Module 18 Understanding Defense

Question 1

Assets

Answer 1

Anything of value to an org that must be protected, servers, infrastructure devices, end devices and data.

Question 2

Vuln

Answer 2

A weakness in a system or its design that could be exploited by a threat actions

Question 3

Threats

Answer 3

Any potential danger to an asset

Question 4

What is asset management?

Answer 4

Inventorying all assets, and then developing and implementing policies and procedures to protect them.

Question 5

What are assets?

Answer 5

The collection of all devices and information owned or managed by the organization are assets.

Question 6

What is asset management?

Answer 6

Inventory all assets you have, then develop and implement policies and procedures to protect them.
- Where are critical info assets stored?

Question 7

What to identify vulnerabilities?

Answer 7

What are the possible vulnerabilities of a system, who may want to exploit those vulnerabilities to access specific information assets, and what are the consequences if sys vulnerabilities are exploited?

Question 8

The e banking example - what are some vulnerabilities?

Answer 8

Data center destruction, data input errors, phony transactions using a customer pin, stolen customer data (attacker steals personal and financial data of bank customers from the customer database), internal system compromise, phony transactions from an external server.

Question 9

What is an indepth security approach?

Answer 9

Routers, firewalls, IPS, AMP (Advanced malware protection),

Question 10

What is an edge router?

Answer 10

First line of defense, it allows or denies traffic it sees from the internet.

Question 11

What would be a second line of defense?

Answer 11

Firewall

Question 12

What is a security onion?

Answer 12

Defense-in-depth approach. Firewall, IPS, content filtering, AAA ,hardened devices.

Question 13

What is the analogy of the security artichoke?

Answer 13

Benefits the threat actor, threat actors no loner needs to peel away each layer, if they remove certain leaves, sensitive data will eb revealed.

Question 14

What are business policies?

Answer 14

Guidelines that are developed by an org to govern its actions

Question 15

What are some guiding policies for a company?

Answer 15

Company policies, employee policies and security policies.

Question 16

What are employee policies?

Answer 16

HR - salary, pay schedule, employee benefits, work schedule, vacations and more

Question 17

What are security policies?

Answer 17

Security policies identify a set of security objectives for a company, define the rules of behavior for users and administrators and system req.

Question 18

What is a company policy?

Answer 18

Rules of conduct for both employer and employees.

Question 19

What is the point of a security policy?

Answer 19

Inform users, staff and managers an organizations requirements for protecting technology and information assets.
- defines legal consequences of violations
- sets rules for expected behavior
- ensures consistency in system operations, software and hardware acquisition and use

Question 20

What are some type of policies within the security realm?

Answer 20

AUP, remote access policy, incident handling procedures, password policies, identification and authentication policy.

Question 21

What is a BYOD policy?

Answer 21

You bring your own mobile device to access company systems, networks, etc. BYOD security policy specifies which devices can be supported, level of access employees have, safeguards (if device is compromised) - how much security the device should have

Question 22

What are some BYOD best practices?

Answer 22

Back up data, provide antivirus software, manually control wireless connectivity, password protect access