Principles Of Information Security 7th Edition Michael E. Whitman, Herbert J. Mattord - Solutions

Unlock the full potential of "Principles Of Information Security 7th Edition" with our comprehensive online resources. Access the answers key, solutions manual, and solutions PDF for in-depth understanding. Dive into solved problems and questions and answers to strengthen your grasp on the subject. Our test bank and chapter solutions offer detailed, step-by-step answers to guide you through complex topics. Whether you're an instructor seeking an instructor manual or a student using the textbook, our free download options provide the support you need to excel in information security.

Which of the specific BI/analytic techniques discussed in this chapter have you employed? Briefly describe the situation in which you used the specific technique(s). Were you satisfied with the process required to use this technique and the results it produced? Why or why not? Which specific
What two key components in addition to a solid data management program must be in place for an organization to get real value from its BI and analytics efforts?
The use of self-service analytics can introduce some new problems for an organization. Can you identify four potential issues?
Review staff availability and determine if new personnel will need to be contracted for the project in order to meet and exceed project goals.
I. Compare and contrast an Internet vulnerability assessment with an intranet vulnerability assessment. Explain the differences and similarities.II. Construct the sequence of processes that make up an intranet vulnerability assessment. Although they are the same steps as an Internet assessment, the
I. Establish an understanding that an organization must adopt a management maintenance model for its information security systems.II. State that continuous improvements are essential for the model being the most up to date to protect the information it has within it.III. Recall the fact that,
I. Define what the Center for Internet Security (CIS) is and their purpose for assisting with cyberattacks and methods to control them through the Multi-State Information Sharing and Analysis Center (MS-ISAC).II. Examine the U.S. National Security Agency (NSA) approach as they apply an “offense
I. Name the primary objective of the planning and risk assessment domain. The objective is to keep an eye on the entire information security program, in part by identifying and planning ongoing information security activities to reduce risk over time.II. Review the following objectives of this
I. Recognize the fact that a penetration test, or pen test, is performed as part of a full-scale security audit.II. Highlight that vulnerability testing is usually performed inside the organization’s security perimeter with complete knowledge of the networks’ configuration and operations; pen
I. Explain that the purpose of a wireless vulnerability assessment is to find and document vulnerabilities in the organization’s wireless networks.II. Gain an understanding that attackers from this direction are likely to take advantage of any loophole or flaw; this assessment is usually
I. Classify the details that data stored in a vulnerability database should contain to be effective when an issue occurs:• A unique vulnerability ID number for reporting and tracking remediation actions• Linkage to the risk, threat, and attack database based on the physical information asset
I. Measure the level of access to determine if external perimeter controls, walls, and fences with suitable gates are an essential starting point when employees require access to physical locations the organization owns or controls.II. Judge the level of security by being aware that expert planning
I. Compare and contrast the use of mechanical and electromechanical lock mechanisms. Briefly summarize the different types of keys and locks that are often used in a facility.II. Examine the backup protocols that must be in place when controlled access devices fail.
I. Obtain an understanding that janitors or custodians are often the least scrutinized people in a facility, yet they have access to nearly every part of a facility—including computer rooms and wiring closets.II. Establish an understanding of the consequences that can occur should a person obtain
I. Recognize that fires account for more property damage, personal injury, and death than any other threat to physical security. Physical security plans must implement strong measures to detect and respond to fires and fire hazards.II. Classify that the most combustible item in an office setting is
I. Demonstrate an understanding that supporting utilities, such as heating, ventilation, air conditioning, power, and water, have a significant impact on a facility’s safe operation.II. Assess the need that utilities must be responsibly managed to prevent damage to information and information
I. Recognize that high humidity levels often create condensation problems, and a lack of humidity can increase the risk of static electricity.II. Justify the fact that electrostatic discharges (ESDs) are a leading cause of failure for sensitive circuitry. Static electricity can exceed 12,000 volts
I. Recall the fact that some ductwork in commercial buildings may pose a security threat, as a person can climb through it to reach a destination unnoticed.II. Recommend the use of wire mesh grids to act as a barrier to various points to compartmentalize ventilation shaft runs.
