ISM First Half

Question 1

What is Information Security Management

Answer 1

Defines + manages controls that an organisation implements to protect confidentiality, availability and integrity of assets from threats

Question 2

What is an Information Security Management System

Answer 2

Procedure for managing information security

Question 3

Name some ISO standards

Answer 3

IS0 27000, 27001, 27002

Question 4

What is an asset in ISM

Answer 4

Anything with value to an organisation

Question 5

What is a threat in ISM

Answer 5

Potential cause of an unwanted incident

Question 6

What is a vulnerability in ISM

Answer 6

Weakness of an asset or control that can be exploited

Question 7

What is a risk in ISM

Answer 7

Effect of uncretainty on objectives

Question 8

What is impact in ISM

Answer 8

Result of an incident

Question 9

What are security controls in Information security management?

Answer 9

Activites that are taken to manage risks

Question 10

Name the four purposes of security controls (ERTA)

Answer 10

Eliminate, Reduce, Transfer, Accept

Question 11

What is identity in ISM?

Answer 11

Information that distinguishes one entity from another.

Question 12

What is authentication in ISM?

Answer 12

Assurance of an entities’ identity

Question 13

What is authorisation in ISM?

Answer 13

Permission granted to an entity to access a resource

Question 14

What is accountability in ISM?

Answer 14

Ensures actions of an entity can be traced

Question 15

What is an audit in ISM?

Answer 15

Review of a party’s ability to meet approval agreements

Question 16

What is compliance in ISM?

Answer 16

Meeting requirements of a standard.

Question 17

What is an ISMS?

Answer 17

Information Security Management System

Question 18

How is an ISMS implemented?

Answer 18

Socio-technical system, staff via training, ongoing evaluation

Question 19

What is the ISO27001?

Answer 19

Contains requirements for establishing, implementing, maintaining and improving an ISMS

Question 20

How does the ISO27001 protect information?

Answer 20

Focused on information assets. Protects people, then facilities, then business activity, then information technology.

Question 21

What is ISO27001 driven by?

Answer 21

Security Risk Management.

Question 22

Outline the process of continuous security improvement.

Answer 22

Leadership - Planning - Support - Operation - Performance - Improvement

Question 23

What is the ISO 27002?

Answer 23

List of Security Controls

Question 24

What is the ISO27004

Answer 24

Evaluates security performance and effectiveness.

Question 25

What is ISO27005

Answer 25

Outlines the security Risk Management Process.

Question 26

Name some control clauses in ISO27002.

Answer 26

Access Control, Comms secuirty, Supplier relationships, Cryptography.

Question 27

Outline the process for ISO27004 secuirty performance evaluation.

Answer 27

Identify needs - Maintain - Establish procedures - Monitor + measure - Analyse results - Evaluate information security

Question 28

Give some examples of secuirty measures

Answer 28

Output of various logs, statistics on training, Internal audits, Disaster recovery exercises, Reports from management reviews Mean time to Detect, Contain, Recovery

Question 29

What is the starting point of ISO27005

Answer 29

Identifying assets that are at risk.

Question 30

What are the phases of risk management

Answer 30

Preperation - Establish scope of risk, Risk Identification - Identifying assets, vulnerability, Risk Analysis - Assess/Measure/Estimate risks, Risk Evaluation - Evaluate risk level against evaluation, Risk Treatment - Identify treatment options

Question 31

What are potential issues with ISO27001?

Answer 31

Its a tick box exercise, cannot scale to large companies, too ambiguous to be of practical use.

Question 32

What is Business Continuity Management

Answer 32

Wholistic management programme that identifies potential events that threaten an organisation and provides a framework for resilience - capability for effective response

Question 33

What can a Business Continuity Management help avoid?

Answer 33

Events that threaten an organisation, develop resiliency

Question 34

What are the objectives of BCM?

Answer 34

Safeguard human life - contain business loss - Repetition - Protect assets

Question 35

What are the stages of BCM?

Answer 35

Implementation - Maintenance - Development

Question 36

What is Business Impact Analysis?

