Domain 1 Flashcards

Question 1

Q

A logical structure used to document and organize processes?

Answer

A

Framework

Question 2

Q

Framework for designing, establishing, implementing, maintaining, and monitoring an information security program.

Answer

A

ISMS (Information Security Management System)

Question 3

Q

Internationally recognized Information Security Framework

Answer

A

ISO 27000

Question 4

Q

Payment card system information security contractually enforced framework

Answer

A

PCI DSS (Payment Card Industry Data Security)

Question 5

Q

This type of metric is intended to help an organization compare themselves to peers

Answer

A

Benchmark

Question 6

Q

Publisher of the SP800 series.

Answer

A

NIST

Question 7

Q

This program is the U.S government repository of publicly available security guidance.

Answer

A

NCP (National Checklist Program)

Question 8

Q

This U.S framework is voluntary guidance, based on existing standards, guidelines, and practices, for critical infrastructure organizations to better manage and reduce cybersecurity risk

Answer

A

NIST Cybersecurity Framework

Question 9

Q

The U.S government repository of standards-based vulnerability management data.

Answer

A

NVD (National Vulnerability Database)

Question 10

Q

Principle that focuses on protection from unintentional accidental, or inadvertent change.

Answer

A

Integrity.

Question 11

Q

Process of tracing actions to their source.

Answer

A

Accountability.

Question 12

Q

Principle that only authorized subjects have access.

Answer

A

Confidentiality

Question 13

Q

Positive identification of a person or a system.

Answer

A

Authentication.

Question 14

Q

Process used to develop confidence that security measures are working as intended.

Answer

A

Assurance.

Question 15

Q

Principal that relates to operations and accessibility.

Answer

A

Availability.

Question 16

Q

Granting users and systems a predetermined level of access

Answer

A

Authorization.

Question 17

Q

Confidence that the system will act in a correct and predictable manner in every situation.

Answer

A

Trustworthy Computing.

Question 18

Q

Logging of access and use of information resources.

Answer

A

Accounting.

Question 19

Q

Expanded view of information security to include external relationships and global threats.

Answer

A

Cybersecurity.

Question 20

Q

The standard of care that a prudent person would have exercised under the same or similar conditions:
- Actions taken by an organization to protect its stakeholders, investors, employees, and customers from harm.

Answer

A

Due Care.

Question 21

Q

Is an investigation of a business or person generally before entering into a contract:
- Is is the care and caution a reasonable person would take.

Answer

A

Due Diligence.

Question 22

Q

Is the potential liability incurred by a company whose computer systems are compromised and becomes the source of harm.

Answer

A

Downstream Liability.

Question 23

Q

The board or a board committee duties include:

Answer

A

Promoting effective governance.
Determining organizational risk tolerance.
Contributing to and authorizing strategic plans.
Allocating funds.
Approving policies and significant projects.
Ensuring appropriate monitoring.
Ensure compliance with laws, regulations and contracts.
Reviewing audit and examination results.
Honoring the legal constructs of due diligence and due care.

Question 24

Q

Executive management is responsible for:

Answer

A

Strategic Alignment.
Risk Management.
Value delivery.
Performance measurements.
Resource management.
Processes assurance.

Question 25

Q

Corporate Governance.

Answer

A

Is the system by which organizations are directed and controlled.
Governance structures are principles identify the distribution of rights and responsibilities.

Question 26

Q

Governance Outcomes.

Answer

A

Strategic Alignment.
Risk Management.
Value Delivery.
Resource Management.
Performance Measurements.
Process Integration.

Question 27

Q

Strategic Alignment.

Answer

A

Aligning departmental strategies with business strategy to support organizational goals.

Question 28

Q

Risk Management.

Answer

A

Mitigate risk to acceptable level.

Question 29

Q

Value Delivery.

Answer

A

Optimize investments in support of business objectives.

Question 30

Q

Resource Management.

Answer

A

Efficient and effective use of resources.

Question 31

Q

Performance Measurements

Answer

A

Monitoring and reporting on achievements.

Question 32

Q

Processes Integration.

Answer

A

Achieve operational synergies and efficiencies.

Question 33

Q

Information Security Management (ISM) personnel.

