Sec + 8

Question 1

What is MTTD, and which tool increases it drastically?

Answer 1

Mean time to detection. SOAR

Question 2

What is an API and what does it do?

Answer 2

Application programming interface

Automates and streamlining of complex processes by linking together tools and systems.

Question 3

Benefits of automation?

Answer 3

1. Efficiency
2. Enforcing baselines
3. Standard infrastructure configurations
4. Secure scaling
5. Employee retention
6. Reaction time
7. Workforce multiplier.

Question 4

Automation considerations.

Answer 4

1. Complexity
2. Cost
3. Single point of failure
4. Technical debt.
5. Support

Question 5

Incident response process

Answer 5

1. Prep
2. Detection
3. Analysis
4. Containment
5. Eradication
6. Recovery
7. Lessons learned

Question 6

What is CSIRT?

Answer 6

Cybersecurity incident response team

Question 7

Stages of cyber kill chain

Answer 7

1. Recon-calling employees, sending emails, dumpster diving, etc.
2. Weaponization- create malware payload
3. Delivery of payload.
4. Exploitation- execution of code
5. Installation - malware on asset
6. Command and control
7. Action on objectives- attack complete.

Question 8

Diamond model.

Answer 8

1. Adversary-hardest part to figure out
2. Infrastructure - path to victim
3. Capabilities
4. Victim

Question 9

What is intelligence fusion?

Answer 9

Orchestration of diverse cybersecurity data sources into a harmonious whole.

Question 10

Stages of digital forensics

Answer 10

1. Collection
2. Examination-hashing
3. Analysis
4. Reporting

Question 11

Order of evidence collection.

Answer 11

1. Cpu cache
2. Ram
3. Swap/page file/virtual memory
4. Hard drive

Question 12

Automated reports benefits

Answer 12

1. Real time insight
2. Compliance tracking
3. Effeciency

Question 13

What is a business continuity plan(BCP)?

Answer 13

Road map to sustain procedures in face of distuptions.

Question 14

What is the SDLC? List stages

Answer 14

Software development life cycle.

1. Development.
2. Test
3. Staging
4. Production

Question 15

2 ways of software development.

Answer 15

1. Waterfall-traditional. Linear
2. Agile-short sprints that can be done in any order. Faster and more agile

Question 16

Stages of risk management

Answer 16

1. Risk identification-risk, threat, vulnerabilities
2. Assessment-ad-hoc, recurring, one time, continuous
3. Analysis-qualitative and quantitative

Question 17

What is SLE?

Answer 17

Single loss expectancy

Question 18

What is ARO

Answer 18

Annual rate of occurance.

Question 19

What is ALEA and how is it calculated?

Answer 19

Annualized loss expectancy. Sle × apo

Question 20

What is the exposure factor?

Answer 20

Measure of magnitude of loss
Represented by a %.

Question 21

What is the risk register?

Answer 21

Detailed log of risks

Question 22

What is KRI?

Answer 22

Key risk indicators

Question 23

What does a risk owner do?

Answer 23

Manages specific risk

Question 24

What is a neutral risk tolerance?

Answer 24

Balance of expansionary and conservative risk

Question 25

What is risk exemption?

Answer 25

Exempting entity from risk due to impractical or unfeasable rules.

Question 26

What is RPO?

Answer 26

Recovery point objective. Max age of files that can be lost without consequences.