating effect on national security, economic security, national public health or safety, or any combination thereof.

How well did you know this?

Not at all

Perfectly

What is EO ?

Executive Order

How well did you know this?

Not at all

Perfectly

Who issued EO 13800?

Trump

How well did you know this?

Not at all

Perfectly

What is EO 13800?

Strengthing Cybersecurity of Federal Networks and Critical Infrastructure

How well did you know this?

Not at all

Perfectly

What is the purpose of EO 13800?

To improve the nation’s cyber posture and capabilities in the face of intensifying cybersecurity threats to its digital and physical security.

How well did you know this?

Not at all

Perfectly

What are the deliverable for EO 13800 ?

Cybersecurity

* Workforce development

How well did you know this?

Not at all

Perfectly

What does NIAC stand for?

National Infrastructure Advisory Council

How well did you know this?

Not at all

Perfectly

What were the NIAC Report recommendations?

Establish separate, secure communication networks for critical cyber control system traffic and reserved spectrum for backup communications.
Facilitate cyber threat sharing.
Identify the best scanning tools and assessment practices.
Strengthen the capabilities of today’s cyber workforce.
Establish outcome based market incentives to encourge owners to upgrade cyber infrastructure.
Streamline security clearance process for owners of the nation’s most critical cyber assets.
Establish protocols to rapidly declassify cyber threat information.
Pilot an operational task force of experts to respond to cyber threats.
Perform the Gridex-IV Exercise to test Federal Authorities during a cyber incident.
Establish a governance approach.

How well did you know this?

Not at all

Perfectly

What are the steps to mitigate risks?

Strategy -aligned with business strategy
Program - establish the target profile
Controls - should be used to establish the new current profile
Assessment - gap analysis compares current & target profiles
Report - detailed scorecard that identifies current capabilities and an improvement plan for cyber maturity.

How well did you know this?

Not at all

Perfectly

What are the NIST CFW Strategic Goals?

Protect Information Systems
Reduce Cyber Risk
Best-in-Class Cybersecurity Capabilities
Enterprise Approach to Cybersecurity
A Cyber-Secure Enterprise

How well did you know this?

Not at all

Perfectly

What are the Objectives of NIST CFW Goal #1 ?

Objective 1.1 Safeguard Confidential Information from Compromise
Objective 1.2 Protect the Integrity of Information
Objective 1.3 Ensure the Availability of Critical information systems
Objective 1.4 Provide Cyber-Resilient Information Sytstems
Objective 1.5 Maintain a Secure Technology Infrastructure

How well did you know this?

Not at all

Perfectly

What are the Objectives of NIST CFW Goal #2 ?

Objective 2.1 Drive cybersecurity Priorities and Initiatives Based on Effective Risk Management
Objective 2.2 Create and Nurture a Culture of Cyber-Risk Awareness
Objective 2.3 Establish Risk Ownership and effectively Communicate Risk

How well did you know this?

Not at all

Perfectly

What are the Objectives of NIST CFW Goal #3 ?

Objective 3.1 Align information and Cyber Security Efforts with the Business Needs
Objective 3.2 Deliver Technology Solutions that are Secure
Objective 3.3 Enhance the Ability to Detect Cyber-Attacks
Objective 3.4 Respond Rapidly and Effectively to Security Incidents
Objective 3.5 Build and Maintain a Robust Cyber-Defence Capability
Objective 3.6 Develop and Sustain a capable and Competent Cybersecurity Workforce

How well did you know this?

Not at all

Perfectly

What are the Objectives of NIST CFW Goal #4 ?

Objective 4.1 Establish Enterprise Information and Cyber security program
Objective 4.2 Embrace a Common Cyber security Framework
Objective 4.3 Enact Effective Enterprise-Wide Security Policies
Objective 4.4 Improve Cyber security through the Enterprise Technology Transformation

How well did you know this?

Not at all

Perfectly

What are the Objectives of NIST CFW Goal #5 ?

Objective 5.1 Improve Cyber security through leadership, Partnerships and National Participation.

How well did you know this?

Not at all

Perfectly

What is Strategic Goal #1 ?

Protect Information and Systems

How well did you know this?

Not at all

Perfectly

What is Strategic Goal #2 ?

Reduce Cyber Risk

How well did you know this?

Not at all

Perfectly

What is Strategic Goal #3 ?

Best-in-Class Cyber security Capabilities

How well did you know this?

Not at all

Perfectly

What is Strategic Goal #4 ?

Enterprise Approach to Cyber security

How well did you know this?

Not at all

Perfectly

What is Strategic Goal #5 ?

A Cyber-Secure Enterprise

What does NCSF mean?

NIST Cyber Security Framework

What are the functions of the NCSF Framework Core?

1. Identify 2. Protect 3. Detect 4. Respond 5. Recover

What are the Categories of the NCSF Framework Core's Identify function?