Answer

A

Generally have the authority to interpret strategic direction and are held accountable for the success of failure of their area.
ISM personnel should report as high as possible to maintain visibility, limit distortion, and minimize conflict of interest.

Question 34

Q

Related infosec or ISM organizational roles, include:

Answer

A

Chief Risk Officer (CRO)
Chief Information Security Officer (CISO)
Information Security Officer (ISO)
Information Assurance Officer (IAO) or manager (IAM)
Privacy Officer
Compliance Officer.
Physical Security Officer.
Internal Audit.

Question 35

Q

Information Security Management include:

Answer

A

Being a subject matter expert and security champion.
Managing the information security program.
Communicating with executive management.
Coordinating the budget for information security activities.
Ensuring the development and upkeep of governance documents.

Question 36

Q

Functional Roles.

Answer

A

Functional roles are tactical and relate to specific data-sets, information systems, assets, or processes.

Question 37

Q

Information Owner.

Answer

A

Owners are members of management responsible for protection of a subset of information.

Question 38

Q

Custodians.

Answer

A

Custodians are responsible for implementing, managing, and monitoring the protection mechanisms.

Question 39

Q

Data Users.

Answer

A

Users are expected to follow operational security procedures.

Question 40

Q

Jurisdiction.

Answer

A

Is the power or right of a legal or political agency to exercise its authority over a person, subject matter, or territory. Jurisdiction considerations include:

Privacy and security regulations (or lack of).
Access of local governments to stored or transmitted data.
Attitudes toward “foreigners”
Law Enforcement.

Question 41

Q

GLBA

Answer

A

The Safeguards Rule requires financial institutions to have measures in place to keep customer information secure. In addition to developing their own safeguards, companies covered by the safeguards rules are responsible for taking steps to ensure that their affiliates and service providers safeguards customer information in their care.

Question 42

Q

HIPPA | HITECH

Answer

A

The Security Rule requires covered entities implement appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information in their care and shared with business partners.

Question 43

Q

FISMA

Answer

A

FISMA requires federal agencies to implement a program to provide security for their information and information systems including those provided by or managed by another agency.

Question 44

Q

Data Protection Directive / GDPR (EU)

Answer

A

Data protection for all individuals within the European Union. EU Data Protection Directive (EU DPD) and it’s successor the GDPR (General Data Protection Regulations) is based upon the Organization for Economic Cooperation and Development (OECD) Privacy Principles.

Question 45

Q

Cookie Law.

Answer

A

Web cookies inform and consent requirements.

Question 46

Q

PCI DSS

Answer

A

Payment Card Industry Data Security Standard (PCI DSS) is a contractual obligation between merchants and the the payment card brands.

The PCI DSS framework includes stipulations regarding storage, transmissions, and processing of payment card data.
Six core principles require technical and operational security controls, testing, requirements, and attestation process.

Question 47

Q

Board of Directors

Answer

A

Group ultimately responsible for the actions of the organization from a fiduciary perspective.

Question 48

Q

Users

Answer

A

Group responsible for interacting with information systems in accordance with organizational policies and standards.

Question 49

Q

Privacy

Answer

A

Privacy is the right of an individual to control the use of their personal information.

Question 50

Q

Information Security.

Answer

A

Information Security is the process by which we safeguard information and systems and ensure confidential, integrity, and availability.

Question 51

Q

Data Compilation

Answer

A

Collection of data for “later use” to be determined.

Question 52

Q

Data Warehousing

Answer

A

Data Warehousing combines data from multiple sources into a large database with the purpose of extensive retrieval and trend analysis

Question 53

Q

Data Mining

Answer

A

Process of analyzing data with tools that look for trends, correlations, or anomalies resulting in metadata.

Question 54

Q

Aggregation

Answer

A

individual pieces of data are combined to create a bigger picture that may have greater sensitivity thank individual parts.

Question 55

Q

Inference

Answer

A

Ability to derive information that is not explicitly available.

Question 56

Q

Family Education Rights and Privacy Act (FERPA)

Answer

A

Student educational records.

Question 57

Q

Federal Privacy Act (U.S.)

Answer

A

Data Collected by the Government.

