Untitled Quiz

Questions and Answers

Which type of security testing is considered the most effective for understanding everyday security challenges during a risk assessment?

Covert (correct)

Overt

External

Internal

What is the best method to evaluate the effectiveness of an organization's vulnerability management program?

Automated vulnerability scanning

Review automated patch deployment reports

Perform vulnerability scan by security team

Periodic third party vulnerability assessment (correct)

Which role is responsible for ensuring that third-party providers handle data securely as per the organization's standards?

Data Creator

Data Owner (correct)

Data Custodian

Data User

Which approach is most effective in minimizing Personally Identifiable Information (PII) loss during a data breach?

Limited collection of individuals' confidential data

What type of encryption protects sensitive data during transmission over a network?

Payload encryption and transport encryption

What is a significant advantage of using on-premise Credential Management Systems?

Control over system configuration

Software code signing primarily verifies which aspect of security?

Integrity

Which of the following aspects is NOT a focus of vulnerability management in organizations?

Exploiting vulnerabilities for testing

Which of the following is the BEST way to verify the integrity of a software patch?

Cryptographic checksums

Which of the following statements about Disaster Recovery Plan (DRP) testing is TRUE?

Testing should continue even if components of the test fail.

What does granularity refer to in the context of an access control system?

Fineness to which an access control system can be adjusted

Which of the following can BEST prevent security flaws in outsourced software development?

Certification of the quality and accuracy of the work done

What is a fundamental objective in handling an incident?

To restore control of the affected systems

When transmitting information over public networks, what should the decision to encrypt be based on?

The level of confidentiality of the information.

Which of the following is an appropriate source for test data?

Data that accurately reflects real-world user scenarios.

Which method provides the least assurance for software integrity when deploying updates?

Version numbering

What type of analysis is needed to make a risk-based decision?

Security analyses

Which set of controls allows an investigation if an attack is not blocked by preventive controls?

Forensic analysis through logging and audit trails

Which type of e-authentication token involves a secret known only to the subscriber and credential service provider?

Memorized Secret Token

What characterizes Gray Box security testing?

Tester has partial knowledge of the target system and its vulnerabilities

What is the purpose of calculating Maximum Tolerable Downtime (MTD)?

To estimate the length of time a system can be non-operational before impacting customers

What does a Blind security test entail?

The tester is unaware of the target and does not notify the owner

What is a characteristic of Out-of-Band Tokens?

They can receive a secret for one-time use from a verifier

Which is NOT the focus of transactional controls?

Enhancing system resilience against attacks

What is the most appropriate action when the administrator is instructed not to track changes in a ticket?

Inform the audit committee or internal audit directly using the corporate whistleblower process.

How does a Host Based Intrusion Detection System (HIDS) primarily identify a potential attack?

Matches traffic patterns to virus signature files.

What is the main purpose of test outputs and reports in security assessment procedures?

To allow for objective pass or fail decisions.

What is the best action regarding an employee on extended leave in terms of access management?

Monitor account usage temporarily.

What is the most effective method to dispose of data on multiple hard drives?

Perform multiple passes on each drive using approved formatting methods.

Which of the following is a key aspect of implementing a Mandatory Access Control (MAC) model?

Access is based on predefined policies determined by an administrator.

In the context of data security, what does degaussing involve?

Using a magnetic field to disrupt the data on a drive.

Which aspect should NOT be considered when creating change requests for IT processes?

Personal preferences of the IT team.

What is the main reason for ensuring that the third party's physical security controls limit access to sensitive information?

To ensure restricted access to unauthorized individuals

What is the principal benefit of periodically reviewing audit logs?

To detect unusual activities and patterns

If unauthorized access to a system results in large quantities of information being copied, which attribute of the data has primarily been compromised?

Confidentiality

Which of the following standards is recognized as a federated identity standard?

Security Assertion Markup Language (SAML)

What types of password attacks can Multi-Factor Authentication (MFA) prevent?

Brute force, dictionary, and keylogging attacks

Which component is essential for implementing software configuration management systems?

User training and acceptance

What is a primary risk associated with outsourcing IT functions to a third-party provider?

Loss of control over data security

Which of the following is NOT typically considered a component of a strong information security policy?

Employee productivity metrics

Study Notes

Verifying Software Patches

• Cryptographic checksums are the most effective method for verifying the integrity of a software patch.
• Checksums are a unique value calculated from the patch's contents.
• Any alteration or corruption of the patch will change the checksum.

Disaster Recovery Testing

• DRP testing should continue even if components of the test fail.
• Testing allows organizations to identify weaknesses in their disaster recovery plan.
• This enables them to make necessary adjustments and improve the plan.
• Successful completion of disaster recovery tests does not guarantee 100% preparedness.

Granularity in Access Control

• Granularity refers to the fineness to which an access control system can be adjusted.
• For example, an access control system with high granularity allows for more precise permissions.
• This enables organizations to limit access to specific resources and operations.

Outsourced Software Development

• The certification of the quality and accuracy of work done is the best way to prevent security flaws in outsourced software development.
• It confirms that the third-party provider has the necessary expertise and practices in place.

Incident Handling Objectives

• The fundamental objective in handling a security incident is to restore control of the affected systems.
• This involves identifying and addressing the cause of the incident, containing the damage, and preventing further compromise.

Encrypting Information Over Public Networks

• You should encrypt information transmitted over public networks when the information is confidential.
• Encryption helps ensure the confidentiality and integrity of sensitive data.

Vulnerability Management Effectiveness

• Periodic third-party vulnerability assessments are most effective for assessing the effectiveness of an organization's vulnerability management program.
• They provide an independent, expert evaluation of organization's security posture.

Data Owner Role in Third-party Contracts

• The Data Owner is responsible for ensuring that a third-party provider can process and handle data securely.
• They are responsible for setting standards for data security and ensuring compliance.

Minimizing PII Loss

• Limiting the collection of confidential data is the best approach to minimize PII loss from a data breach.
• This reduces the amount of sensitive information that can be leaked if a breach occurs.

Encryption for Data Protection

• Payload encryption and transport encryption are used to protect sensitive data in transit over a network.
• They ensure that the data is unintelligible to unauthorized parties while it is being transmitted.

On-Premise Credential Management Systems

• On-premise credential management systems offer control over system configuration as a primary advantage.
• This gives organizations more control over security policies and access controls.

Software Code Signing

• Software code signing verifies the integrity of software.
• It helps ensure that the software is authentic and hasn't been tampered with.

Mandatory Access Control (MAC) Model

• MAC is a security model that uses a set of rules to control access to resources.
• It is a highly restrictive model where access is based on predefined rules.
• MAC is often used in government and military organizations to ensure data confidentiality and integrity.