I. Emphasize the need that power supplies must be properly grounded when used to maintain an organization’s physical environment.II. Recommend that in areas where water accumulation is possible, computing and other electrical equipment must be uniquely grounded using ground fault circuit
Review the three types of data interception: direct observations, interception of data transmissions, and electromagnetic interception.• Direct observations require that a person be close enough to the information to breach confidentiality.• Interception of data transmissions can occur from
I. Justify the cause-and-effect mobile devices and portable systems have on an information security network. Due to their portability, they must have stronger levels of security than stationary counterparts such as desktops.II. Review different software and hardware techniques that can be used to
I. Comprehend the fact that remote site computing involves a wide variety of computing sites outside the organization’s main facility and includes all forms of telework.II. Define the concept of telework and how it impacts an organization’s information security plan and protocols.III. Obtain an
Review special considerations an organization must employ to develop a comprehensive physical security program and the advantages and disadvantages of them. They include the choice of handling physical security in-house or outsourcing it and social engineering.
Which step of the systems development life cycle (SDLC) reviews issues with a current system and establishes the requirements of the new system being created?a. Maintenance and changeb. Investigationc. Analysisd. Physical design
Which steps in a traditional SDLC are combined in the first phase of a NIST approach to projects?a. Logical designb. Investigationc. Analysisd. B and C are correct answers
Explain why a SDLC is a methodology and its purpose for an information system.
When reviewing the Microsoft SDL, what is the final phase of their plan where an incident response plan is executed?a. Responseb. Verificationc. Designd. Training
I. Describe the six general phases of a traditional SDLC approach and how the waterfall model is applied to the phases.II. Justify the reasons that once a system is implemented, it is often maintained and modified over its working life.III. Recognize that an information system often may have
What is the situation called when a project manager spends more time adjusting a project management software file than focusing on the project itself?a. Project creepb. Projectitisc. Task delegationd. Strategic project management
I. Classify the reasoning why information gathered in the investigation phase is important and applicable to the analysis phase of the SDLC.II. Establish an understanding that assessments completed in this phase are what the new system is aimed to do and how it interacts with other systems,
True or False: When changing a security blueprint, training employees is not included as part of the process.
True or False: Major tasks that are part of a work breakdown structure (WBS) are known as subtasks.
Which layer of the bulls-eye model should information security projects focus the most on?a. Networksb. Policiesc. Systemsd. Applications
Which changeover strategy should be used when transitioning from an old system to a new system gradually?a. Directb. Pilotc. Phasedd. Parallel
I. Present reasons why this phase of the SDLC is often the most time consuming and expensive.II. Explain the life cycle does not have a hard ending for a system once this phase has been completed.III. Describe what happens to a system once it has reached its useful life.
The ________ is a certification program that is administered by the Security Industry Association (SIA).a. CAPMb. CSPMc. PMPd. ECCPM
Which consideration is focused on the selection of equipment and services for a project?a. Staffingb. Organizational feasibilityc. Procurementd. Scope
I. Review the comments provided by software development leaders J.H. Saltzer and M.D. Schroeder regarding how security considerations are a vital component to good software development.II. Identify commonplace security principles that must be implemented for a piece of software developed to be
True or False: The parallel operations conversion strategy often involves running two systems concurrently.
I. Compare the five-phased approach NIST applies to a standard SDLC which has six phases.II. Outline the five phases of the NIST approach to a SDLC: initiation, development/acquisition, implementation/assessment, operation/maintenance, and disposal.III. Recognize that the recommendations provided
True or False: The Center for Internet Security (CIS) outlines three categories of control to detect, prevent, respond to, and mitigate damage from attacks: Basic, Foundational, and Organizational.
I. Examine the differences between this phase and the investigation and analysis phases of a traditional SDLC.II. Review the key security activities for this phase and the benefits of early planning and awareness of them.
I. Outline the key activities application to security and why security components are not sequentially fixed in a top-down manner.II. Review the core outputs generated from development and/or acquisition activities within this step of the NIST SDLC.
Summarize the key steps performed within this part of the NIST SDLC.
I. Analyze the tasks required to be performed in this part of the NIST SDLC. Understand that that the system often requires enhancements and updates over time, and it evolves over its useful life.II. Justify the reasons why a system is updated so that it maintains effectiveness, security, and
I. Recognize that creation of a project plan is often assigned to a project manager or champion.II. Examine the purpose and contents of a work breakdown structure (WBS).• Work required to be accomplished• People or skill sets assigned to perform project tasks• Timelines which include a start
Discuss the importance of differentiating activities and deliverables early on in a project and why the project planner needs to provide thorough descriptions of tasks.
I. Examine the reasoning behind why a project planner should describe the resources needed to accomplish project tasks.II. Establish skill sets in lieu of making individual assignments.
I. Define what a project milestone is and the importance of establishing them early in the project process.II. Comprehend the understanding that start and end dates can be added as needed.