Question 58

Q

Children's Online Privacy Protection Act (COPPA)

Answer

A

Citizen data privacy protection.

Question 59

Q

Privacy Statement

Answer

A

Clearly state what information may be collected, how the information will be used, who the information may be shared with and why, how a third-party may use the information, and how to opt out.
Codify the organization’s commitment to data quality and to data security.

Question 60

Q

Computer Crime

Answer

A

Computer Crime is a term broadly applied when a computer is used in the act of computing a crime. Computer crimes are often divided into two categories:

Computer as the target of a crime.
Computer as a tool (weapon) used to commit a crime.

Question 61

Q

Computer Fraud and Abuse Act

Answer

A

Unauthorized access to federal government, financial institution system, or any system used for interstate or foreign commerce.

Question 62

Q

National Information Infrastructure Protection Act of 1996

Answer

A

Primary federal anti-hacking statute.

Question 63

Q

Wiretap Act

Answer

A

Unauthorized interception of digital communications.

Question 64

Q

Electronic Communications Privacy Act

Answer

A

Unauthorized access or damage to electronic messages in storage.

Answer 65

A

Is a broad term given to criminal activity that involves the Internet, a computer system, a computer network, or technology.

Answer 66

A

Hackers / Script Kiddies.
Organized Crime.
Hacktivist .
Nation-State founded.
Insiders.
Competitors.

Answer 67

A

An incident that is classified as a confirmed or high probability breach may trigger disclosure and notification requirements.

Answer 68

A

Intellectual Property (IP) describes a wide variety of property created by musicians, authors, artists, designers, and inventors.

Intellectual property can be used in commerce or can be artistic or literary works.
Intellectual property laws protect use and misuse including compensation.
Intellectual Property law includes patents, trademarks, copyrights, trade secrets and software licensing.

Answer 69

A

Patents are designed to protect an invention.

The invention must be novel, not obvious, and provide some utility.
A patentable invention must be something that can be produced.
A patent is good for 20 years.

Answer 70

A

A trademark is intended to protect recognizable names, icons, shape, color, sound, or any combination used to represent a brand, product, service, or company.
- Law creates exclusive rights.

Answer 71

A

A copyright covers the expression of an idea rather than the idea itself (which is protected by the patent).

The intent is not protect artistic property such as a writing, recording, or a computer program.
The protections are intended to allow the creator to benefit from being credited for the work and to control the distribution, duplication, and use of the work.
A trademark or service mark can be renewed every 10 years.

Answer 72

A

Trade Secrets refer to proprietary business and technical information, processes, designs, or practices that are confidential and critical to a business.
- Trade Secrets don’t require any registration.

Answer 73

A

It is defined as the “unauthorized copying or distribution of copyrighted software”.

Piracy includes copying, downloading, sharing, selling, or installing, or installing multiple copies onto personal or work computers.
The Digital Millennium Copyright Act (DMCA) makes it illegal to create products that circumvent copyright protections such as a license key.

Answer 74

A

Legally enforceable software use agreement.

Answer 75

A

The right of an individual to control the use of their personal information.

Answer 76

A

The primary motivation of this threat actor us making a political statement.

Answer 77

A

Protect society, the common good, necessary public trust and confidence, and the infrastructure.
Act honorably, honestly, justly, responsibly, and legally.
Provide diligent and competent service to principles.
Advance and protect the profession.

Answer 78

A

Policies are high-level statements (governance communications) intended to communicate rules and expectations and to provide direction.

Standards, baselines, guidelines, and procedures support the implementation of a policy.
Policies must be approved by executive management.

Answer 79

A

The Information Security policies codify the high-level requirements for protection information and information assets and ensuring Confidentiality, Integrity, and Availability.

Written information security policies may be a regulatory or contractual compliance requirement.
Each aspect of the information security program should have a corresponding policy documents.

Answer 80

A

Endorsed
Relevant
Realistic
Attainable
Adaptable
Enforceable
Inclusive

Answer 81

A

Plan
Write
Approved
Publish (Communicate, Disseminate, Educate)
Adopt (Implement, Monitor, Enforce)
Review (Solicit Feedback, Reauthorize or Retire)

Answer 82

A

Standards serve as specifications for the implementation of policy and dictate MANDATORY requirements.

