Risk Management & Treating Risks
Security Management Models
Security Management Practices
Planning for Contingencies
Security Maintenance
Protection Mechanisms
100

Because even the implementation of new technologies does not necessarily guarantee an organization can gain or maintain a competitive lead, the concept of __________ has emerged as organizations strive not to fall behind technologically.

competitive disadvantage

  

100

In information security, a framework or security model customized to an organization, including implementation details, is a _________.

blueprint

100

When hiring security personnel, which of the following should be conducted before the organization extends an offer to any candidate, regardless of job level? 

background check

100

Contingency planning or business continuity planning is primarily focused on developing __________.

 plans for unexpected adverse events

100

A primary mailing list for new vulnerabilities, called simply _____, provides time-sensitive coverage of emerging vulnerabilities, documenting how they are exploited and reporting on how to remediate them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing lists.

Bugtraq

100

Which type of firewall keeps track of each network connection established between internal and external systems?

stateful packet inspection

200

Which alternative risk management methodology is a process promoted by the Computer Emergency Response Team (CERT) Coordination Center (www.cert.org) that has three variations for different organizational needs, including one known as ALLEGRO?

OCTAVE

  

200

Which of the following is a generic model for a security program?

framework

  

200

Incorporating InfoSec components into periodic employee performance evaluations can __________.

heighten InfoSec awareness

200

Which of the following is the first component in the contingency planning process?

business impact analysis

  

200

U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) coordinates CERT services at ________.

US-CERT

  

200

The combination of a system's TCP/IP address and a service port is known as a __________.

NAT

300

What strategic role do the InfoSec and IT communities play in risk management?  Explain each one.

InfoSec - Because members of the InfoSec community best understand the threats and attacks that introduce risk, they often take a leadership role in addressing risk.

IT - This group must help to build secure systems and ensure their safe operation. For example, IT builds and operates information systems that are mindful of operational risks and have proper controls implemented to reduce risk.

300

The Information Security __________ is a managerial model provided by an industry working group, National Cyber Security Partnership, which provides guidance in the development and implementation of organizational InfoSec structures and recommends the responsibilities that various members should have in an organization.

Governance Framework

  

300

Which of the following policies makes it difficult for an individual to violate InfoSec and is quite useful in monitoring financial affairs?

separation of duties

300

Which of the following NIST Cybersecurity Framework (CSF) stages relates to implementation of effective security controls (policy, education, training and awareness, and technology)?

Protect

300

. _____, a level beyond vulnerability testing, is a set of security tests and evaluations that simulate attacks by a malicious external source like a hacker.

Penetration testing

  

300

Which type of IDPS is also known as a behavior-based intrusion detection system?

anomaly-based

400

Why is threat identification so important in the process of risk management?

Any organization typically faces a wide variety of threats. If you assume that every threat can and will attack every information asset, then the project scope becomes too complex. To make the process less unwieldy, each step in the threat identification and vulnerability identification processes is managed separately and then coordinated at the end. At every step, the manager is called on to exercise good judgment and draw on experience to make the process function smoothly.

400

The Information Technology Infrastructure Library (ITIL) is a collection of methods and practices primarily for __________.

managing the development and operation of IT infrastructures

400

Organizations are required by privacy laws to protect sensitive or personal employee information, including __________.

personally identifiable information (PII)

400

The steps in IR (Incident Response) are designed to:

stop the incident, mitigate incident effects, provide information for recovery from the incident

  

400

_____ penetration testing, also known as disclosure testing, is usually used when a specific system or network segment is suspect and the organization wants the pen tester to focus on a particular aspect of the target.

White box

  

400

Which type of IDPS works like antivirus software?

signature-based

500

What is the OCTAVE Method approach to risk management?

The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Method is an InfoSec risk evaluation methodology that allows organizations to balance the protection of critical information assets against the costs of providing protective and detection controls. This process can enable an organization to measure itself against known or accepted good security practices and then establish an organization-wide protection strategy and InfoSec risk mitigation plan.

500

Which of the following provides advice about the implementation of sound controls and control objectives for InfoSec, and was created by ISACA and the IT Governance Institute?

COBIT

500

Which of the following terms is described as the process of designing, implementing, and managing the use of the collected data elements to determine the effectiveness of the overall security program?

performance management

500

Wwhat is a responsibility of the crisis management team?

keeping the public informed about the event and the actions being taken

  

500

Which tool can best identify active computers on a network?

port scanner

500

What is an application that entices individuals who are illegally perusing the internal areas of a network by providing simulated rich content areas while the software notifies the administrator of the intrusion?

honey pot