Cybersecurity Concepts and Risk Management

Questions and Answers

What does the acronym VPN stand for?

Virtual Private Network

Executives are responsible for managing and overseeing enterprise risk management.

True

What should the auditor suggest be done to avoid future security breaches?

The manager should only be able to review the data and approve purchase orders.

What are the risk management options that the consultant should use during the assessment?

Avoid, transfer, mitigate, and accept.

What does the acronym SOA stand for?

Statement of Applicability

Which of the following are steps in the risk management process?

True

Cybersecurity should be involved throughout the entire system development life cycle.

True

What should be used to best secure the environment with IP cameras?

Create an IP camera network and deploy a proxy to authenticate users prior to accessing the cameras.

What is an advantage of cloud computing?

Improved performance

Cybersecurity is primarily about implementing a checklist of requirements.

False

What security solution will best meet the requirements specified by the merchant?

Implement an enterprise-based SIEM solution to process the logs of the major platforms, applications, and infrastructure.

Open source material is a good resource for gathering substantial information on a desired target.

True

What does the agile process emphasize over processes and tools?

Individuals and Interactions

Jurisdiction and Breach Notification are examples of what type of potential risk?

Legal

What is considered the necessary research done before launching a scan?

Network Reconnaissance

Cloud computing does NOT require a constant Internet connection.

False

Which of the following should be developed during the SDLC?

True

HTML5 is the latest version of the markup language.

True

Chain of Custody shows who controlled, secured, and obtained a piece of evidence.

True

There should never be different levels of regulations within a single business unit.

False

What should a security manager do to manage risks associated with zero day attacks?

Maintain a list of critical systems.

What best explains SAML?

A security attestation model built on XML and SOAP based services, which allows for the exchange of AandA data between systems and supports Federated Identity Management.

What most likely occurred when an attack attempt was logged but no one reviewed the IDS event logs?

No one was reviewing the IDS event logs.

What should occur based on best practices for virtualizing servers?

Each data center should contain separate virtual environments for the web servers and for the domain controllers.

What is the definition of interoperability?

An agreement between two or more organizations to work together to allow information exchange.

The DoD has specific mandatory requirements for data encryption.

True

What approach best resolves the issue of an IDS appliance generating a large number of events?

Adjust IDS filters that are creating false positives.

What does the M in the acronym SMART stand for?

Measurable

Which of the following can be useful in information gathering?

All of the Above

File Transfer Protocol (FTP) is secure.

False

Impact measures are inherently organization specific.

True

What should be priority issues for a security manager when selecting web conferencing systems for internal use EXCEPT?

PBX integration of the service.

What will the CISO do to get back on track in the procurement process of HIDS and NIDS products?

Contact the three submitting vendor firms and have them submit supporting RFIs to provide more detailed information about their product solutions.

Study Notes

Cybersecurity Terms and Concepts

• VPN: Stands for Virtual Private Network, providing secure connections over the internet.
• SOA: Stands for Statement of Applicability, outlining applicable requirements in security frameworks.
• False claims about cybersecurity being merely checklist-based emphasize the need for deeper understanding and implementation.
• FTP is not secure, highlighting the necessity of secure file transfer methods.

Risk Management

• Executives play a crucial role in enterprise risk management by overseeing and managing risks.
• Effective risk management options include avoiding, transferring, mitigating, and accepting risks.
• Steps involved in the risk management process are comprehensive, ensuring no critical components are overlooked.
• Legal risks, such as jurisdiction and breach notifications, highlight the importance of compliance in cybersecurity.

Security Best Practices

• Maintain a list of critical systems to manage risks from zero-day attacks effectively.
• Avoid conflicts of interest by ensuring that financial managers only review data without excessive control.
• Implement an enterprise-based Security Information and Event Management (SIEM) solution to monitor and report incidents across platforms.

System Development and Agile Methodology

• Cybersecurity should be integrated throughout the entire System Development Life Cycle (SDLC) to ensure security from the onset.
• The Agile process values individuals and interactions over strict processes and tools, fostering flexibility in development.

Incident Response and Monitoring

• Chain of Custody is crucial for evidentiary integrity, showcasing how evidence is controlled and secured.
• Adjusting Intrusion Detection System (IDS) filters is necessary to minimize false positives and focus on genuine security threats.

Cloud Computing and Virtualization

• Cloud computing enhances performance while requiring constant internet connectivity.
• Best practices advise separating virtual environments for web servers and domain controllers to enhance security during virtualization.

Information Gathering and Interoperability

• Open-source materials are valuable for information gathering, providing insights into potential security threats.
• Interoperability agreements facilitate efficient information exchange between organizations, enhancing collaborative security efforts.

Metrics and Evaluation

• Good metrics must be SMART: Specific, Measurable, Achievable, Relevant, Time-bound, with "Measurable" being key to tracking progress.
• Impact measures should be treated as organization-specific to accurately assess security risks.

Security Technology and Integration

• Security managers must prioritize user authentication when integrating new technologies, such as utilizing proxies for IP camera access.
• The DoD mandates specific encryption requirements, ensuring robust data security for sensitive information.

Additional Security Considerations

• Organizations frequently face challenges from new attack vectors, reinforcing the need for continuous monitoring and updating of security measures.
• Effective collaboration between security management and departments like Purchasing is essential for informed decision-making during procurements.

Description

Test your knowledge on essential cybersecurity terms, risk management strategies, and best practices for security. This quiz covers key concepts including VPNs, SOAs, and the role of executives in managing cybersecurity risks. Ensure you're up to date on the latest terminology and approaches in cybersecurity.