Answer 83

A

Baselines are aggregate of standards for a specific category or grouping such as a platform, device type, ownership, or location.

Answer 84

A

Guidelines help people understand and conform to a standard. Guidelines are customized to the intended audience and are NOT mandatory

Answer 85

A

Procedures are instructions for how a policy, standard, baseline, or guideline is carried out in a given situation. Procedures focus on discrete actions or steps, with a specific starting and ending point.
Four commonly used formats:
- Simple
- Hierarchy
- Graphic
- Flowchart.

Answer 86

A

Business continuity is the ability for a business to operate in adverse conditions.

Business continuity may be a contractual obligation.
Business continuity may be a regulatory requirement.

Answer 87

A

The objective of business continuity planning is to prepare for continued operation of ESSENTIAL functions and services during disruption of normal operating conditions. To support this objective:

Threat scenarios are evaluated.
Essential services and processes are identified.
Response, recovery, and contingency plans are developed
Strategies, plans, and procedures are tested.

Answer 88

A

Board of Directors (or equivalent) approval of Business Continuity policies.
Board of Directors (or equivalent) oversight of BCP strategies, plans and testing.
Management oversight of BCP preparedness including external parties.

Answer 89

A

Project initiation and assignments.
Business Impact Analysis
Threat Analysis
Strategy Development
Plan Development
Execution / Procurement
Training
Testing
Auditing
Monitoring
Maintenance Review & Update.

Answer 90

A

ISO 22301:2012

- SP 800-34 R1

Answer 91

A

Business unit plan and procedures for operational activities.

Answer 92

A

Plan and procedures for internal and external communications.

Answer 93

A

Plan and procedures for recovering technology and facilities.

Answer 94

A

Plan and procedures for minimizing loss of life and property.

Answer 95

A

Plan and procedures for mitigating a cyber attack

Answer 96

A

U.S Federal Agency responsible for responding to and coordinating the response to a disaster that has occurred in the USA

Answer 97

A

The Objective of Business Impact Analysis (BIA) is to identify the impact of a disruption on mission-essential services, systems, and infrastructure.

Answer 98

A

Understand organizational continuity requirements.
Make investment decisions.
Guide the development of incidents response, disaster recovery, and business contingency (continuity) plans

Answer 99

A

Maximum time a process/service can be unavailable without causing significant harm to the business.

Answer 100

A

Amount of time allocated for system recovery. Must be less than the maximum amount of time a system resource can be unavailable before there is an unacceptable impact on other system resources or business processes.

Answer 101

A

Acceptable data loss. The point in time prior to a disruption or system outage that data can be recovered.

Answer 102

A

Identify Essential Services & Dependencies.
Determine Maximum Tolerable Downtime (MTD).
Determine Recovery Point Objective (RPO).
Identify Infrastructure and Dependencies.
Determine Current RTO & RPO.
Gap Analysis.
Report to Management.

Answer 103

A

A Background Check is an investigative report. It may include criminal, financial, credit and/or education history, workers compensation claims, and public records.

The depth and breath of a background check should specifically be related to job roles and responsibilities and level of access.
The applicant has a right to privacy. Consent should always be requested.

Answer 104

A

Onbarding is the process of integrating a new employee with a company and culture as well as getting the tools and information they need to be successful.
- User orientation is the initial task on completing paperwork.

Answer 105

A

User Provisioning is the process of creating user accounts and credentials, assigning access rights and permissions.

Answer 106

A

Protects Data from unauthorized disclosure:

Establish data ownership
Protect information from disclosure.
Prevent forfeiture of patent rights
Define handling standards including disposal.

Answer 107

A

Sets forth proper use if information systems, handling standards, monitoring and privacy expectations.

An AUP should be written in languages that can be easily and unequivocally understood.
By signing the associated agreement, the user acknowledges, understands, and agrees to the stated rules.

Answer 108

A

Data Classifications and handling standards
Login requirements including password standards and use of tokens an/or biometrics
Procurement, installation, and licensing
Written and verbal communication use and limitations (including personal email)
Use, activity, and engagement (including social media)
Use, configuration, activity, and device protection

Use, configuration, activity, and physical security

Instructions on how to spot and report suspicius activity.

