Chapter 12 - Security Administration and Planning

Question 1

What are the different stages involved in the lifecycle of a security policy creation?

Answer 1

1. Draft Stage
2. Approval Stage
3. Publication Stage
4. Implementation Stage
5. Maintenance Stage

Question 2

What is a Maximum Acceptable Outage (MAO)?

Answer 2

The MAO is the maximum amount of time set by the business upon which service can be down before it starts to have a significant negative impact on the business.

Question 3

What is the Recovery Time Objective (RTO)?

Answer 3

The RTO should be set to coincide with the MAO time.

Question 4

What is the Recovery Point Objective (RPO)?

Answer 4

The Recovery Point Objective is the acceptable point upon which data loss is considered acceptable to a business.

For a static database that is backed up weekly, the business may deem that 1 week data loss is within the acceptability threshold.

Other more important databases such as sales would have an RPO at the point of failure where no data loss is acceptable to the business.

Question 5

What is the difference between BCP and DRP?

Answer 5

BCP has a wider scope than DRP.

DRP is procedural rather BCP may have some degree of being strategic.

Question 6

What are Table Top testing exercises?

Answer 6

Discussion based exercise where a scenario is presented to a forum consisting of the necessary personnel required should that scenario come to fruition.

The forum talks through the scenario and gives the participants an opportunity to discuss and identify any potential flaws within their controls & methods.

Question 7

What are Function Exercises?

Answer 7

The BCP/DRP protocols and procedures are exercised to see if this brings the service back up.

Question 8

In regards to alternative locations, what is a Hot Site?

Answer 8

A Hot Site is a failover mirrored site ready to take on traffic should the primary site fail.

Question 9

In regards to alternative locations, what is a Cold Site?

Answer 9

A building with basic resources ready to take house resources should an emergency arise and resources must be transferred to this cold site.

Question 10

In regards to alternative locations, what is a Warm Site?

Answer 10

In between of a hot/cold site.

More resources and personnel are readily available at this site and typically activated in events of predicted emergencies such as hurricanes/storms.

Question 11

In regards to alternative locations, what is a Mobile Site?

Answer 11

A movable mobile site where critical services and functionality can be hosted and moved to a desired location at short notice.

Question 12

Who are the NIST institute?

Answer 12

The National Institute of Standards and Technology

Federal funded and their research is publicly published for consumption

Question 13

What is the Cyber Security Framework?

Answer 13

Written by the NIST institute - the CSF document focuses on using business drivers to focus on cyber security awareness.

Question 14

What are the three components of the Cyber Security Framework (CSF)?

Answer 14

Framework Core

Implementation Tiers

Framework Profiles

Question 15

What is the CSF Framework Core?

Answer 15

Outlines cyber security focused activities, references and desired outcomes for an organization.

Activities such as Identify, Protect, Detect, Respond, Recover etc.

Question 16

What are the four Frame Work Tiers?

Answer 16

1. Partial
2. Informed
3. Repeatable
4. Adaptive

Question 17

What are CSF Framework Profiles?

Answer 17

Organizations can profile themselves on how advanced individual aspects of their cyber defences are.

Identity 1-4

Protect 1-4

etc.

Question 18

Who are the US-CERT?

Answer 18

United-States Computer Emergency Response Team