CPP 2012 Domain 6: Information Security

Question 1

What are the three threat categories in information asset protection?

Answer 1

Intentional,
Natural,

Inadvertent.

Source: POA: Information Security, 1.3.2, pages 5-6

Question 2

What kinds of companies are particularly vulnerable to counterfeiting and piracy?

Answer 2

Startups,
Early stage firms,

Small and medium-size companies that are rich in intangible assets.

Source: POA: Information Security, 1.3.2, page 9

Question 3

According to the FBI, what are the six steps of protecting a business from espionage?

Answer 3

Recognize the (insider or outsider) threat,
Identify and valuate trade secrets,
Implement a proactive plan for protecting trade secrets,
Secure physical and electronic versions of trade secrets,
Confine intellectual knowledge to “need to know,”
Train employees on intellectual property protection.
Source: POA: Information Security, 1.4.1, page 11

Question 4

How does layered protection apply to information protection?

Answer 4

Apply multiple levels of protection to information assets,
Ensure that layers of protection complement each other,
Build a coordinated strategy that integrates families of protective measures (e.g. technical, physical, access control).
Source: POA: Information Security, 1.4.2, page 13

Question 5

Access to internal information should be restricted to which groups?

Answer 5

Company personnel and those who have signed a nondisclosure agreement.

Source: POA: Information Security, 1.4.1, page 12

Question 6

How should obsolete prototypes, models, and test items be disposed of?

Answer 6

They should be destroyed so they can’t be reverse engineered.

Source: POA: Information Security, 1.4.2, page 14

Question 7

What is a patent?

Answer 7

A patent is a property right granted to an inventor to exclude others from making, using, offering for sale, or selling the invention for a limited time.

Source: POA: Information Security, 1.5, page 21

Question 8

What is a trademark?

Answer 8

Legal protection for words, names, symbols, devices, or images applied to products or used in connection with goods or services to identify their source.

Source: POA: Information Security, 1.5, page 21

Question 9

What is a copyright?

Answer 9

Legal protection of the expression of ideas in literary, artistic, and musical works.

Source: POA: Information Security, 1.5, page 21

Question 10

What is the best way to start addressing infringements of patents, copyrights, and trademarks?

Answer 10

By registering those rights.

Source: POA: Information Security, 1.5, page 21

Question 11

How long is U.S. patent protection?

Answer 11

20 years from filing.

Source: POA: Information Security, 1.5.3, page 23

Question 12

What qualifies something as a trade secret?

Answer 12

The information added value or benefit to the owner,
The trade secret was specifically identified, and
The owner provided a reasonable level of protection for the information.
Source: POA: Information Security, 1.5.4, page 24

Question 13

What is an intrusion detection system?

Answer 13

An intrusion detection system monitors for malicious programs and unauthorized changes to files and settings. It also monitors network traffic and provides alarms for network-based attacks.

Source: POA: Information Security, 1.6.2, page 27

Question 14

What are three methods of sanitizing electronic media?

Answer 14

Overwriting,
Degaussing,
Physical destruction.
Source: POA: Information Security, 1.6.2, page 27

Question 15

What are the two primary aspects of recovery after an information loss?

Answer 15

Return to normal business operations as soon as possible,
Implement measures to prevent a recurrence.
Source: POA: Information Security, 1.7, page 30

Question 16

During which stage of a project is critical information most vulnerable?

Answer 16

The intermediate phases.

Source: POA: Information Security, 1, Appendix D, page 49

Question 17

When is it appropriate to recycle papers that contain proprietary information?

Answer 17

When the papers have been properly destroyed.

Source: POA: Information Security, 1, Appendix E, page 55

Question 18

What access control protocol passes credentials between the reader and the control panel in plain text?

Answer 18

Wiegand.

Source: POA: Information Security, 2.5, page 75

Question 19

What is the difference between embedded and host-based systems?

Answer 19

Embedded systems are typically programmed at the manufacturer and run proprietary or nonstandard operating systems, e.g. cameras, card readers, and video converters.
Host-based systems run on more standard operating systems such as Windows and Linux and are easier to change.
Source: POA: Information Security, 2.5, page 73

Question 20

What are the two components of a legacy HID card?

Answer 20

A secret facility number,
An ID number that is printed on the card.
Source: POA: Information Security, 2.5, page 74

Question 21

What is a gecko?

Answer 21

A gecko is an inexpensive tool that can be used to give an intruder complete control over a door.

Source: POA: Information Security, 2.5, page 75

Question 22

What three aspects of information must be protected?

Answer 22

Confidentiality,
Integrity,
Availability.
Source: POA: Information Security, 2.3, page 69; Information Asset Protection Guideline, 3, page 85

Question 23

What is the fundamental equation of information systems security?

Answer 23

Threats x Vulnerabilities
Residual Risk = __________________
Countermeasures
Source: POA: Information Security, 3.1.2, page 87

Question 24

What are the three general categories of information system threat agents?