1. Asset Management 2. Business Environment 3. Governance 4. Risk Assessment 5. Risk Management 6. Supply Chain

What are the Categories of the NCSF Framework Core's Protect function?

1. Access Control 2. Awareness and Training 3. Data Security 4. Information Protection Procedures 5. Maintenance 6. Protective Technology

What are the Categories of the NCSF Framework Core's Detect function?

1. Anomalies and Events 2. Security Continuous Monitoring 3. Detection Processes

What are the Categories of the NCSF Framework Core's Respond function?

1. Respond Planning 2. Communications 3. Analysis 4. Mitigation 5. Improvements

What are the Categories of the NCSF Framework Core's Recover function?

1. Recovery Planning 2. Improvements 3. Communications

Describe which function Asset Management category belongs to and how many sub-categories it has.

1. It belongs to the Identify function | 2. It contains 6 sub-categories

Describe which function Business Environment category belongs to and how many sub-categories it has.

1. It belongs to the Identify function | 2. It contains 5 sub-categories

Describe which function Governance category belongs to and how many sub-categories it has.

1. It belongs to the Identify function | 2. It contains 4 sub-categories

Describe which function Risk Assessment category belongs to and how many sub-categories it has.

1. It belongs to the Identify function | 2. It contains 6 sub-categories

Describe which function Risk Management category belongs to and how many sub-categories it has.

1. It belongs to the Identify function | 2. It contains 3 sub-categories

Describe which function Supply Chain category belongs to and how many sub-categories it has.

1. It belongs to the Identify function | 2. It contains 5 sub-categories

Describe which function Access Control category belongs to and how many sub-categories it has.

1. It belongs to the Protect function | 2. It contains 7 sub-categories

Describe which function Awareness and Training category belongs to and how many sub-categories it has.

1. It belongs to the Protect function | 2. It contains 5 sub-categories

Describe which function Data Security category belongs to and how many sub-categories it has.

1. It belongs to the Protect function | 2. It contains 8 sub-categories

Describe which function Information Protection Procedures category belongs to and how many sub-categories it has.

1. It belongs to the Protect function | 2. It contains 12 sub-categories

Describe which function Maintenance category belongs to and how many sub-categories it has.

1. It belongs to the Protect function | 2. It contains 2 sub-categories

Describe which function Protective Technology category belongs to and how many sub-categories it has.

1. It belongs to the Protect function | 2. It contains 5 sub-categories

Describe which function Anomalies and Events category belongs to and how many sub-categories it has.

1. It belongs to the Detect function | 2. It contains 5 sub-categories

Describe which function Security Continuous Monitoring category belongs to and how many sub-categories it has.

1. It belongs to the Detect function | 2. It contains 8 sub-categories

Describe which function Detection Processes category belongs to and how many sub-categories it has.

1. It belongs to the Detect function | 2. It contains 5 sub-categories

Describe which function Response Planning category belongs to and how many sub-categories it has.

1. It belongs to the Respond function | 2. It contains 1 sub-categories

Describe which function Communications category belongs to and how many sub-categories it has.

1. It belongs to the Respond function | 2. It contains 5 sub-categories

Describe which function Analysis category belongs to and how many sub-categories it has.

1. It belongs to the Respond function | 2. It contains 5 sub-categories

Describe which function Mitigation category belongs to and how many sub-categories it has.

1. It belongs to the Respond function | 2. It contains 3 sub-categories

Describe which function Improvements category belongs to and how many sub-categories it has.

1. It belongs to the Respond function | 2. It contains 2 sub-categories

Describe which function Recovery Planning category belongs to and how many sub-categories it has.

1. It belongs to the Recovery function | 2. It contains 1 sub-categories

Describe which function Improvements belongs to and how many sub-categories it has.

1. It belongs to the Recovery function | 2. It contains 2 sub-categories

Describe which function Communications belongs to and how many sub-categories it has.

1. It belongs to the Recovery function | 2. It contains 3 sub-categories

What are Tiers?

Tiers describe the maturity of an organization with regard to management of Cyber security risk.

How many Tiers are there?

What are the Tier ratings?

1. Partial 2. Risk Informed 3. Repeatable 4. Adaptive

What is a NCSF Framework Profile?

A NCSF Framework Profile represents the cyber security outcomes based upon business needs that an organization has selected from the Framework Categories and Subcategories.

What is the purpose of NCSF Framework Profiles?

To identify opportunities for improving cyber security posture by comparing a "Current" profile to a "Target" profile. They can be used to conduct self- gap analyses.

What is the NCSF Implement or Improvement methodology?

1. Prioritize 2. Orient 3. Create Current Profile 4. Conduct Risk Assessment 5. Create Target Profile 6. Determine Analyze & Priortize Caps 7. Implement Action Plan

What is a Controls Factory?

A concept used to help organize the engiineering, technical and business functions of a NIST cyber security program.