CISM Flashcards

1
Q

What is a Metric

A

Quantifiable entity that allows the measurement of the achievement of a process goal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Phases of Incidence Response

A
Prepare
	Identify
	Contain
	Eradicate
	Restore
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

GRC

A

Governance, Risk Management, Compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IRT Role ensures incident Response actions and procedures comply with legal and regulatory requirements

A

Legal Representative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Component in GRC is the responsibility of senior management and the BoD, and focuses on creating mechanisms to ensure personnel follow established Processes and policies

A

Governance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IRT role writes incident response reports and documents lessons learned

A

Incident handler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is meant by Incident Repsonse?

A

Planning, coordinating, and executing appropriate mitigation, containment, and recovery strategies and actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

According ISACA, 5 main components of a Security Review?

A

Objective, Scope, Constraints, approach, result

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IRT role that writes reports of investigation findings

A

Investigator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Role that develops the security strategy with business objectives

A

CISO ir Info Sec manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Acronym CSF mean?

A

Critical Success Factor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

In which risk assessment phase are specific risk scenarios and possible outcomes developed?

A

Risk Identification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

IRT role documents the steps taken when executing the incident response plan?

A

Incident handler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Purpose of a RACI Chart

A

Define various roles associated with aspects of an info Sec program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Control category provides warnings that can deter potential compromise?

A

Deterrent Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Cobit 5

A

Framework that cofuses on value from IT by maintaineng a balance between releazing benefits and optimizing risk levels and resource use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

5 principles of Cobit 5

A
Meeting the stakeholders needs
	Covering the enterprise end to endpoint	
	Applying a single integrated Framework
	Enabling a holistic approach
	Separating governance from management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

ALE

A

Single loss expect (SLE) X Annualized Rate of occurance (ARO)
ALE=SLE x ARO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

ARO

A

Annualized rate of occurance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

AUP

A

Acceptable Use Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

SDO= Service Delivery Objective

A

Level of service supported durign alternate process mode until the normal situation is restored.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

4 commonly accepted subsets of enterprise architecture according to ISACA

A

Business Architecture
Data “” “”
Applications “” “”
Technology “” ””

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

GRC

A

Governance, Risk Management, Compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Intangible assets

A

Patents, copyrights, reputation, data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What control deters potential compromise

A

Deterrent Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

IRT role performs proactive and reactive measures to control info risk level

A

Info Sec manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

IRT role takes responsibility for overall incident management and response concept

A

sec steering group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

IRT role Makes final decisions regarding incidents

A

Security Steering Group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

IRT role Finds root cause of incident

A

Investigator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

IRT role performs IT Sec assess/audit as a proactive mensure and part of the vuln management

A

IT Sec Specialist

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

IRT role Develops and maintains incident management and response capability

A

Info Sec Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

IRT role Approves incident management team (IMT) Charter

A

sec steering group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

IRT role Approves deviations and exceptions to the Incident Response Plan

A

sec steering group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

IRT role responsible for coordingating the activities of all other recovery teams and handling key decision making

A

Emergency Management team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

4 PERSPECTIVES IN A BALANCED SCORECARD

A

Financial
Customer
Business Process
Learning and growth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Accept the risk

A

Cost of mitigation to risk is higher than value of asset

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Exposure

A

– Extent to which vuln is exposed to threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

FRaaS

A
  • Forensics as a service
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

IdaaS

A
  • Identity as a Service
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

PDCA

A
  • Plan, Do, Check, Act
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

IMT

A
  • Incident management Team
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

3 goals of a BIA

A

Criticality Prioritization
Downtime estimation
Resource Requirement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

6 outcomes of the info security program according to ISACA

A
Strategic Alignment
	Risk Management
	Value Delivery
	Resource Management
	Performance Measurement
	Assurance process integration
44
Q

What is a qualitative risk analysis?

A

Determines the magnitude and likelihood of the potential consequences of identified risks

45
Q

5 ISACA phases of incident management lifecycle

A
Planning and prep
	Detection, triae, and invetigate
	Containment, analysis, tracking, and recovery
	Post incident assessment
	Incident closure
46
Q

What are compensation controls?

A

control category to reduce risk of exisiting or potential control weakness

47
Q

Least risky cloud deployment model-

A

Private Cloud

48
Q

Identifies emerging risks and identifies compliance issues

A

Steering committee

49
Q

Cloud service model LEAST risky

A

Infrastructure as a service (IaaS)

50
Q

Security Review Scope

A

mapping of the objective to the aspect that is to be reviewed.

51
Q

Resource management-

A

ensures human, financial, technical, and knowledge resources are utilized efficiently and effectively

52
Q

Security review objective

A

= Statement of what is to be determined in the course of the reviewed

53
Q

3 main categories of info Sec threats

A

Environmental
technical
Man-made

54
Q

SLE

A

Single Loss Expectancy

55
Q

IRT Role provides assistance in incident management / response when there is a need to investigate an employee?

A

HR

56
Q

IRT Role performs incident response tasks to contain exposure from an incident?

A

Incident Handler

57
Q

Which control category warns of violations or attempted violations of a security policy

A

Detective controls

58
Q

What are the 4 processes in the Total Quality Management (TQM) Cycle?