I. Discuss the process project planners must go through in order to determine the proper amount of effort required to complete project tasks and subtasks.II. Recognize that it is best practice to consult people who are familiar with project tasks to get an accurate estimate on the time needed for
Review the process a project planner executes to accurately determine the costs for each project task.
Define the difference between predecessors and successors that are comprised within a WBS.
Explain the numerous factors that project planners must consider about what they need to include in a comprehensive workplan.
Develop realistic timelines to schedule security control implementation, training, and other factors which can alter the project speed and timing.
Analyze the four types of project management certifications that often apply to an information security project:• GIAC Certified Project Manager• EC-Council IT Security Project Management• SIA Certified Security Project Manager• PMI Project Management Professional
Recall the focus of the SANS Institute and the topic areas they cover in their security-focused project management course:• Earned value technique (EVT)• Leadership and management strategy• Project communication management• Project cost management• Project human resource management•
I. Recognize the EC-Council and their Certified Project Management (CPM) program offering as an alternative option for a security professional to become versed in project management fundamentals.II. State the topics of their program offerings:• Introduction to project management• Project scope
Differentiate between conversion strategies, prioritization among multiple components, outsourcing, and technology governance.
I. Examine the four commonly used strategies transitioning from an old system to a new system:• Direct changeover• Phased implementation• Pilot implementation• Parallel operationsII. Recognize that existing systems must still be functional prior to the new system taking its place is fully
I. Discuss the purpose of these four layered model approaches with respect to a project plan process:• Policies: this is the outer-most layer of the diagram. It also provides the ground rules that systems must use to function correctly. When implementing complex changes, these should be used to
Review the concepts of technology governance and change controls and how they apply to a project plan:• Technology governance are the policies in place that determine how often technical systems are updated, approved, and funded.• Change control are processes in place that medium-sized
An effective information security governance program requires a(n) ________ review.a. Periodicb. Constantc. Consistentd. Annual
I. Review how the successful implementation and testing of a new and improved security profile may provide a false sense of security for an organization as it feels more confident about the protection level it receives. The organization should always be on guard.II. Outline that once changes have
Which of the following is defined as the direct connection of two or more information systems for sharing data and other information resources?a. System interconnectionb. Process interconnectionc. Resource interconnectiond. Data interconnection
Which of the following types of planning consists of a process for recovery and documentation of procedures for conducting recovery?a. Securityb. Contingencyc. Risk managementd. Performance
Which of the following terms best describes the process of repairing known vulnerabilities?a. Monitoringb. Testingc. Patchingd. Updating
True or False: With respect to changes that often occur in information security systems, persons maintaining the system often need to do major and minor release updates to ensure that the system is continuously up to date.
True or False: Among other factors, one of the things that is NOT likely to change with respect to an organization's information security environment is the dissolution of old partnerships. They are present indefinitely.
I. Discuss awareness and training as the backbone of an information security program, ensuring that all users are both aware and trained on a minimum level of information security.II. Establish key performance indicators or other metrics to identify gaps or problems within an information security
Which of the following is the component of the maintenance model that focuses on identifying, assessing, and managing the configuration and status of information assets in an organization?a. External monitoring domainb. Planning and risk assessment domainc. Internal domaind. Planning domain
I. Identify the concept of capital planning and investment control and its relation to an information security system.II. Establish key performance indicators or other metrics to identify gaps or problems within an information security system.III. Recall the importance that a formal enterprise
Which of the following is designed to find and document vulnerabilities that may be present in the organization’s public network?a. Difference analysisb. Internet vulnerability assessmentc. External monitoringd. Digital assessment
The primary objective of the ________ domain is to keep a lookout over the entire information security program.a. Internalb. Externalc. Planning and risk assessmentd. Digital assessment
I. Define the purpose of InfoSec performance management and the data that it produces.II. Explain what the purpose of performance measurements (or measures) are and why they need to be monitored in order to make managerial decisions, hold personnel accountable, and improve the effectiveness of the
The primary goal of the ________ domain is to identify specific, documented vulnerabilities and their timely remediation.a. Vulnerability assessment and remediationb. Externalc. Planning and risk assessmentd. Digital assessment
True or False: Penetration testing is a set of security tests and evaluations that simulate attacks by a hacker or other malicious external source.
What is the optimal temperature that computing equipment can operate in?a. No less than 40 degrees Fahrenheitb. Between 50 and 60 degrees Fahrenheitc. Between 70 and 74 degrees Fahrenheitd. Does not matter, as computing equipment can operate at any temperature
I. Critique the reality that risk management is a cyclical event that is fundamental to the information security program and requires continuous improvement.II. Examine that the principal goal is to protect the organization while the ability to perform its mission remains untouched.III. Recognize
How many volts of static electricity can be discharged if someone is walking across a carpeted floor/surface?a. In excess of 1,200 VAb. Up to 4,000 VAc. Up to 8,000 VAd. Upward of 12,000 VA
The primary power source for an organization’s computing equipment is most often the ________ utility that serves the facility.
