1 - Today's Security Professional Flashcards
Explain the following: security concerns associated with different vulnerabilities; concepts and enterprise environments; and know how to compare and contrast different controls
Matt is updating the organization’s threat assessment process. What category of control is Matt implementing?
Managerial
Jade’s org recently suffered a breach that affected stored credit card data. Jade’s primary concern is the fact that the organization is subject to sanctions for violating the provisions of the Payment Card Industry Data Security Standard. What category of risk is concerning Jade?
Compliance
Chris believes that attackers defaced one or more pages on his org’s website. What cybersecurity objective did this attack violate?
Integrity
Tonya is searching for a control that would discourage the attacker from attempting to gain access. What type of security control is she seeking to implement?
Deterrent
Greg would like to ensure that his data loss prevention system protects against transmission of sensitive information by guests on his wireless network. What DLP tech would best meet this goal?
Network-based
What term best describes data that is being sent between two systems over a network connection?
Data in Motion
Tina is tuning her org’s intrusion prevention system to prevent false positive alerts. What type of control is Tina implementing?
Technical Control
Tony believes a compromise of his org’s file server could reveal info that would prevent the company from continuing to do business. What term BEST describes the risk that Tony is considering?
Strategic
What term best describes an organization’s desired security state?
Control Objectives
What tech uses mathematical algorithms to render info unreadable to those lacking the required key?
Data Encryption
Greg recently discovered a potential gap in his org’s security controls. The org does not use full-disk encryption on laptops. What type of control gap exists in this case?
Preventative
What compliance regulation most directly affects the operations of a healthcare provider?
HIPPA
Nolan is writing an after-action report on a security breach. The attackers stole thousands of customer records from the org’s database. What cybersecurity principle was the most impacted in this breach?
Confidentiality
What are the three main objectives InfoSec professionals must achieve to protect their orgs?
Confidentiality, Integrity, and Availability (CIA)
What data protection technique is reversible when conducted properly?
Tokenization