A

Plan, Do, Check, Act

59
Q

Type of response that assigns a risk to 3rd party

A

Risk transfer

60
Q

(BMIS) Buss Model for Info Sec- Interconnection connects the people and process elements

A

Emergence

61
Q

Recovery site ready within a couple of hours

A

Hot site

62
Q

According to ISACA purpose of defining an approach for a security review?

A

To identify the set of activities that cover the scope in a way that meets the objective of the review, given the constraints

63
Q

Which role should require demonstrable alignment of security and business objectives

A

Board of Directors

64
Q

What is the security review Approach

A

A set of activities that cover the scope in a way that meets the objective of the review, given the constraints

65
Q

What phase of the incident management life cycle includes implementing IDS, IPS, and SIEM

A

Detection, Triage, and investigation

66
Q

Which phase of the incident management lifecyle includes detecting and validating incidents?

A

Detection, Triage, and investigation

67
Q

During which phase of incident response does the org verify if an incident has happened and find out more details about it?

A

Identify

68
Q

Which outcome of an effective info security program ensures that it addresses the business or mission objectives?

A

Strategic alignment

69
Q

(BMIS) Buss Model for Info Sec- interconnection connects the process and technology elements?

A

Enablement and Support

70
Q

Role responsible for managing risk using external providers

A

Info Sec Manager

71
Q

IRT rol maitains the change of custody and observes incident handling procedures for court purposes?

A

Incident Handler

72
Q

Incident response role acts as the incident management Team (IMT) leader and main interface to the security Steering Group (SSG)?

A

Info Sec Manager

73
Q

5 levels of the Capability Maturity Model Integration (CMMI)?

A
Lvl 1 - Iniital
Lvl 2 - Managed
Lvl 3 - Defined
Lvl 4 - Quantitatively Managed
Lvl 5 - Optimizing
74
Q

3 main phases of risk management?

A

Risk identification
Risk analysis
Risk Evaluation

75
Q

4 cloud deployment options

A

Private
Community
Public
Hybrid

76
Q

Knowledge gained from a quantitative risk analysis

A

Numerical values assign to impact and likelihood of identified risks

77
Q

Which roles should institute processes to integrate security with business objectives?

A

Exec or senior management

78
Q

What is meant by external factors

A

Factors the arise from the environment in which the org operates

79
Q

ISACA- 6 basic outcomes of a security program that is developed from info Sec Governance?

A
Strategic alignment
Risk management
Value Delivery
Resource Optimization
Performance measurement
Assurance process integration
80
Q

5 essential characteristics of the cloud?

A
On-demand self service
Broad network access
Resource pooling
Elasticity
Measured Service
81
Q

GRC process that records and monitors the policies, procedures, and controls needed to ensure that polcies and standards are followed?

A

Compliance

82
Q

What are operational metrics?

A

the common technical and procedural metrics

83
Q

IRT Roles performs complex and in-depth IT security related tasks as part of the incident response plan

A

IT Security Specialist

84
Q

Phase of the incident management life cycle includes prioritizing and rating incidents

A

Detection, Triage, investigation

85
Q

What is meant by a metric being SMART?

A

Specific, Measurable, Attainable, Relevant, Timely

86
Q

4 methods of risk response?

A

Avoid
Transfer
Mitigate
Access

87
Q

Org role responsible for access authorization for individual or groups?

A

Department Management

88
Q

Which outcome of an effective info sec program ensures that governance and assurance activities align with info sec activities?

A

assurance process integration

89
Q

which metrics are often compiled from other management metrics that were designed to indicate that the security program is on track, and on budget to achieve the desired outcomes?

A

Strategic metrics

90
Q

Which entity is the 1st line of defense in the sec on info?

A

employees

91
Q

What is meant by the term due diligence?

A

Research | The idea that there are steps that should be taken by reasonable person of similar competency in similar circumstances

92
Q

What must you FIRST protect against internal and external threats

A

Identify the potential threats

93
Q

What are controls

A

The means of managing risk, including policies, procedures, guidelines, practices, or org structures, which can be of an administrative, technical, management, or legal nature

94
Q

Used to determine the current state of risk for an org?

A

Risk Assessment

95
Q

What are operational metrics?

A

The common technical and procedural metrics

96
Q

Term defined as rules that run org, include policies, standards, and procedures to set direction and control of the org?

A

Governance

97
Q

Role that creates the security strategy in alignment with business objectives

A

CISO or info sec manager

98
Q

4 commonly ISACA subsets of overall enterprise architecture?

A

Business, Data, Applications, and technology architectures

99
Q

Which org role is responsible for security strategy oversight and alignment

A

Exec management

100
Q

Phase of the incident managment life cycle includes conducting log and audit analysis

A

Detection, triage, investigation

101
Q

interconnection connects the People and tech elements in the business model for info sec? (BMIS)?

A

Human Factors

102
Q

Roles responsible for due care and managing risk?

A

BoD and senior management

103
Q

What does EF denote?

A

Exposure Factor

104
Q

Risk assessment phase where identified risks are examined to determine their impacts

A

Risk Analysis

105
Q

Org role responsible for the IT Audit, but does not usually perform the audit

A

Info Sec manager