Answer 36

Determines the importance of an organisations activities by assessing the impact over time of their interruption and establish recovery objectives

Question 37

What are the 4 concepts of BIA

Answer 37

Resource - Asset used to conduct operations Outage - The unavailability of a resource Disruption - An interruption of operations Impact - The effect of an event

Question 38

What are the objectives of BIA

Answer 38

Verify organisational priorities Determine critical operations/deliverables Determine impact of disruptions Identify required resources Establish resumption times

Question 39

Name the critical operations and deliverables outline in BIA

Answer 39

Must remain operational or quickly recover Time sensitivity of the operation Time sensitivity of the operation

Question 40

What are operational dependencies? (single points of failure)

Answer 40

Opertaion that relies on one and only one Mitigation - Identify alternatives and define the potential impact

Question 41

What are counter-measures to single points of failure

Answer 41

Resilience - Ensure no single points of failure, deploy extra facilities Redundancy - Standby system that can take over if the active system fails , Typically involves a duplicate of the activtity system

Question 42

What are the details of the Recovery Time Objective?

Answer 42

Prospective point in time when an operation must be resumed for the organisation to achieve its objectives Multiple recovery time objectives BIA can help determine the resource requirement

Question 43

What is the recovery point objective?

Answer 43

Restrospective point in time to which information is restored to ensure objectives are met Balances the value of information and the cost of controls

Question 44

How do we identify resources needed to recover?

Answer 44

Variety of resources may be required, examples include: employees, inventory, technology, utilities, third party services

Question 45

How does BIA provide direction?

Answer 45

Rationale for Business Continuity Planning Identifies assets requiring protection Determine recovery time objectives Determines resource requirements

Question 46

What is business continuity management?

Answer 46

Developing strategies and plans

Question 47

What is Strategy in business continuity management? (Continuity, Recovery)

Answer 47

Apporach to address an event and any associated impacts Continuity strategies - Enahance the organisation's ability to respond to events to continue operations Recovery Strategies - return to stable operations

Question 48

How is Maintenance upheld in BCM?

Answer 48

Training, Testing, Maintenance and Updating/

Question 49

Outline the flow chart of BCM Plans.

Answer 49

BIA - Recovery Strategies - Plan Development - Testing

Question 50

What is Security Risk Management?

Answer 50

The combination of Business Continuity Management and Risk Management. They form a comprehensive approach for contingency planning. Risk Management can be considered as preventative BCM focuses on consequences and quick recovery.

Question 51

How do we define security risk?

Answer 51

Mathematical probability of occurence of a threatening event. Qualitative evaluation of the combination of threat and vulnerability Quantitative - Threat x Probability x Business Impact = Risk

Question 52

Outline the Security Risk Management LifeCycle

Answer 52

Identify - Analyse - Treat - Monitor

Question 53

What is meant by the identify section of the Security Risk Management LifeCycle

Answer 53

What assets are important, what threats they may face, what vulnerabilities may be exploited

Question 54

What is meant by the analyse section of the Security Risk Management LifeCycle

Answer 54

Define impact/loss Determine probability of occurence

Question 55

What is organisational Cyber Harm?

Answer 55

Physical, Economic, Psychological, Reputational, Social

Question 56

How is probability of attack estimated?

Answer 56

Organisational experience, Published reports, Cost of attack, Attractiveness of target, Vulnerability exposure

Question 57

What is the Treat element of the Security Risk Management Lifecycle

Answer 57

COsider Risks and Identify response approaches Avoid Mitigate Transfer Accept Secuirty Controls - Mitigate attacks or threats Types: Preventative, Detective, Reactive

Question 58

What is the monitor element of the Security Risk Management LifeCycle

Answer 58

Monitoring Security risk aspects is a continuous process. Log + audit network activity and security appliance Monitor Trends in threat Monitor attack surface + vulnerability posture

Question 59

What is IoT?

Answer 59

Internet of things - Netwokr of physical objects or sensors, softwares and connectivity to enable objects to exchange data with other devices.

Question 60

Outline the IoT System model

Answer 60

Applications (APIs) - Cloud Environment (APIs) - Thing Environment

Question 61

What is an example of Cyber Secuirty challenges in new environments?

Answer 61

Remote Working.

Question 62

How are cyber criminals exploiting the work from home paradigm?

Answer 62

Exploiting the fear and uncertainity of the unstable social + economic situation created by COVID-19

Question 63

What are home workers more likely to fall victim to?

Answer 63

Cyberattacks such as phishing that can represent an security risk as employee's details are an asset.