Final

Question 1

Boundary type

Answer 1

IT Security
hardware, software and communication networks can extend to VPN, web browsing, and database

Physical Security
secured vaults, strong building walls and containers

Question 2

Standards

Answer 2

IT Security 
information systems in the organization best in class IT security standard for interoperability

Physical Security
Infrastructure of the organization plays an important role in providing physical security for the organization

Question 3

Maturity

Answer 3

IT Security
The IT security products are developed rapidly

Physical Security
products are not developed rapidly rather they are used for longer periods

Question 4

Frequency of attacks

Answer 4

IT Security
attack against is very high in nature and the attack will be repeated often to test the resolve of the organization

Physical Security
is very low in nature and the attack is not repeated often

Question 5

Attack responses

Answer 5

IT Security
managed by the incident response teams by updating the software patches and using some other security control mechanisms

Physical Security
managed by the incident response teams by fixing the vulnerability which led to the attack and updating the firmware

Question 6

Risk to attackers

Answer 6

IT Security
cannot be traced and it is sophisticated operation

Physical Security
can be traced easily and they can be punished

Question 7

Evidence of compromise

Answer 7

IT Security
Evidence against copy of data cannot be traced

Physical Security
Physically stolen items can be noticed easily

Question 8

Article 2 Illegal access

Answer 8

CT, CSD, CCT
the data depends upon the access of whole computer system

“data confidentiality” the system cannot be accessed without rights

Question 9

Article 3 Illegal interception

Answer 9

CT
it focuses on the transmission of computer data within the computer system

data confidentiality” the system cannot be accessed without rights

Question 10

Article 4 Data interference

Answer 10

CT
the article 4 is going to damage, deletes or suppress the computer data

data integrity” the unauthorized users can damage, delete or modify the data without having the rights

Question 11

Article 5 System interference

Answer 11

CT
without having the right of the computer system, it holds back the computer data by transmitting, damaging

“Data integrity”, “Data confidentiality”, “and data privacy”

Question 12

Article 6 Misuse of devices

Answer 12

CCT
and access code used in the computer system are used for the purpose of offences

“data availability”

Question 13

Article 8 Computer-related fraud

Answer 13

CCT
the computer data is modified, deleted or suppressed that result in inauthentic data

data integrity or data privacy”

Question 14

Article 9 Offenses related to child pornography

Answer 14

CCT

There is no attack on the child pornography

Question 15

Article 10 Infringements of copyright and related rights

Answer 15

CCT
it produces, offers or distributes the data through computer system from one person to another person

“data integrity or data privacy”

Question 16

Article 11 Attempt in aiding or abetting

Answer 16

CCT

there is no attack in aiding the commission of offenses

Question 17

Virus, worms or other malicious code

Answer 17

CT, CSD, CCT

depends upon what use is made of the attack

Question 18

Unauthorized access to/use of information, systems or networks

Answer 18

CT, CSD, CCT

depends upon what use is made of the attack

Question 19

Illegal generation of spam e-mail

Answer 19

CCT

crime attacks on “data confidentiality”

Question 20

Spyware

Answer 20

CCT

Question 21

Denial of service attacks

Answer 21

CT

crime attacks on “data availability”

Question 22

Fraud

Answer 22

CCT

crime attacks on “data confidentiality”

Question 23

Phishing

Answer 23

CT

crime attacks on “data privacy”

Question 24

Theft of other (proprietary) info including customer records, financial records

Answer 24

CT

crime attacks on “data privacy”

Question 25

Theft of intellectual property

Answer 25

CT crime attacks on “data confidentiality”

Question 26

Intentional exposure of private or sensitive information

Answer 26

CT crime attacks on “data privacy”

Question 27

Identity theft of customer

Answer 27

CCT crime attacks on “data confidentiality”

Question 28

Sabotage

Answer 28

CT crime attacks on data availability

Question 29

Zombie machines on organization’s network/bots/use of network by BotNets

Answer 29

CCT

Question 30

Web site defacement

Answer 30

CT crime attacks on “data integrity”

Question 31

Extortion

Answer 31

CCT

Question 32

European Union (EU) data protection directive

Answer 32

1. Check whether the member state protects the fundamental rights while processing the information of an individual 2. Check whether the “Data protection prevents the member states from limiting the free flow of individual’s information within the EU directive

Question 33

OECD

Answer 33

calls out the measure “collection limitation”. In that principle, it states about the limitation for collecting the personal data the guideline “security safeguards” states how the personal data is protected from risks and unauthorized access

Question 34

EU

Answer 34

calls out the need for “notice” in which the organization must report to the individuals what information the organization is gathering about and individual the guideline “Security” states how the organization protects the data integrity and confidential information of individual through technical support

Question 35

Compare Tables 2 Auditable items Suggested X.816 and 3 Monitoring Areas Suggested in ISO 27002

Answer 35

A. Yes, table 2 describes about the auditable events of “X.816” which includes the section “connection related security events” but this section is not found in the table 3 B. No, Because the tale of “ISO27002” mainly focuses on the computer security events related to privileged operations

Question 36

Another list of auditable events, is shown in Table 6. Compare this with Tables 2 X.816 and 3 ISO

Answer 36

A. Yes, OSI Model is not present in Table 6 B. Yes, most of the items in the “table 6” are not in the 2/3. Example: Successful program access, Information about the files

Question 37

Advantages of Agent-less SIEM

Answer 37

This method does not require that any special software to install, configure and maintain each logging host

Question 38

Disadvantage of Agent-less SIEM

Answer 38

Lack of filtering and aggregation at the individual host It takes increased amount of time to filter and analyze the logs In this method, the SIEM server requires the credentials to authenticate each logging host

Question 39

Advantages of Agent-based SIEM

Answer 39

The agent program installed on log is used to transmit the log data to SIEM server It takes less amount of time to filter and analyze the logs

Question 40

Disadvantage of Agent-based SIEM

Answer 40

It requires special agent program to perform the event filtering It requires the installation of multiple agents when the host has multiple types of logs