Lesson 1: Summarize Fundamental Security Concepts

Question 1

What is Information Security (infosec)?

Answer 1

Protecting data resources from unauthorized access, attack, theft, or damage

Ensures data confidentiality, integrity, and availability

Question 2

What does the CIA Triad stand for?

Answer 2

• Confidentiality
• Integrity
• Availability

Question 3

Define Confidentiality in the context of the CIA Triad.

Answer 3

Information can only be read by authorized individuals.

Question 4

What is the purpose of Integrity in the CIA Triad?

Answer 4

Ensures data accuracy and trustworthiness.

Question 5

What does Availability in the CIA Triad ensure?

Answer 5

Information is accessible to authorized users when needed.

Question 6

What is Non-repudiation?

Answer 6

Ensures actions cannot be denied.

Question 7

Give an example of Non-repudiation.

Answer 7

Legal documents, like wills, often require witnesses to confirm their execution.

Question 8

What are the five functions of the NIST Cybersecurity Framework?

Answer 8

• Identify
• Protect
• Detect
• Respond
• Recover

Question 9

What is the purpose of the Identify function in cybersecurity framework?

Answer 9

Develop security policies and capabilities.

Question 10

What does the Protect function in cybersecurity framework involve?

Answer 10

Ensure security is embedded in every stage of IT hardware and software lifecycle.

Question 11

What is the purpose of the Detect function in cybersecurity framework?

Answer 11

Perform ongoing monitoring to ensure controls are effective.

Question 12

What does the Respond function in cybersecurity framework entail?

Answer 12

Address threats to systems and data security.

Question 13

What is involved in the Recover function of cybersecurity framework?

Answer 13

Restore systems and data after an attack.

Question 14

What is Gap Analysis?

Answer 14

Identifies deviations between current security systems and the requirements of a cybersecurity framework.

Question 15

What are the key purposes of a Gap Analysis?

Answer 15

• Achieve compliance
• Improve security
• Highlight missing or poorly configured controls

Question 16

What are the four categories of security controls?

Answer 16

• Managerial
• Operational
• Technical
• Physical

Question 17

What is the primary purpose of security controls?

Answer 17

Ensure systems and data assets maintain CIA triad and non-repudiation.

Question 18

Define Preventive Controls.

Answer 18

Eliminate or reduce the likelihood of an attack succeeding.

Question 19

What are Detective Controls used for?

Answer 19

Identify and record attempted or successful intrusions.

Question 20

What is the role of Corrective Controls?

Answer 20

Eliminate or reduce the impact of a security policy violation.

Question 21

What are Directive Controls?

Answer 21

Enforce rules of behavior, policies, and procedures.

Question 22

Define Deterrent Controls.

Answer 22

Psychologically discourage attackers.

Question 23

What are Compensating Controls?

Answer 23

Substitute for principal controls, providing equivalent or better protection.

Question 24

What is a Security Policy?

Answer 24

Formal statement outlining security implementation.

Question 25

Who is responsible for the overall IT function and possibly security in an organization?

Answer 25

Chief Information Officer (CIO)

Question 26

What is the responsibility of the Chief Security Officer (CSO) or Chief Information Security Officer (CISO)?

Answer 26

Management of a dedicated security department.

Question 27

What role does Nontechnical Staff play in an organization's security?

Answer 27

Complying with policies and legislation.

Question 28

What are the main activities involved in Risk Assessments and Testing?

Answer 28

* Participate in risk assessments * Security system testing * Make recommendations to improve security

Question 29

What is the function of the Security Operations Center (SOC)?

Answer 29

Monitor and protect critical information assets.

Question 30

Define DevSecOps.

Answer 30

An extension of DevOps that integrates security into every stage of software development.

Question 31

What is the role of Incident Response teams?

Answer 31

Manage and respond to security incidents effectively.

Question 32

What is the definition of Incident Response?

Answer 32

A dedicated team (CIRT/CSIRT/CERT) that acts as a single point of contact for security incident notifications. ## Footnote CIRT stands for Computer Incident Response Team, CSIRT stands for Computer Security Incident Response Team, and CERT stands for Computer Emergency Response Team.

Question 33

What are the functions of an Incident Response team?

Answer 33

May be part of the SOC or an independent unit. ## Footnote SOC stands for Security Operations Center.

Question 34

What is the role of an Incident Response team?

Answer 34

Manage and respond to security incidents effectively.

Question 35

What is the primary purpose of a Security Operations Center (SOC)?

Answer 35

Centralized Monitoring: Protect critical assets.

Question 36

What business functions does a Security Operations Center (SOC) support?

Answer 36

* Finance * Operations * Sales/Marketing

Question 37

Why do large organizations typically have a Security Operations Center (SOC)?

Answer 37

Due to complexity and cost.

Question 38

What does DevSecOps integrate into software development?

Answer 38

Security.

Question 39

What does the term 'Shift Left' refer to in DevSecOps?

Answer 39

Early security considerations.

Question 40

Who collaborates in a DevSecOps environment?

Answer 40

* Developers * Administrators * Security specialists

Question 41

What are the benefits of implementing DevSecOps?

Answer 41

* Faster * Reliable * Secure software

Question 42

What is a key characteristic of an effective Incident Response team?

Answer 42

Single Point of Contact for incident notifications.

Question 43

What is the advantage of integrating security in software development?

Answer 43

More reliable software development with embedded security practices.