Answer 109

A

Rotating assignments (fraud deterrent and detection)

Answer 110

A

Require employees to take a set amount of vacation time (fraud deterrent and detection)

Answer 111

A

Breaking a process into tasks so tat no one subject is in complete control.
(fraud prevention/deterrent - would require collusion)

Answer 112

A

Requiring to never leave confidential data (paper, monitor, whiteboard) unattended or within view of unauthorized personnel.

Answer 113

A

Termination ends employment. How termination is handled depends upon the specific circumstances (friendly/unfriendly) and transition arrangements that have been made with the employee.

Tasks include recovering physical and access control assets, deleting or disabling local an remote access, deleting or disabling user accounts and access permissions, archiving documents and email, and reassigning file folder permissions.
All these tasks should be documented.

Answer 114

A

Off-boarding is the process for transitioning employees out of an organization. Tasks include:
- Documenting separation details
Tasks and responsibilities prior to departure
- Knowledge transfer
- Exit Interview.

Answer 115

A

(ISC)2 Boards of Directors

Answer 116

A

Business Unit

Answer 117

A

Acceptable Use Policy Agreement.

Answer 118

A

Strategic aliment with the organizatnio’s objectives.
Legal, regulatory, or contractual requirements.
Level of risk

Answer 119

A

Potential danger.

Answer 120

A

Individual or group that can manifest a threat.

Answer 121

A

Specific instance of a threat

Answer 122

A

Weakness.

Answer 123

A

When a threat agent successfully takes advantage of a vulnerability.

Answer 124

A

Magnitude of harm caused by a threat source.

Answer 125

A

A weighted factor that a given threat agent is capable of exploiting a giving vulnerability.

Answer 126

A

Risk is the measurement of likelihood and impact of a threat event. Risk is inherently neither good nor bad.

Answer 127

A

Risk appetite is the level of risk that an entity will accept in pursuit of its mission and objectives.

Risk appetite can vary by category of risk
Risk Tolerance is acceptable variation in outcomes related to specific performance measures.

Answer 128

A

Managing Risk implies that the level of risk is understood, and is either accepted or being actively controlled (treated) and in either case, monitored.

Answer 129

A

Information Security Risk Management Framework should complement the organization’s risk management framework and be in conformance with regulatory requirements.

Answer 130

A

A Risk Assessment is used to identify the level of risk:

Risk is assessed by evaluating, and the impact if the circumstance or event occurs.
The target of a risk assessment can be internal systems/process or external supply chain.
The target of a risk assessment can be internal system/process or external supply chain relationships.

Answer 131

A

Risk Treatment is how an organization responds to identified risks - generally defined as actions taken to either accepted the level of risk or mitigate the impact of the undesirable or unfavorable outcome and-or enhance the likelihood of a positive outcome.

Inherent risk is the level of risk before treatment.
Residual risk is the level of risk after treatment.

Answer 132

A

Act if the risk doesn’t exist.

Answer 133

A

Eliminate the cause or terminate the associated activity.

Answer 134

A

Reduce the impact or likelihood by implementing controls or safeguards.

Answer 135

A

Discourage the threat action or adversary from taking action.

Answer 136

A

Spread the risk among multiple parties.

Answer 137

A

Assign the risk to another party via insurance or contractual agreement (subject to legal and regulatory constraints)

Answer 138

A

Acknowledge the risk and monitor it.

Answer 139

A

The objective of Risk Monitoring is to track known risks, evaluate treatment effectiveness, identify new risks, and schedule ongoing assessments.

Answer 140

A

A Risk Register is a tool used to document organization risks and ancillary details such as owner, treatment, measures, and monitoring tasks.

Answer 141

A

A Risk Assessment is used to identify the level of risk./
- Determining the scope and scheduling of risk assessments is a risk management function; however, it is common for this process to be managed by the audit department.

Answer 142

A

Qualitative Risk Assessment.
Quantitative Risk Assessment.
Semi-Qualitative Risk Assessment.

