Questions and Answers of Principles Of Information Security

Which of the specific BI/analytic techniques discussed in this chapter have you employed? Briefly describe the situation in which you used the specific technique(s). Were you satisfied with the
What two key components in addition to a solid data management program must be in place for an organization to get real value from its BI and analytics efforts?
The use of self-service analytics can introduce some new problems for an organization. Can you identify four potential issues?
Review staff availability and determine if new personnel will need to be contracted for the project in order to meet and exceed project goals.
I. Compare and contrast an Internet vulnerability assessment with an intranet vulnerability assessment. Explain the differences and similarities.II. Construct the sequence of processes that make up
I. Establish an understanding that an organization must adopt a management maintenance model for its information security systems.II. State that continuous improvements are essential for the model
I. Define what the Center for Internet Security (CIS) is and their purpose for assisting with cyberattacks and methods to control them through the Multi-State Information Sharing and Analysis Center
I. Name the primary objective of the planning and risk assessment domain. The objective is to keep an eye on the entire information security program, in part by identifying and planning ongoing
I. Recognize the fact that a penetration test, or pen test, is performed as part of a full-scale security audit.II. Highlight that vulnerability testing is usually performed inside the
I. Explain that the purpose of a wireless vulnerability assessment is to find and document vulnerabilities in the organization’s wireless networks.II. Gain an understanding that attackers from this
I. Classify the details that data stored in a vulnerability database should contain to be effective when an issue occurs:• A unique vulnerability ID number for reporting and tracking remediation
I. Measure the level of access to determine if external perimeter controls, walls, and fences with suitable gates are an essential starting point when employees require access to physical locations
I. Compare and contrast the use of mechanical and electromechanical lock mechanisms. Briefly summarize the different types of keys and locks that are often used in a facility.II. Examine the backup
I. Obtain an understanding that janitors or custodians are often the least scrutinized people in a facility, yet they have access to nearly every part of a facility—including computer rooms and
I. Recognize that fires account for more property damage, personal injury, and death than any other threat to physical security. Physical security plans must implement strong measures to detect and
I. Demonstrate an understanding that supporting utilities, such as heating, ventilation, air conditioning, power, and water, have a significant impact on a facility’s safe operation.II. Assess the
I. Recognize that high humidity levels often create condensation problems, and a lack of humidity can increase the risk of static electricity.II. Justify the fact that electrostatic discharges (ESDs)
I. Recall the fact that some ductwork in commercial buildings may pose a security threat, as a person can climb through it to reach a destination unnoticed.II. Recommend the use of wire mesh grids to
I. Emphasize the need that power supplies must be properly grounded when used to maintain an organization’s physical environment.II. Recommend that in areas where water accumulation is possible,
Review the three types of data interception: direct observations, interception of data transmissions, and electromagnetic interception.• Direct observations require that a person be close enough to
I. Justify the cause-and-effect mobile devices and portable systems have on an information security network. Due to their portability, they must have stronger levels of security than stationary
I. Comprehend the fact that remote site computing involves a wide variety of computing sites outside the organization’s main facility and includes all forms of telework.II. Define the concept of
Review special considerations an organization must employ to develop a comprehensive physical security program and the advantages and disadvantages of them. They include the choice of handling
Which step of the systems development life cycle (SDLC) reviews issues with a current system and establishes the requirements of the new system being created?a. Maintenance and changeb.
Which steps in a traditional SDLC are combined in the first phase of a NIST approach to projects?a. Logical designb. Investigationc. Analysisd. B and C are correct answers
Explain why a SDLC is a methodology and its purpose for an information system.
When reviewing the Microsoft SDL, what is the final phase of their plan where an incident response plan is executed?a. Responseb. Verificationc. Designd. Training
I. Describe the six general phases of a traditional SDLC approach and how the waterfall model is applied to the phases.II. Justify the reasons that once a system is implemented, it is often
What is the situation called when a project manager spends more time adjusting a project management software file than focusing on the project itself?a. Project creepb. Projectitisc. Task
I. Classify the reasoning why information gathered in the investigation phase is important and applicable to the analysis phase of the SDLC.II. Establish an understanding that assessments completed
True or False: When changing a security blueprint, training employees is not included as part of the process.
True or False: Major tasks that are part of a work breakdown structure (WBS) are known as subtasks.