What is the concept called when someone gains unauthorized entry by closely following another person through a secure entrance using their credentials to bypass a control point?a. Tailgatingb. Mantrappingc. Sprintingd. Human chaining
I. Define that the purpose of configuration and change management is to manage the effects changes have on an information system and/or network.II. Express an understanding that configuration management varies widely from one organization to another.III. Discuss the reasoning why continuous
True or False: It is not necessary to have an alternate procedure in place in the event a lock fails because a door or access point will open automatically without any additional assistance.
I. Compose a monitoring, escalation, and incident response process with information provided in the text. Understand that the basic function of the external monitoring process is to monitor activity, reports results, and escalate warnings.II. Compare three primary deliverables that a monitoring
I. Define the purpose of an internal monitoring domain, which is an informed awareness of the state of the organization’s networks, information systems, and information security defenses.II. Review the core components that internal monitoring is composed of:• Building and maintaining an
Recall the network characterization and inventory process. Regardless of an organization’s size, it must have a fully populated inventory for all network devices, communication channels, and computing devices (through the process known as characterization).Once the characteristics have been
Demonstrate the thought that for internal monitoring to be successful, information coming from an IDPS must be integrated into the maintenance process. Additionally, review the purposes of the IDPS, as they include raw intelligence of anomalies that occur in an information system program and
I. Detail the purpose of a platform security validation (PSV) assessment and what is used to validate compliance of platform configurations. Gain awareness that misconfigured systems fail to comply with company policy or standards as adopted by the IT governance groups and are communicated in the
I. Establish that the primary goal of readiness and review is to keep information security programs functioning as they are designed and continuously over time.II. Examine the three tasks that can accomplish the goal of keeping a domain ready and reviewed. They are policy reviews, program reviews,
I. Assess the need that physical security of information security systems is as important as logical or computer security processes.II. Review the list of the seven most common sources of physical loss as denoted in the book written by Donn B. Parker and outlined in the text.• Extreme
Compose a list of common major controls that a facility may have to protect itself from external forces. These include but are not limited to the following:• Walls, fencing, and gates• Guards and dogs• ID cards and badges• Locks and keys• Electronic monitoring• Alarms and alarm
Outline the core temperatures that computing equipment can efficiently operate in.• Temperatures below 32 degrees Fahrenheit or above 100 degrees can cause hardware and media failures and potentially destroy the equipment.• Optimal temperatures for a facility without protective
I. Evaluate the three basic criteria biometrics are judged against: false reject rate, false accept rate, and crossover error rate (CER).II. Emphasize that the goal is to find a balance between providing the requisite level of security and minimizing authentic users’ frustrations.III. Classify
I. Define the concept of intrusion and how it is a type of attack on information assets in which the instigator attempts to enter a system or disrupt the normal operations of a system with the intent to do malicious harm.II. Discuss intrusion prevention, which consists of activities that seek to
I. Assess the different type of IDPSs provided in the text with the foundational knowledge they are network or host-based systems.II. Justify that in larger organizations it is likely that both systems are used in tandem with each other or in different parts of the business depending on business
Discuss organizational requirements and constraints. Review and compose a list of questions like ones provided below with respect to this area of an IDPS to ask.• What requirements are levied from outside the organization?• Is your organization subject to oversight or review by another
True or False: Julius Caesar was associated with an early version of the substitution cipher.
I. Detail how the cyphertext consists of a list of codes representing the page number, line number, and word number of the plaintext word.II. Comprehend that the receiver must have knowledge as to which book to use to decipher a message.III. Explain how dictionaries and thesauruses are likely the
Which algorithm was the first public-key encryption algorithm developed (in 1977) and published for commercial use?a. 3DESb. Blowfishc. RSAd. Diffle-Hellman
I. Emphasize that just as PGP, PEM, and S/MIME work to secure e-mail operations, several related protocols work to secure Web browsers, especially at electronic commerce sites.II. Compare and contrast Secure Electronic Transactions (SET), Secure Socket Layer (SSL), Secure Hypertext Transfer

Showing 200 - 300 of 745

Principles Of Information Security 7th Edition Michael E. Whitman, Herbert J. Mattord - Solutions

Step by Step Answers