Answer 143

A

Qualitative Risk Assessment use descriptive terminology such as high, medium, and low or normal, elevated, and severe.

Answer 144

A

Quantitative Risk Assessment assign a numeric and monetary values to all elements of the assessment.

Answer 145

A

Semi-Qualitative Risk Assessments assign a numeric weighted scale to the descriptive values (e.g. high=5, medium=3, low=1) and incorporates deterministic formulas.

Answer 146

A

NIST SP 800-30
Facilitated Risk Analysis Process (FRAP)
The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE)

Answer 147

A

Federal Government Standard

- Used extensively in the private sector.

Answer 148

A

Used to analyze one system at a time

- Stresses screening activities

Answer 149

A

Can be used to large scopes

Facilitated workshops involving business process teams
Developed at the Carnigie Mellon University Software Engineering Institute (CM SEI)

Answer 150

A

Supports the requirements of an ISO 27000 information security management system
- Does not specify a specific methodology but does detail a structured sequence of iterative processes.

Answer 151

A

Asset value (AV) expressed in $
Exposure factor (EF) expressed as a %
Single Loss expectancy (SLE) expressed in $
Annualized rate of occurrence (ARO) expressed as a #
Annualized loss expectancy (ALE) expressed in $
Cost/Benefit analysis (CBA) expressed in $

Answer 152

A

SLE ($) = AV($) x EF(%)

Answer 153

A

ALE($) = SLE($) x ARO (#)

Answer 154

A

Level of Risk after Controls are applied

Answer 155

A

A control (sometimes called the countermeasure or safeguard) is a tactic, mechanism, or strategy that accomplished one or more of the following:

Reduces or eliminates a vulnerability
Reduces or eliminates the likelihood that a threat agent will be able to exploit a vulnerability
Reduces or eliminates the impact of an exploit

Answer 156

A

Deterrent
Preventive
Detective
Corrective
Compensating

Answer 157

A

Deterrent Controls discourage a threat agent from acting.

Answer 158

A

Preventive controls stop a threat agent from being successful.

Answer 159

A

Detective controls identify and report a threat agent, action, or incident.

Answer 160

A

Corrective controls minimize the impact of a threat agent, or modify or fix a situation (recovery)

Answer 161

A

Compensating controls are alternate controls designed to accomplish the intent of the original controls as closely as possible, when the originally designed controls cannot be used due to limitations of the environment or financial constraints.

Answer 162

A

Controls relating to oversight, laws, rules, regulations, and policies.
-Policies, procedures, training, audits, compliance reporting

Answer 163

A

Controls that can have a material structure (seen, heard, touched).
- gate, alarm, guard, barricade, door, lock, CCTV, ID card.

Answer 164

A

Controls provided through the use of technology and/or a digital device.
- Encryption, ACLs, firewall rules, anti-virus software, bio-metric authentication.

Answer 165

A

Attacker- Centric.
Architecture-Centric
Asset Centric.

Answer 166

A

Attacket-Centric threat models start with identifying an attacker and the evaluate the attacket’s goals and potential techniques.

Answer 167

A

Architecture-Centric threat models focus on system design and potential attacks against each component.

Answer 168

A

Asset-Centric Threat Modeling threat models begin by identifying asset value and motivation of threat agents.

Answer 169

A

Motivation is the driving force behind any attack

Answer 170

A

Workfactor is the time, effort, and resources needed for an attacker to successfully achieve their objective.

Answer 171

A

Threat Intelligence is evidence-based knowledge about an emerging threat that can be used to inform control decisions. The true value of threat intelligence is in its application.

Answer 172

A

Open Source threat intelligence (OSINT) is a term used to refer to the data collected from publicly available sources to be used in an intelligence context.

Answer 173

A

Information Sharing and Analysis Centers (ISACs) collect, analyze and disseminate actionable sector specific threat information to their members and provide members with tools to mitigate risks and enhance resiliency.

Answer 174

A

Threat detection is the process of identifying artifacts (e.g. virus signatures, IP address, malicious URL, command and control connection, file changes, unexpected activity, behavioral anomalies) that are indicative of an attack (IOA) or an active exploit (IOC).

