Chapter 9: Implementing Controls to Protect Assets

Question 1

____ ____ (or defense in depth) employs multiple layers of security to protect against threats. Personnel constantly monitor, update, add to, and improve existing security controls.

Answer 1

Layered security

Question 2

____ diversity is the use of different security control types, such as technical controls, administrative controls, and physical controls.

Answer 2

Control

Question 3

____ diversity is the practice of implementing security controls from different vendors to increase security.

Answer 3

Vendor

Question 4

____ security controls are controls you can physically touch. They often control entry and exit points, and include various types of locks.

Answer 4

Physical

Question 5

An____ is a physical security control that ensures that a computer or network is physically isolated from another computer or network.

Answer 5

airgap

Question 6

Controlled areas such as data centers and server rooms should only have a single ____ and ____ point. Door lock types include cipher locks, proximity cards, and biometrics.

Answer 6

entrance and exit

Question 7

A ____ ____ can electronically unlock a door and helps prevent unauthorized personnel from entering a secure area. By themselves, they do not identify and authenticate users. Some systems combine them with PINs for identification and authentication.

Answer 7

proximity card

Question 8

____ occurs when one user follows closely behind another user without using credentials.

Answer 8

Tailgating

Question 9

A ____ can prevent tailgating.

Answer 9

mantrap

Question 10

____ ____ are a preventive physical security control and they can prevent unauthorized personnel from entering a secure area. A benefit is that they can recognize people and compare an individual’s picture ID for people they don’t recognize.

Answer 10

Security guards

Question 11

Cameras and ___-___ ___ ____ provide video surveillance. They provide reliable proof of a person’s identity and activity.

Answer 11

closed-circuit television (CCTV) systems

Question 12

Fencing, lighting, and alarms are commonly implemented with motion detection systems for physical security. ____ motion detection systems detect human activity based on the temperature.

Answer 12

Infrared

Question 13

____ provide stronger physical security than fences and attempt to deter attackers.

Answer 13

Barricades

Question 14

_____ are effective barricades that allow people through, but block vehicles.

Answer 14

Bollards

Question 15

____ ____ secure mobile computers such as laptop computers in a training lab.

Answer 15

Cable locks

Question 16

____ ____ include locking cabinets or enclosures within a server room.

Answer 16

Server bays

Question 17

____ ____processes protect against vulnerabilities related to architecture and design weaknesses, system sprawl, and undocumented assets.

Answer 17

Asset management

Question 18

_____ ____ and ___ ______ systems control airflow for data centers and server rooms. Temperature controls protect systems from damage due to overheating.

Answer 18

Heating, ventilation, and air conditioning (HVAC)

Question 19

___ and ____ aisles provide more efficient cooling of systems within a data center.

Answer 19

Hot and cold

Question 20

___ ____ prevents problems from EMI sources such as

fluorescent lighting fixtures. It also prevents data loss in twisted-pair cables.

Answer 20

EMI shielding

Question 21

A ____ ____ prevents signals from emanating beyond a room or enclosure.

Answer 21

Faraday cage

Question 22

A ___ ____ __ ____ is any component that can cause the entire system to fail if it fails.

Answer 22

single point of failure

Question 23

____ disk subsystems provide fault tolerance and increase availability. ____ (mirroring) uses two disks. ____ uses three or more disks and can survive the failure of one disk. ____ and ____ use four or more disks and can survive the failure of two disks.

Answer 23

RAID
RAID-1
RAID-5
RAID-6 and RAID-10

Question 24

Load balancers spread the processing load over multiple servers. In an ____-____ configuration, all servers are actively processing requests. In an ____-____ configuration, at least one server is not active, but is instead monitoring activity ready to take over for a failed server. Software-based load balancers use a virtual IP.

Answer 24

active- active

active-passive

Question 25

____ ____ sends client requests to the same server based on the client’s IP address. This is useful when clients need to access the same server for an entire online session. Round-robin scheduling sends requests to servers using a predefined order.

Answer 25

Affinity scheduling

Question 26

____ strategies include full, full/differential, full/incremental, and snapshot strategies. A ____ backup strategy alone allows the quickest recovery time.

Answer 26

Backup

full

Question 27

____/____ backup strategies minimize the amount of time needed to perform daily backups.

Answer 27

Full/incremental

Question 28

____ ____ verify the integrity of backups and that it can be restored in its entirety.

Answer 28

Test restores

Question 29

Backups should be ____ to identify the contents. A copy of backups should be kept ____-____.

Answer 29

labeled

off-site

Question 30

The data contained in the backups can have legal implications. If it includes ___ ___ ___ or ___ ___ ___, it must be protected according to governing laws.

Answer 30

Personally Identifiable Information (PII) or Protected Health Information (PHI)

Question 31

The location of the data backups affects the data ____. If backups are stored in a different country, the data on the backups is now subject to the ___ and _____ of that country.

Answer 31

sovereignty

laws and regulations

Question 32

A ____ ____ ____ is part of a business continuity plan (BCP) and it identifies mission-essential functions, critical systems, and vulnerable business processes that are essential to the organization’s success.

Answer 32

business impact analysis (BIA)

Question 33

The ___ ___ ____ identifies maximum downtimes for critical systems and components. It considers various scenarios that can affect these systems and components, and the impact to life, property, safety, finance, and reputation from an incident.

Answer 33

business impact analysis (BIA)

Question 34

A ____ _____ assessment identifies if a system processes data that exceeds the threshold for PII. If the system processes PII, a privacy impact assessment helps identify and reduce risks related to potential loss of the PII.

Answer 34

privacy threshold

Question 35

A ____ ____ ____ identifies the maximum amount of time it should take to restore a system after an outage. The ____ ___ ____ refers to the amount of data you can afford to
lose.

Answer 35

recovery time objective (RTO)

recovery point objective (RPO)

Question 36

____ ____ ___ ____ identifies the average (the arithmetic mean) time between failures.

Answer 36

Mean time between failures (MTBF)

Question 37

The ____ ____ ___ ____ identifies the average (the arithmetic mean) time it takes to restore a failed system.

Answer 37

mean time to recover (MTTR)

Question 38

____ of _____ planning identifies alternate processing sites and alternate business practices.

Answer 38

Continuity of operations

Question 39

____ ____ provide alternate locations for business functions after a major disaster.

Answer 39

Recovery sites

Question 40

A ___ site includes everything needed to be operational within 60 minutes. It is the most effective recovery solution and the most expensive.

Answer 40

hot

Question 41

A ____ site has power and connectivity requirements and little else. It is the least expensive to maintain.

Answer 41

cold

Question 42

____ sites are a compromise between hot sites and cold sites.

Answer 42

Warm

Question 43

Periodic testing validates continuity of operations plans. Exercises validate the steps to restore individual systems, activate alternate sites, and document other actions within a plan. _____ exercises are discussion-based only. _____ exercises are hands-on exercises.

Answer 43

Tabletop

Functional