Information Security Controls Quiz

Questions and Answers

What type of control is a Computer Incident Response Team (CIRT)?

Detection

Response (correct)

Prevention

Protection

What is the primary function of authorization?

Verifying user identities

Scanning for malware

Restricting access to system resources (correct)

Monitoring network traffic

What is the goal of containment in an incident response process?

To recover from the incident

To eradicate the incident

To identify the cause of the incident

To prevent further damage from the incident (correct)

What is the first step in the attack process used by criminals?

Learn as much as possible about the target and its vulnerabilities

What is the primary function of a demilitarized zone (DMZ)?

To provide a separate network for controlled access to internal systems

What is not a basic step in an incident response process?

Patch management

What is the primary purpose of identifying controls in a risk assessment?

To mitigate or reduce risk

A company is considering implementing two control procedures to deal with a identified threat. What should be the primary consideration in deciding which control to implement?

The cost of implementing the control

What is the type of computer attack that encrypts data and demands payment in exchange for the decryption key?

ransomware

What is the concept of defense-in-depth?

Implementing multiple layers of security controls

What is the term for a computer attack that captures data from information items as it travels over networks?

packet sniffers

What is the primary purpose of continuous monitoring?

To detect security incidents

Which type of computer attack steals contact lists, images, and other data using Bluetooth?

bluesnarfing

What is the purpose of verifying the validity of credit or debit card numbers during an online transaction?

preventive controls

What should be the primary concern of information security?

Protecting confidentiality, integrity, and availability of information resources

What is the primary consideration for a managerial concern in information security?

Security policies and procedures

What is the key principle of the COBIT 5 framework?

ensuring an approach where governance is effectively managed

What is the term for a type of attack that takes place when you leave your phone's Bluetooth setting as discoverable and someone takes control of your phone and connects it to the Internet?

bluebugging

What is the purpose of aligning with other standards at a low level?

To create a comprehensive framework for IT governance and management

What is the primary focus of control activities in COSO's internal control model?

Control activities performed at the management level

What is the structure of the ERM model developed by COSO?

A rigid three-dimensional structure with four fixed management objectives

How does the ERM framework compare to the IC framework?

The ERM framework is more comprehensive than the IC framework

Which type of control is superior to others?

There is no superior type of control

What can assist management in reconciling the conflict between creativity and control?

Implementing a belief system that describes how a company creates value

According to best practices, why should emergency changes be documented?

To maintain a record of changes made

What is the purpose of change controls?

To segregate duties and maintain adequate controls

What is the most effective way for a firewall to protect the perimeter?

All of the above are equally effective

What is the primary risk associated with allowing employees to use personal portable devices to access corporate networks?

Employees may not consider security when using their devices

What is the term for modifying default configurations to turn off unnecessary programs and features to improve security?

Hardening

What is the term for a decoy system used to provide early warning that an insider or outsider is attempting to search for confidential information?

Honeypot