Homework 1 Review Questions Flashcards
(12 cards)
An engineer for a small company is trying to explain the importance of security to the company’s owner. The owner feels the company does not need permissions added to the shared drive. What security concepts should the engineer detail for the owner of the company to the company to ensure the security of the shared drive?
A. Confidentiality
B. Integrity
C. Availability
D. Recovery
Confidentiality-
With confidentiality, integrity, and availability, also known as the CIA Triad, confidentiality means that only people with explicit authorization to access the information can read it. This type of authority involves setting permissions for files and folders.
After restoring a file from a backup, the owner of a small company wants to understand better the purpose of permissions. A particular situation occurred, and even though there are permissions on the shared drive, why does the company still not know who deleted the file? The engineer explained that enabling file auditing would help pinpoint all changes to the shared drive and who made them. How would this help prevent the lack of knowing who changed the files?
A. Confidentiality
B. Non-remediation
C. Non-repudiation
D. Availability
Non-repudiation-
Non-repudiation means a person cannot deny doing something, such as creating, modifying, or sending a resource. For the company, this would mean enabling file auditing on its file share.
A newly hired chief information security officer (CISO) is implementing the National Institute of Standards and Technology (NIST) Cybersecurity Framework. What first function would help the CISO better develop the company’s security policies, such as acceptable use policy (AUP), and build out recommendations for security controls?
A. Protect
B. Identify
C. Detect
D. Respond
Identify-
The identify function in the National Institute of Standards and Technology’s Cybersecurity Framework refers to developing security policies and capabilities. The CISO preparing policies and controls would fall under the identify function.
After implementing the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the chief information security officer (CISO) is assessing the company’s security posture to identify deficiencies from the framework’s recommendations. What process can the CISO run to get a better sense of what the company needs to improve upon?
A. Implement business continuity plan
B. Penetration test
C. Implement disaster recovery plan
D. Gap analysis
Gap Analysis-
The CISO would be preparing a gap analysis report. This report will show the defects in the company’s current security posture against the NIST Cybersecurity Framework (or any other baseline security framework).
A medium-sized mechanical engineering firm wants to better define the account creation process during the onboarding of new hires. It is looking to ensure that the new hires have the right programs, file permissions, and security controls completed ahead of time through automation. What modern access control implementation would aid the company’s account creation process?
A. IAM
B. LDAP
C. CISO
D. CTO
IAM-
The company typically implements modern access control as an identity and access management (IAM) system. The company would want to implement an IAM system to ensure the proper creation of accounts and their associated permissions.
What component of modern access controls determines what rights subjects should have on each resource?
A. Authentication
B. Authorization
C. Identification
D. Accounting
Authorization-
Authorization refers to determining what rights users should have on each resource and enforcing those rights. Authorization may involve permissions, individually, group, or role-based.
After a recent server outage, the company discovered that an employee accidentally unplugged the power cable from the server while grabbing some office supplies from the nearby shelf. What security control did the company lack that led to the server outage?
A. Managerial
B. Technical
C. Operational
D. Physical
Physical-
Physical controls such as alarms, gateways, locks, lighting, and security cameras deter and detect access to premises.
After a server outage due to a security breach, a company has taken several steps to recover from the incident. They have restored critical data from the latest backups and applied urgent security patches to address the exploited vulnerabilities. The security team has updated the incident response plan to incorporate lessons learned from the breach. What category of security control BEST describes the function of these recent implementations?
A. Corrective
B. Preventive
C. Detective
D. Operational
Corrective-
Corrective controls eliminate or reduce the impact of a security policy violation. A corrective control occurs after an attack. In this scenario, these actions aim to directly address the damage caused by the outage and improve the recovery process.
An information technology manager conducted an audit of the company’s support tickets. The manager noticed a trend with the tickets, where the majority were for new computer setups. What security control function would the manager’s implementation of a new standard operating procedure have?
A. Compensating
B. Deterrent
C. Directive
D. Corrective
Directive-
A directive control enforces a rule of behavior, such as a policy, best practice standard, or standard operating procedure (SOP).
An information technology (IT) department is growing to a size where there is a need for a new group to manage security. The chief executive officer (CEO) wants to hire a new executive officer for the role and split it into its own department, separate from the IT department. The CEO should hire for which position?
A. CIO
B. CTO
C. CEO
D. CISO
CISO
The chief information security officer (CISO) is the title of the individual responsible for managing security teams or departments within a company.
A newly hired chief information security officer (CISO) met with the human resources (HR) department to discuss how to better manage the company’s access to sensitive information. In what way does this meeting fall under the responsibility of the new CISO?
A. Monitoring audit logs
B. Reviewing user permissions
C. Documenting access controls
D. Managing security-related incident response
Reviewing user permissions-
Working with human resources to ensure the proper user permissions for their given role falls under the security aspect of the chief information security officer.
After a company hires a new chief information security officer (CISO), the chief executive officer (CEO) requests the CISO to hire staff for the new team. The purview of the team will be for monitoring and protecting critical information assets throughout the company. What BEST describes the location of this new team within the structure of the company?
A. SOC
B. NOC
C. Help desk
D. MSP
SOC-
A Security Operations Center (SOC) is the team responsible for security-related activities within a company.