Which layer of the bulls-eye model should information security projects focus the most on?a. Networksb. Policiesc. Systemsd. Applications
Which changeover strategy should be used when transitioning from an old system to a new system gradually?a. Directb. Pilotc. Phasedd. Parallel
I. Present reasons why this phase of the SDLC is often the most time consuming and expensive.II. Explain the life cycle does not have a hard ending for a system once this phase has been
The ________ is a certification program that is administered by the Security Industry Association (SIA).a. CAPMb. CSPMc. PMPd. ECCPM
Which consideration is focused on the selection of equipment and services for a project?a. Staffingb. Organizational feasibilityc. Procurementd. Scope
I. Review the comments provided by software development leaders J.H. Saltzer and M.D. Schroeder regarding how security considerations are a vital component to good software development.II. Identify
True or False: The parallel operations conversion strategy often involves running two systems concurrently.
I. Compare the five-phased approach NIST applies to a standard SDLC which has six phases.II. Outline the five phases of the NIST approach to a SDLC: initiation, development/acquisition,
True or False: The Center for Internet Security (CIS) outlines three categories of control to detect, prevent, respond to, and mitigate damage from attacks: Basic, Foundational, and Organizational.
I. Examine the differences between this phase and the investigation and analysis phases of a traditional SDLC.II. Review the key security activities for this phase and the benefits of early planning
I. Outline the key activities application to security and why security components are not sequentially fixed in a top-down manner.II. Review the core outputs generated from development and/or
Summarize the key steps performed within this part of the NIST SDLC.
I. Analyze the tasks required to be performed in this part of the NIST SDLC. Understand that that the system often requires enhancements and updates over time, and it evolves over its useful life.II.
I. Recognize that creation of a project plan is often assigned to a project manager or champion.II. Examine the purpose and contents of a work breakdown structure (WBS).• Work required to be
Discuss the importance of differentiating activities and deliverables early on in a project and why the project planner needs to provide thorough descriptions of tasks.
I. Examine the reasoning behind why a project planner should describe the resources needed to accomplish project tasks.II. Establish skill sets in lieu of making individual assignments.
I. Define what a project milestone is and the importance of establishing them early in the project process.II. Comprehend the understanding that start and end dates can be added as needed.
I. Discuss the process project planners must go through in order to determine the proper amount of effort required to complete project tasks and subtasks.II. Recognize that it is best practice to
Review the process a project planner executes to accurately determine the costs for each project task.
Define the difference between predecessors and successors that are comprised within a WBS.
Explain the numerous factors that project planners must consider about what they need to include in a comprehensive workplan.
Develop realistic timelines to schedule security control implementation, training, and other factors which can alter the project speed and timing.
Analyze the four types of project management certifications that often apply to an information security project:• GIAC Certified Project Manager• EC-Council IT Security Project Management• SIA
Recall the focus of the SANS Institute and the topic areas they cover in their security-focused project management course:• Earned value technique (EVT)• Leadership and management strategy•
I. Recognize the EC-Council and their Certified Project Management (CPM) program offering as an alternative option for a security professional to become versed in project management fundamentals.II.
Differentiate between conversion strategies, prioritization among multiple components, outsourcing, and technology governance.
I. Examine the four commonly used strategies transitioning from an old system to a new system:• Direct changeover• Phased implementation• Pilot implementation• Parallel operationsII.
I. Discuss the purpose of these four layered model approaches with respect to a project plan process:• Policies: this is the outer-most layer of the diagram. It also provides the ground rules that
Review the concepts of technology governance and change controls and how they apply to a project plan:• Technology governance are the policies in place that determine how often technical systems
An effective information security governance program requires a(n) ________ review.a. Periodicb. Constantc. Consistentd. Annual
I. Review how the successful implementation and testing of a new and improved security profile may provide a false sense of security for an organization as it feels more confident about the
Which of the following is defined as the direct connection of two or more information systems for sharing data and other information resources?a. System interconnectionb. Process interconnectionc.
Which of the following types of planning consists of a process for recovery and documentation of procedures for conducting recovery?a. Securityb. Contingencyc. Risk managementd. Performance
Which of the following terms best describes the process of repairing known vulnerabilities?a. Monitoringb. Testingc. Patchingd. Updating
True or False: With respect to changes that often occur in information security systems, persons maintaining the system often need to do major and minor release updates to ensure that the system is
True or False: Among other factors, one of the things that is NOT likely to change with respect to an organization's information security environment is the dissolution of old partnerships. They are
I. Discuss awareness and training as the backbone of an information security program, ensuring that all users are both aware and trained on a minimum level of information security.II. Establish key
Which of the following is the component of the maintenance model that focuses on identifying, assessing, and managing the configuration and status of information assets in an organization?a. External
I. Identify the concept of capital planning and investment control and its relation to an information security system.II. Establish key performance indicators or other metrics to identify gaps or
Which of the following is designed to find and document vulnerabilities that may be present in the organization’s public network?a. Difference analysisb. Internet vulnerability assessmentc.