Answer 24

Nature,
People,
Virtual threats.
Source: POA: Information Security, 3.1.3, pages 87-88

Question 25

What is the first job of a person tasked with an organization’s information systems security?

Answer 25

Create an information security management system appropriate for the size of the organization.

Source: POA: Information Security, 4.3, page 174

Question 26

What are the five general types of vulnerabilities of information systems?

Answer 26

Information systems infrastructure,
People using the infrastructure,
People maintaining the infrastructure,
Executive and senior management,
Information management processes.
Source: POA: Information Security, 3.1.4, page 89

Question 27

What are the five information systems infrastructure management countermeasures?

Answer 27

Vulnerability and patch management,
System monitoring and log review,
Information system security metrics,
Physical security of the information system infrastructure,
IT staff training in information security.
Source: POA: Information Security, 3.1.6, page 91

Question 28

What are the seven layers of the Open Systems Interconnect (OSI) network model?

Answer 28

Physical,
Data link,
Network, 
Transport,
Session, 
Presentation,
Application.
Source: POA: Information Security, 3.2.1, page 97

Question 29

What is a buffer overflow attack?

Answer 29

A buffer overflow attack occurs when a user or programmer gives a computer more information than the program is expecting. The extra characters may give the computer instructions to do something not originally intended.

Source: POA: Information Security, 3.2.1, page 101

Question 30

What is the “AAA triad” of information security with regard to access control?

Answer 30

Authentication,
Authorization,
Auditing/accountability.
Source: POA: Information Security, 3.2.1, page 103

Question 31

What is the IT Infrastructure Library (ITIL)?

Answer 31

An international standard for managing IT—particularly service-level agreements, the way an organization negotiates for IT security services.

Source: POA: Information Security, 3.2.2, page 106

Question 32

What is an escalation of privilege attack?

Answer 32

An escalation of privilege attack occurs when an email program is tricked into executing an email as if it were a program rather than text.

Source: POA: Information Security, 3.2.3, page 109

Question 33

What are three major vulnerabilities of a printer?

Answer 33

They often connect to a network, so communications can be intercepted.
They may contain onboard memory, which must be wiped when printing confidential information.
The hard copies they create can be taken from one place to another.
Source: POA: Information Security, 3.2.3, page 110

Question 34

What is a security information and event manager (SIEM)?

Answer 34

A security information and event manager is a device that looks at all the log activity on a network and attempts to point out what is most important to facilitate response to incursions and other problems on the network.

Source: POA: Information Security, 3.2.5, page 116

Question 35

What are ISO 27001 and 27002?

Answer 35

ISO 27001 and 27002 are the first acknowledged worldwide standards to identify a code of practice for the management of information security.

Source: POA: Information Security, 3.3.1, page 118

Question 36

What are the six elements of the Payment Card Industry Data Security Standard (PCI DSS)?

Answer 36

Build and maintain a secure network,
Protect cardholder data,
Maintain a vulnerability management program,
Implement strong access control measures,
Regularly monitor and test networks,
Maintain an information systems policy.
Source: POA: Information Security, 3.4.1, pages 123-124

Question 37

According to ISO 27002, which three elements of guidance should information security policies include, at a minimum?

Answer 37

Definition of information security and its objectives/scope,
Statement of management intent,
Brief explanation of security policies/principles/standards important to the organization.
Source: POA: Information Security, 3.5.2, page 141

Question 38

What is the fundamental idea behind an information security management system?

Answer 38

Continual improvement.

Source: POA: Information Security, 3.6.2, page 146

Question 39

On what does the effectiveness of an information security program ultimately depend?

Answer 39

People’s behavior.

Source: POA: Information Security, 3.6.2, page 147

Question 40

Which five information systems security (ISS) issues can also weaken physical security in a converged system?

Answer 40

Denial of services,
Insertion of incorrect data,
Data theft,
Data modification,
Data destruction.
Source: POA: Information Security, 4.1, page 159

Question 41

What are four main vectors via which networked security systems can be attacked?

Answer 41

Social engineering,
Direct hacking,
Malware, 
Web attack.
Source: POA: Information Security, 4.2, page 168

Question 42

What are three main reasons that malware is effective?

Answer 42

Out-of-date antivirus software,
Users open booby-trapped emails or websites,
System administrators allow users to install software on the desktop.
Source: POA: Information Security, 4.2.3, page 170

Question 43

What is an injection attack?

Answer 43

An injection attack allows an adversary to execute a command directly on a database contrary to allowed access rights.

Source: POA: Information Security, 4.2.4, page 171

Question 44

What is cross-site scripting?

Answer 44

A cross-site scripting error on a website enables an attacker to run a malicious code from a second website on the browser of the person viewing the first website.

Source: POA: Information Security, 4.2.4, page 171

Question 45

What is a cross-site request forgery?

Answer 45

A cross-site request forgery is an attack where the victim’s browser is tricked into issuing a command to a vulnerable Web application.

Source: POA: Information Security, 4.2.4, page 172