IT1914 Security Concepts

Questions and Answers

Why is it important to test backups regularly in cybersecurity?

• To minimize downtime and improve data recovery chances (correct)
• To increase the storage capacity
• To ensure compliance with regulations
• To prevent system updates

What is the primary purpose of confidentiality in data security?

• To enable data sharing among organizations
• To ensure sensitive information remains private (correct)
• To log successful data access
• To improve system performance

What is the significance of using integrated tools in cybersecurity?

• They prevent any data breaches from occurring.
• They simplify user access management.
• They help create a security fabric for rapid threat mitigation. (correct)
• They ensure better aesthetics for data presentations.

Which component of the NIST Cybersecurity Framework provides a common language for cybersecurity activities?

Framework core (A)

What role does threat research play in cybersecurity strategies?

It informs security strategies and helps detect threats effectively. (C)

What type of information does auditing security activities provide?

Logs of both successful and unsuccessful access (B)

How can IT teams better secure their data amidst a skills gap?

By prioritizing assets and deploying security strategies. (A)

What is the focus of the ISO/IEC 27000 series?

Securing sensitive information (D)

What does network segmentation aim to achieve in cybersecurity?

Creating barriers to minimize potential consequences. (A)

What kind of organizations can benefit from the ISO 27000 guidelines?

Any type or size of organization (A)

Why is deception technology beneficial in cybersecurity?

It exploits network complexity to mislead attackers. (C)

Which component assists organizations in understanding their cybersecurity risk management?

Framework implementation tiers (A)

What is a potential flaw of implementing isolated point solutions in cybersecurity?

They cannot be integrated with other security measures. (A)

What comprehensive approach should IT teams take for threat intelligence?

Consult both local and global threat data. (D)

What does a successful access record indicate?

A user successfully accessed the system (A)

Which of the following best describes the NIST's mission?

To develop measurements, standards, and technology (B)

What is one of the primary risks that employees pose to cybersecurity?

Lack of knowledge for security practices (C)

Which tactic is recommended to enhance the cybersecurity awareness of employees?

Conducting regular training sessions (B)

What should employees do if they notice unusual behavior on their computers?

Immediately report it (A)

Why is it important for employees to separate personal and work passwords?

To prevent security vulnerabilities if one password is compromised (A)

Which factor is NOT considered when determining security controls?

Team performance metrics (C)

What is the primary goal of the Architecture Risk Assessment phase?

Evaluating business impact and vulnerabilities (C)

What is a critical component of processes in cybersecurity?

Having a cyber-incident response plan (C)

What is one of the key cyber hygiene practices that employees should follow?

Not opening links in suspicious emails (B)

In which phase of security architecture are security services designed and structured?

Security Architecture and Design (C)

What is the focus of the Operations and Monitoring phase in security architecture?

Managing day-to-day security processes (C)

How often should organizations conduct training sessions for employees on cybersecurity?

Regularly throughout the year (B)

What is the first step in the ISO 27000 six-part approach?

Define a security policy. (C)

Which of the following best describes Assurance services in the context of security architecture?

Ensuring alignment of policies with implementation (D)

Which of the following is NOT a category of requirements in the PCI DSS?

Develop incident response plans. (B)

What does a good incident response plan provide for an organization?

Repeatable procedures and an operational approach (D)

What does the term 'security architecture' refer to?

A unified security design addressing risks and necessities. (D)

Which of the following is NOT a key phase in the security architecture process?

Installation and Maintenance (B)

What is the purpose of implementing security services and processes?

To meet established security goals (A)

Which attribute of security architecture signifies the connection and reliance of IT components?

Relationships and Dependencies. (D)

What is one of the main benefits of having a standardized security architecture?

It reduces costs due to control re-use. (C)

Which of the following factors is involved in financial considerations for security controls?

Cost-benefit analysis of security measures (B)

In the context of PCI DSS, which measure is focused on protecting cardholder data?

Build and maintain a secure network. (C)

What step comes after conducting a risk assessment in the ISO 27000 process?

Manage identified risks. (C)

How are the design principles of security architecture typically presented?

In independent, documented specifications. (A)

Flashcards are hidden until you start studying

Study Notes

Security Concepts and Goals

• Security encompasses people, processes, and technology to effectively protect information assets.
• Cybersecurity aims to create environments resilient against threats and attacks.

Subjects and Objects of Security

• Subjects: Entities accessing information (e.g., employees, systems).
• Objects: Information or systems being protected.

Security Tactics for People

• Employees are critical to cybersecurity; informed staff can act as a defense line.
• Cybercriminals often target employees via phishing attacks to exploit their lack of security knowledge.
• Regular training is essential to raise awareness and develop a culture of cybersecurity.
• Key training points include:
  • Creating strong, unique passwords for each account.
  • Keeping personal and work passwords separate.
  • Avoiding links in suspicious emails.
  • Regularly updating applications and operating systems.
  • Refraining from installing unknown software.
  • Reporting unusual system behavior promptly.

Security Tactics for Processes

• Cyber-incident response plans are vital for proactive cybersecurity management.
• Effective incident response ensures swift recovery and minimal business disruption.
• Regularly testing data backups enhances data recovery chances during cyber incidents.
• Continuous threat research informs security strategies and tools to mitigate risks.
• Prioritizing assets is essential due to the cybersecurity skills gap and complex networks.
• Implementing network segmentation and access control policies enhances data security.

Security Tactics for Technology

• Integrating security technologies creates a cohesive defense strategy rather than isolated point solutions.
• Deception technology leverages network complexity to mislead adversaries.
• Confidentiality ensures sensitive information remains protected from unauthorized access.
• Auditing security activities provides logs of both successful and unsuccessful access attempts.

IT Security Frameworks

• NIST Cybersecurity Framework:

  • Comprises a set of activities and desired outcomes.
  • Features implementation tiers and profiles for improving cybersecurity.

• ISO/IEC 27000 Series:

  • A systematic approach to managing sensitive information through an Information Security Management System (ISMS).
  • Involves defining security policies, conducting risk assessments, and managing identified risks.

• Payment Card Industry Data Security Standard (PCI DSS):

  • Aims to secure card payment processes and reduce fraud.
  • Principles include securing networks, protecting card data, and implementing strong access control.

Security Architecture

• Defined as a comprehensive security design addressing potential risks and outlining security controls.

• Key attributes include:

  • Relationships and dependencies among IT architecture components.
  • Cost-effectiveness due to standardized security controls.
  • Variations in form, including control catalogs and relationship diagrams.

• Key Phases in Security Architecture Process:

  • Architecture Risk Assessment: Evaluates risks associated with vital business assets.
  • Security Architecture and Design: Focuses on implementing security services aligned with business risk exposure.
  • Implementation: Involves operationalizing security services and processes.
  • Operations and Monitoring: Encompasses daily security operations, including threat management and ongoing monitoring.