Answer 175

A

Indicator of an Attack (IOA) is a proactive early warning sign that an attack may be imminent or already underway underway.

Answer 176

A

Indicator of Compromise (IOC) is a reactive substantive or corroborating evidence that a system or network has been exploited.

Answer 177

A

Resiliency is the capability to continue operating even when there has been a fault, incident, or abnormal operating conditions.

Answer 178

A

Attacker Chooses a target for a specific objective

Answer 179

A

Attacker takes advantage of a vulnerable target (not previously known to them)

Answer 180

A

Attacker uses an amplification factor to multiply its power.

Answer 181

A

Attacker focuses on obtaining elevated access to resources that are normally protected from an application or user.

Answer 182

A

A sophisticated attack in which an attacker gains access to a network and stays there undetected for a long period of time.

Answer 183

A

A threat that is exploited and was unknown before it was detected.

Answer 184

A

Digital Infrastructure.
Human
Physical Infrastructure.

Answer 185

A

Spoofing
Poisoning
Hijacking
Denial of Service (DOS)
Code.

Answer 186

A

Impersonation an address, system or person.

- Enables an attacker to act as the trusted source and redirect/manipulate actions

Answer 187

A

Manipulating trusted source of data (e.g. DNS)

- Enables an attacker to act as the trusted source and redirect/manipulate actions.

Answer 188

A

Intercepting communication between two systems

- Enables an attacker to eavesdrop, capture, manipulate, and or reuse data packets

Answer 189

A

Overwhelming communication between two systems

- Enables an attacker to take control

Answer 190

A

Exploiting weaknesses in a server or client side code, applications or hardware.
- Enables an attacker to take control.

Answer 191

A

A supply chain is a ecosystem of organizations, process, people and resources involved in providing a product or service.

The supply chain represents the steps it takes to get the product or service to the consumer.
The supply chain includes outsourced operations.
The supply chain includes external providers.

Answer 192

A

Insourcing is when functions are performed by internal personnel

Answer 193

A

Outsourcing is when functions are performed by third parties.

Answer 194

A

Supply Chain Risk Management (SCRM) is the implementation of strategies to manage uncertainty, identify vulnerabilities, and ensure continuity.

Answer 195

A

Statement on Standards for Attestation Agreements #18 (SSAE18) Service Organization Control (SOC) Reports are internal control report on the services provided by a service organization.

Answer 196

A

Security Education (Long term)
Training (Intermediate)
Awareness (Short-term)

Answer 197

A

Employee Awareness Programs should include:

On-boarding (initial and at 3 months) which includes polices, best practices, social engineering, duress, and reporting suspicious activity.
Annual compliance and ‘hot topic’ training (instructor-led, recorded, online)
Ongoing Awareness program.
As needed, situational awareness communications.

Answer 198

A

Social Engineering (SE) describes a class of techniques used to manipulate people by deception, into divulging information or performing an action.

Answer 199

A

Authority
Intimidation
Consensus / Social Proof
Scarcity
Urgency
Familiarity / liking
Trust

Answer 200

A

Pretexting using email.

Answer 201

A

Targeted version of phishing.

Answer 202

A

High profile phishing target

Answer 203

A

Pretexting using voice (phone)

Answer 204

A

Warning f a non-existent threat or offer-designed to defraud.

Answer 205

A

Compromising a website or social media application frequented by the target.

Answer 206

A

Impersonation.
Shoulder Surfing.
Piggybacking | Tailgating.
Dumpster Diving.

Answer 207

A

Impersonation a “trusted” source in order to gain access.

Answer 208

A

Covert Observation.

Answer 209

A

When an unauthorized person enters a checkpoint close behind, or in concert with authorized personnel.

Answer 210

A

Rummaging through trash and recycling in search of information.

Answer 211

A

User education, including general awareness and understanding of the importance of following security procedures and reporting suspicious activity. Supported by:

Published policies and procedures (caller/visitor identification, document disposal)
Technical Controls ( SPAM and content filtering)
Physical Controls (surveillance, mantraps, anti-skimming).

Brainscape's Knowledge GenomeTM

Domain 1 Flashcards

Study

Brainscape's Knowledge Genome^TM