ISMS
What clause in the ISMS requires establishing "context" of the security program? Why is establishing context important?
Clause 4 - Establishing context helps ensure alignment between business objectives and the security program.
In AWS, what is the instance type that permits file storage?
S3 Bucket
Name 3 MDM solutions. (At least one must work on MAC.)
1) Microsoft Intune
2) Kaseya
3) Airwatch, JAMF (Work on MAC)
What is public key encryption?
Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys. Each pair consists of a public key (which may be known to others) and a private key (which may not be known by anyone except the owner).
What is password spraying?
Password spraying is a type of brute force attack. In this attack, an attacker will brute force logins based on list of usernames with default passwords on the application.
When two ISO frameworks are managed jointly, what type of management system is created?
An Integrated Management System (IMS)
In AWS, what is the built-in tool that allows for vulnerability scanning?
Inspector
What is a Golden Image?
A script used to configure an endpoint to a defined standard.
Describe 3 potential uses of blockchain technology.
1) Cryptocurrency
2) P2P/Decentralized Data Storage
3) Identity verification
What is OSINT? Provide 2 examples.
Open Source Intelligence Gathering
1) Searching the dark web for leaked passwords
2) Monitoring social media profiles
What are three common flaws in security organizational structures?
- Security is not independent from IT (e.g., CISO reports to I.T. or is the same person)
- Security does not have a "seat at the table" with executives
- Roles and responsibilities of security duties are unclear (e.g., RACI)
In AWS, which tool uses machine learning to look for malicious activity in your AWS environments
AWS GuardDuty
An organization may use a virtual desktop to provide a secure location to perform work. The user's physical workstation becomes a window (thin client) to a secure workstation located virtually and tightly controlled by the owner.
What is the latest version of TLS? What version of TLS is considered obsolete?
TLS 1.3
NSA recommends that only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used.
What is an APT? Provide two examples.
Advanced Persistent Threat
ADP 1 - China
APT 29 - Russia (Cozy Bear)
What clause in the ISMS requires documentation of key performance indicators?
Clause 6.2
In AWS, what would you request if you wanted to test access controls?
AWS IAM Roles and role membership
What is the difference between application whitelisting and blacklisting? Which is more secure?
Whitelist - Only trusted applications can be used.
Blacklist - All applications are trusted unless explicitly denied.
What is a TLS handshake?
A TLS handshake enables clients and servers to establish a secure connection and create session keys.
Name three Hacker group types (organized groups of hackers).
1) Hacktivist
2) Nation State
3) Criminal Organizations
9.1 - Self assessment activities (e.g., compliance calendar events)
9.2 - Internal audit policy, plan, and report
9.3 - Evidence of management review (IRC meeting minutes, responses in the IA report, Risk Register comments)
In AWS, what tool is used for cryptographic key management?
AWS KMS (Key Management System)
What is heuristic analysis? What is an example?
Heuristic analysis is a method of detecting viruses by examining code for suspicious properties.
Traditional methods of virus detection involve identifying malware by comparing code in a program to the code of known virus types that have already been encountered, analyzed and recorded in a database – known as signature detection.
Quantum computing has such processing power it could theoretically, with time, break any cryptographic key. As a result, cryto keys would likely need to be created using quantum computing and rotation rates would need to be increased.
Name five common attack types.