Objective 1.1

Question 1

Security Controls Categories

Answer 1

• Technical Controls
• Managerial Controls
• Operational Controls
• Physical Controls

Question 2

TMOP

Answer 2

• Technical Controls
• Managerial Controls
• Operational Controls
• Physical Controls

Question 3

The technologies, hardware and software mechanisms that are implemented to manage and reduce risks.

Answer 3

Technical Controls

Question 4

Examples of technical controls

Answer 4

1. Antivirus
2. Firewalls
3. Encryption Processes
4. Intrusion Detection Systems (IDS like SNORT)

Question 5

Involve the strategic planning and governance side of security.

Is about making informed decisions and ensure that the organization is on the same security page.

Answer 5

Managerial Controls

Question 6

Example of Managerial Control

Answer 6

1. Conduct a risk assesment to understand the potential risks and vulnerabilities and assess if a tool implementation or a new network archtecture will align with the company’s broader risk strategy.

Question 7

Managerial Contols encompass:

Answer 7

• Risk Assessment
• Security Policies
• Training Programs
• Incident Response Strategies

Question 8

[Managerial Contols]
RiskAss
SecPo
TaingPo
IncResp

Answer 8

• Risk Assessment
• Security Policies
• Training Programs
• Incident Response Strategies

Question 9

Procedures and measures that are designed to protect data on a day-to-day basis and are mainly governed by internal processes and human actions.

Answer 9

Operational Controls

Question 10

Examples of Operational Controls:

Answer 10

• Organization requires that you change your password every 90 days.
• Backup Procedures
• Account Reviews
• User Training Programs

Question 11

Tangible, real-world measures taken to protect assets.

Answer 11

Physical Controls

Question 12

Example of physical controls:

Answer 12

• Shredding of sensitive documents
• Security guards
• Locking the doors
• Cameras

Question 13

Security Control Types

Answer 13

• Preventive Controls
• Deterrent Controls
• Detective Controls
• Corrective Controls
• Compensating Controls
• Directive Controls

Question 14

Proactive mesaures implemented to thwart potential security threats or breaches

Answer 14

Preventive Controls

Question 15

Aim to discourage potential attackers by making the effort seem less appealing or more challenging.

Answer 15

Deterrent Controls

Question 16

Monitor and alert organizations to malicious activities as they occur or shortly thereafter.

Answer 16

Detective Controls

Question 17

Mitigate any potential damage and restore the systems to their normal state.

Answer 17

Corrective Controls

Question 18

Alternative measures that area implemented when primary security controls are not feasible or effective.

Answer 18

Compensating Control

Question 19

Often rooted in policy or documentation and set the standards for behavior within an organization.

Answer 19

Directive Controls

Question 20

Is a cybersecurity approach that assumes no user or system is trusted by default and requires continuous verification for access to organizational resources.

Answer 20

Zero Trust

Question 21

Demands verification for every device, user, and transaction within the network, regardless of its origin.

Answer 21

Zero Trust

Question 22

Zero Trust Planes

Answer 22

Control Plane
Data Plane

Question 23

[Zero Trust] The overarching framework and set of components responsible for defining, managing, and enforcing the policies related to user and system access within an organization.

Answer 23

Control Plane

Question 24

[Zero Trust-CoP] Control Plane encompass…

Answer 24

• Adaptative Identity
• Threat Scope Reduction
• Policy-driven Access Control
• Secured Zones

Question 25

[Zero Trust-CoP] Adaptative Identity

Answer 25

Use adaptative identity that **rely on real-time identity validation** that takes into account the user's behavior, device, location, and more.

Question 26

[Zero Trust-CoP] Threat Scope Reduction

Answer 26

**Limit the users' access to only what they need for their work** tasks because ths drastically reduces the network's potential attack surface.

Question 27

[Zero Trust-CoP] Policy-Driven Access Control

Answer 27

Entails developing, managing, and enforcing user access policies based on their roles and responsabilities.

Question 28

[Zero Trust-CoP] Secured Zones

Answer 28

Isolated environments within a network that are designed to house sensitive data.

Question 29

[Zero Trust-CoP] Control Plane uses: Policy ........ Policy ........

Answer 29

[Zero Trust-CoP] Control Plane uses: Policy Engine Policy Administrator

Question 30

[Zero Trust-CoP] Policy Engine

Answer 30

Cross-references the access request with its predefined policies (like a rule book).

Question 31

[Zero Trust-CoP] Policy Administrator

Answer 31

Used to establish and manage the access policies.

Question 32

[Zero Trust] Data Plane

Answer 32

* Subject/System * Policy Enforcement Point

Question 33

[Zero Trust-DP] Subject/System

Answer 33

Refers to the individual or entity attempting to gain access.

Question 34

[Zero Trust-DP] Policy Enforcement Point

Answer 34

Allow or restrict access, and it will effectively act as a gatekeeper to the sensitive areas of the systems or networks.

Question 35

Process of evaluating the differences between an oganization's current performance and its desired performance.

Answer 35

Gap Analysis

Question 36

Gap Analysis Steps

Answer 36

1. Define the scope of the analysis 2. Gather data on the current state of the organization 3. Analyze the data to indentify the gaps 4. Develop a plan to bridge the gap

Question 37

2 types of gap analysis:

Answer 37

Technical Gap Analysis Business Gap Analysis

Question 38

Technical Gap Analysis

Answer 38

Involves evaluating an organization's current technical infrastructure and indetifying any areas where it falls short of the technical capablities required to fully utilize their security solutions.

Question 39

Business Gap Analysis

Answer 39

Involves evaluating and organization's current business processes and identifying any areas where they fall short of the capabilities required to fully utilize cloud-based solutions.

Question 40

Outlines the specific measures to address each vulnerability, allocate resources, and set up timelines for each remediation task that is needed.

Answer 40

POA&M - Plan of Action and Milestones

Question 41

Is a powerful tool that can help organizations to improve their security and their performance by identifying areas where improvements can be made.

Answer 41

Gap Analysis