The primary objective of the ________ domain is to keep a lookout over the entire information security program.a. Internalb. Externalc. Planning and risk assessmentd. Digital assessment
I. Define the purpose of InfoSec performance management and the data that it produces.II. Explain what the purpose of performance measurements (or measures) are and why they need to be monitored in
The primary goal of the ________ domain is to identify specific, documented vulnerabilities and their timely remediation.a. Vulnerability assessment and remediationb. Externalc. Planning and risk
True or False: Penetration testing is a set of security tests and evaluations that simulate attacks by a hacker or other malicious external source.
What is the optimal temperature that computing equipment can operate in?a. No less than 40 degrees Fahrenheitb. Between 50 and 60 degrees Fahrenheitc. Between 70 and 74 degrees Fahrenheitd. Does not
I. Critique the reality that risk management is a cyclical event that is fundamental to the information security program and requires continuous improvement.II. Examine that the principal goal is to
How many volts of static electricity can be discharged if someone is walking across a carpeted floor/surface?a. In excess of 1,200 VAb. Up to 4,000 VAc. Up to 8,000 VAd. Upward of 12,000 VA
The primary power source for an organization’s computing equipment is most often the ________ utility that serves the facility.
What is the concept called when someone gains unauthorized entry by closely following another person through a secure entrance using their credentials to bypass a control point?a. Tailgatingb.
I. Define that the purpose of configuration and change management is to manage the effects changes have on an information system and/or network.II. Express an understanding that configuration
True or False: It is not necessary to have an alternate procedure in place in the event a lock fails because a door or access point will open automatically without any additional assistance.
I. Compose a monitoring, escalation, and incident response process with information provided in the text. Understand that the basic function of the external monitoring process is to monitor activity,
I. Define the purpose of an internal monitoring domain, which is an informed awareness of the state of the organization’s networks, information systems, and information security defenses.II. Review
Recall the network characterization and inventory process. Regardless of an organization’s size, it must have a fully populated inventory for all network devices, communication channels, and
Demonstrate the thought that for internal monitoring to be successful, information coming from an IDPS must be integrated into the maintenance process. Additionally, review the purposes of the IDPS,
I. Detail the purpose of a platform security validation (PSV) assessment and what is used to validate compliance of platform configurations. Gain awareness that misconfigured systems fail to comply
I. Establish that the primary goal of readiness and review is to keep information security programs functioning as they are designed and continuously over time.II. Examine the three tasks that can
I. Assess the need that physical security of information security systems is as important as logical or computer security processes.II. Review the list of the seven most common sources of physical
Compose a list of common major controls that a facility may have to protect itself from external forces. These include but are not limited to the following:• Walls, fencing, and gates• Guards and
Outline the core temperatures that computing equipment can efficiently operate in.• Temperatures below 32 degrees Fahrenheit or above 100 degrees can cause hardware and media failures and
I. Evaluate the three basic criteria biometrics are judged against: false reject rate, false accept rate, and crossover error rate (CER).II. Emphasize that the goal is to find a balance between
I. Define the concept of intrusion and how it is a type of attack on information assets in which the instigator attempts to enter a system or disrupt the normal operations of a system with the intent
I. Assess the different type of IDPSs provided in the text with the foundational knowledge they are network or host-based systems.II. Justify that in larger organizations it is likely that both
Discuss organizational requirements and constraints. Review and compose a list of questions like ones provided below with respect to this area of an IDPS to ask.• What requirements are levied from
True or False: Julius Caesar was associated with an early version of the substitution cipher.
I. Detail how the cyphertext consists of a list of codes representing the page number, line number, and word number of the plaintext word.II. Comprehend that the receiver must have knowledge as to
Which algorithm was the first public-key encryption algorithm developed (in 1977) and published for commercial use?a. 3DESb. Blowfishc. RSAd. Diffle-Hellman
I. Emphasize that just as PGP, PEM, and S/MIME work to secure e-mail operations, several related protocols work to secure Web browsers, especially at electronic commerce sites.II. Compare and

Showing 200 - 300 of 746