Cybersecurity Risks and Controls

Question 1

What are the phases of an attack?

Answer 1

Before, During, After

Question 2

What is the risk equation for managed assets?

Answer 2

Risk = { Threats * Vulnerabilities * Asset Value } / Strong Controls

Question 3

What is the risk equation for unmanaged assets?

Answer 3

Risk = { Threats * Vulnerabilities * Asset Value } / Weak Controls

Question 4

What are the Business Controls that NIST references?

Answer 4

ISO 27002 Code of Practice

Question 5

What are the Technical Controls that NIST references?

Answer 5

CIS 20 Critical Controls

Question 6

What is Critical Infrastructure?

Answer 6

Assets, systems and networks, whether physical or virtual, so vital to the United States that their incapacitation or destruction would have a debilitating effect on national security, economic security, national public health or safety, or any combination thereof.

Question 7

What is EO ?

Answer 7

Executive Order

Question 8

Who issued EO 13800?

Answer 8

Trump

Question 9

What is EO 13800?

Answer 9

Strengthing Cybersecurity of Federal Networks and Critical Infrastructure

Question 10

What is the purpose of EO 13800?

Answer 10

To improve the nation’s cyber posture and capabilities in the face of intensifying cybersecurity threats to its digital and physical security.

Question 11

What are the deliverable for EO 13800 ?

Answer 11

• Cybersecurity

* Workforce development

Question 12

What does NIAC stand for?

Answer 12

National Infrastructure Advisory Council

Question 13

What were the NIAC Report recommendations?

Answer 13

1. Establish separate, secure communication networks for critical cyber control system traffic and reserved spectrum for backup communications.
2. Facilitate cyber threat sharing.
3. Identify the best scanning tools and assessment practices.
4. Strengthen the capabilities of today’s cyber workforce.
5. Establish outcome based market incentives to encourge owners to upgrade cyber infrastructure.
6. Streamline security clearance process for owners of the nation’s most critical cyber assets.
7. Establish protocols to rapidly declassify cyber threat information.
8. Pilot an operational task force of experts to respond to cyber threats.
9. Perform the Gridex-IV Exercise to test Federal Authorities during a cyber incident.
10. Establish a governance approach.

Question 14

What are the steps to mitigate risks?

Answer 14

1. Strategy -aligned with business strategy
2. Program - establish the target profile
3. Controls - should be used to establish the new current profile
4. Assessment - gap analysis compares current & target profiles
5. Report - detailed scorecard that identifies current capabilities and an improvement plan for cyber maturity.

Question 15

What are the NIST CFW Strategic Goals?

Answer 15

1. Protect Information Systems
2. Reduce Cyber Risk
3. Best-in-Class Cybersecurity Capabilities
4. Enterprise Approach to Cybersecurity
5. A Cyber-Secure Enterprise

Question 16

What are the Objectives of NIST CFW Goal #1 ?

Answer 16

Objective 1.1 Safeguard Confidential Information from Compromise
Objective 1.2 Protect the Integrity of Information
Objective 1.3 Ensure the Availability of Critical information systems
Objective 1.4 Provide Cyber-Resilient Information Sytstems
Objective 1.5 Maintain a Secure Technology Infrastructure

Question 17

What are the Objectives of NIST CFW Goal #2 ?

Answer 17

Objective 2.1 Drive cybersecurity Priorities and Initiatives Based on Effective Risk Management
Objective 2.2 Create and Nurture a Culture of Cyber-Risk Awareness
Objective 2.3 Establish Risk Ownership and effectively Communicate Risk

Question 18

What are the Objectives of NIST CFW Goal #3 ?

Answer 18

Objective 3.1 Align information and Cyber Security Efforts with the Business Needs
Objective 3.2 Deliver Technology Solutions that are Secure
Objective 3.3 Enhance the Ability to Detect Cyber-Attacks
Objective 3.4 Respond Rapidly and Effectively to Security Incidents
Objective 3.5 Build and Maintain a Robust Cyber-Defence Capability
Objective 3.6 Develop and Sustain a capable and Competent Cybersecurity Workforce

Question 19

What are the Objectives of NIST CFW Goal #4 ?

Answer 19

Objective 4.1 Establish Enterprise Information and Cyber security program
Objective 4.2 Embrace a Common Cyber security Framework
Objective 4.3 Enact Effective Enterprise-Wide Security Policies
Objective 4.4 Improve Cyber security through the Enterprise Technology Transformation

Question 20

What are the Objectives of NIST CFW Goal #5 ?

Answer 20

Objective 5.1 Improve Cyber security through leadership, Partnerships and National Participation.

Question 21

What is Strategic Goal #1 ?

Answer 21

Protect Information and Systems

Question 22

What is Strategic Goal #2 ?

Answer 22

Reduce Cyber Risk

Question 23

What is Strategic Goal #3 ?

Answer 23

Best-in-Class Cyber security Capabilities

Question 24

What is Strategic Goal #4 ?

Answer 24

Enterprise Approach to Cyber security

Question 25

What is Strategic Goal #5 ?

Answer 25

A Cyber-Secure Enterprise

Question 26

What does NCSF mean?

Answer 26

NIST Cyber Security Framework

Question 27

What are the functions of the NCSF Framework Core?

Answer 27

1. Identify
2. Protect
3. Detect
4. Respond
5. Recover

Question 28

What are the Categories of the NCSF Framework Core’s Identify function?

Answer 28

1. Asset Management
2. Business Environment
3. Governance
4. Risk Assessment
5. Risk Management
6. Supply Chain

Question 29

What are the Categories of the NCSF Framework Core’s Protect function?

Answer 29

1. Access Control
2. Awareness and Training
3. Data Security
4. Information Protection Procedures
5. Maintenance
6. Protective Technology

Question 30

What are the Categories of the NCSF Framework Core’s Detect function?

Answer 30

1. Anomalies and Events
2. Security Continuous Monitoring
3. Detection Processes

Question 31

What are the Categories of the NCSF Framework Core’s Respond function?

Answer 31

1. Respond Planning
2. Communications
3. Analysis
4. Mitigation
5. Improvements

Question 32

What are the Categories of the NCSF Framework Core’s Recover function?

Answer 32

1. Recovery Planning
2. Improvements
3. Communications

Question 33

Describe which function Asset Management category belongs to and how many sub-categories it has.

Answer 33

1. It belongs to the Identify function

2. It contains 6 sub-categories

Question 34

Describe which function Business Environment category belongs to and how many sub-categories it has.

Answer 34

1. It belongs to the Identify function

2. It contains 5 sub-categories

Question 35

Describe which function Governance category belongs to and how many sub-categories it has.

Answer 35

1. It belongs to the Identify function

2. It contains 4 sub-categories

Question 36

Describe which function Risk Assessment category belongs to and how many sub-categories it has.

Answer 36

1. It belongs to the Identify function

2. It contains 6 sub-categories

Question 37

Describe which function Risk Management category belongs to and how many sub-categories it has.

Answer 37

1. It belongs to the Identify function

2. It contains 3 sub-categories

Question 38

Describe which function Supply Chain category belongs to and how many sub-categories it has.

Answer 38

1. It belongs to the Identify function

2. It contains 5 sub-categories

Question 39

Describe which function Access Control category belongs to and how many sub-categories it has.

Answer 39

1. It belongs to the Protect function

2. It contains 7 sub-categories

Question 40

Describe which function Awareness and Training category belongs to and how many sub-categories it has.

Answer 40

1. It belongs to the Protect function

2. It contains 5 sub-categories

Question 41

Describe which function Data Security category belongs to and how many sub-categories it has.

Answer 41

1. It belongs to the Protect function

2. It contains 8 sub-categories

Question 42

Describe which function Information Protection Procedures category belongs to and how many sub-categories it has.

Answer 42

1. It belongs to the Protect function

2. It contains 12 sub-categories

Question 43

Describe which function Maintenance category belongs to and how many sub-categories it has.

Answer 43

1. It belongs to the Protect function

2. It contains 2 sub-categories

Question 44

Describe which function Protective Technology category belongs to and how many sub-categories it has.

Answer 44

1. It belongs to the Protect function

2. It contains 5 sub-categories

Question 45

Describe which function Anomalies and Events category belongs to and how many sub-categories it has.

Answer 45

1. It belongs to the Detect function

2. It contains 5 sub-categories

Question 46

Describe which function Security Continuous Monitoring category belongs to and how many sub-categories it has.

Answer 46

1. It belongs to the Detect function

2. It contains 8 sub-categories

Question 47

Describe which function Detection Processes category belongs to and how many sub-categories it has.

Answer 47

1. It belongs to the Detect function

2. It contains 5 sub-categories

Question 48

Describe which function Response Planning category belongs to and how many sub-categories it has.

Answer 48

1. It belongs to the Respond function

2. It contains 1 sub-categories

Question 49

Describe which function Communications category belongs to and how many sub-categories it has.

Answer 49

1. It belongs to the Respond function

2. It contains 5 sub-categories

Question 50

Describe which function Analysis category belongs to and how many sub-categories it has.

Answer 50

1. It belongs to the Respond function

2. It contains 5 sub-categories

Question 51

Describe which function Mitigation category belongs to and how many sub-categories it has.

Answer 51

1. It belongs to the Respond function

2. It contains 3 sub-categories

Question 52

Describe which function Improvements category belongs to and how many sub-categories it has.

Answer 52

1. It belongs to the Respond function

2. It contains 2 sub-categories

Question 53

Describe which function Recovery Planning category belongs to and how many sub-categories it has.

Answer 53

1. It belongs to the Recovery function

2. It contains 1 sub-categories

Question 54

Describe which function Improvements belongs to and how many sub-categories it has.

Answer 54

1. It belongs to the Recovery function

2. It contains 2 sub-categories

Question 55

Describe which function Communications belongs to and how many sub-categories it has.

Answer 55

1. It belongs to the Recovery function

2. It contains 3 sub-categories

Question 56

What are Tiers?

Answer 56

Tiers describe the maturity of an organization with regard to management of Cyber security risk.

Question 57

How many Tiers are there?

Answer 57

4

Question 58

What are the Tier ratings?

Answer 58

1. Partial
2. Risk Informed
3. Repeatable
4. Adaptive

Question 59

What is a NCSF Framework Profile?

Answer 59

A NCSF Framework Profile represents the cyber security outcomes based upon business needs that an organization has selected from the Framework Categories and Subcategories.

Question 60

What is the purpose of NCSF Framework Profiles?

Answer 60

To identify opportunities for improving cyber security posture by comparing a “Current” profile to a “Target” profile.

They can be used to conduct self- gap analyses.

Question 61

What is the NCSF Implement or Improvement methodology?

Answer 61

1. Prioritize
2. Orient
3. Create Current Profile
4. Conduct Risk Assessment
5. Create Target Profile
6. Determine Analyze & Priortize Caps
7. Implement Action Plan

Question 62

What is a Controls Factory?

Answer 62

A concept used to help organize the engiineering, technical and business functions of a NIST cyber security program.