Foundations of cybersecurity_C1

Question 1

What are the benefits of organisational security teams?

Answer 1

1. Threat protection- Protects against external and internal threats.
2. Compliance Regulation- org meets security standards required by laws and guidelines.
3. Productivity- Maintain and improve business productivity.
4. Expense Reduction- during data loss recovery, operation downtime and prevent fines.
5. Brand Trust- data compromises lower trust and impact business.

Question 2

What does CISSP stand for?

Answer 2

Certified Information Systems Security Professional

Question 3

What are the 8 Eight CISSP Security Domains?

Answer 3

1. Security and Risk Management
2. Asset Security
3. Security Architecture and Engineering
4. Communications and Network Security
5. Identity and Access Management (IAM)
6. Security Assessment and Testing
7. Security Operations
8. Software Development Security

Question 4

Which of the following is NOT a security domain covered in the CISSP?
a) Security and risk management
b) Asset security
c) Software development security
d) Cloud security

Answer 4

d) Cloud security

Question 5

What is the principle of least privilege?
a) Granting users the highest level of access possible
b) Granting users only the minimum level of access necessary to perform their tasks
c) Allowing users to access any data they want d) Restricting users from accessing any data

Answer 5

b) Granting users only the minimum level of access necessary to perform their tasks

Question 6

What is ‘Security Posture’?

Answer 6

An organisation’s ability to manage it’s defence of critical assets and data, and react to change

Question 7

What is Risk Mitigation?

Answer 7

The process of having the right procedures and rules in place to quickly reduce the impact of a risk like breach

Question 8

Business Continuity

Answer 8

An organisation’s ability to maintain their everyday productivity by establishing risk disaster recovery plans

Question 9

CISSP Domain 1
Security and Risk Management involves:

Answer 9

-Defines security goals and objectives: reduce risks to critical assets and data like PII

-Mitigates risks processes: right procedures/rules in place to quickly reduce the impact of a risk. i.e. a breach

-Ensures compliance: used to develop an organization’s internal security policies, regulatory requirements, and independent standards.

-Establishes business continuity:
organization’s ability to maintain everyday productivity by establishing risk disaster recovery plans.

-Adheres to legal regulations: Different worldwide laws, but overall goals are similar (related to security and risk management).

-Professional and organisational ethics:
This means following rules and expectations for ethical behaviour to minimize negligence, abuse, or fraud.

Question 10

Information security, or InfoSec

Answer 10

related CISSP domain 1 and refers to a set of processes established to secure information.

An organization may use playbooks and implement training as a part of their security and risk management program, based on their needs and perceived risk.
There are many InfoSec design processes, i.e:
Incident response
Vulnerability management
Application security
Cloud security
Infrastructure security

Question 11

CISSP Domain 2:
Asset Security involves:

Answer 11

managing the cybersecurity processes of organizational assets

-Secures digital and physical assets:
-Stores, maintains, retains, and destroys physical and virtual data securely
-Protects PII and SPII
-Ensures data is securely handled and protected

Question 12

CISSP Domain 3:
Security Architecture and Engineering involves:

Answer 12

managing date security-Security Architects and engineers create processes

Optimizes data security
Implements effective tools, systems, and processes
Promotes shared responsibility:
Encourages user involvement in security

Question 13

What is meant by ‘Shared responsibility’ ?

Answer 13

all individuals within an organization take an active role in lowering risk and maintaining both physical and virtual security.
By having policies that encourage users to recognize and report security concerns, many issues can be handled quickly and effectively.

Question 14

What are some of the Security Architecture and Engineering design principles:

Answer 14

Threat modeling
Least privilege
Defense in depth
Fail securely
Separation of duties
Keep it simple
Zero trust
Trust but verify

Question 15

CISSP Domain 4
Communication and Network Security involves:

Answer 15

-Manages and secures physical networks and wireless communications.
-Protects data and communications on-site, in the cloud, and remotely
-Prevents vulnerabilities from insecure connections
-Discourages insecure behaviour that could be exploited by threat actors

Question 16

CISSP Domain 5
Identity and Access Management (IAM) involves

Answer 16

Keeping data secure
by controlling access to physical and logical assets
Components of IAM:
* Identification
* Authentication
* Authorisation
* Accountability

Question 17

What is meant by Identification in (IAM)?

Answer 17

user verifies who they are by providing a user name, an access card, or biometric data such as a fingerprint

Question 18

What is meant by Authentication in (IAM)?

Answer 18

verification process to prove a person’s identity, such as entering a password or PIN.

Question 19

What is meant by Authorisation in (IAM)?

Answer 19

Once user’s identity has been confirmed and relates to their level of access, which depends on the role in the organization

Question 20

What is meant by Accountability in (IAM)?

Answer 20

monitoring and recording user actions, like login attempts, to prove systems and data are used properly.

Question 21

CISSP Domain 6
Security Assessment and Testing involves

Answer 21

identifying and mitigating risks, threats, and vulnerabilities
* Conducting security control testing:
Assists an organization in identifying new and better ways to mitigate threats, risks, and vulnerabilities.
Involves examining organizational goals and objectives, and evaluating if the controls being used actually achieve those goals

*Data collection and analysis:
Conducted regularly also helps prevent threats and risks to the organization.

*Conducting audits to monitor for risks, threats, and vulnerabilities.
To reduce the probability of a data breach.
Security analysts may conduct regular audits of auditing user permissions to validate that users have the correct levels of access to internal systems.

Question 22

CISSP Domain 7
Security Operations involves:

Answer 22

Conducting investigations
Implementing preventative measures

Question 23

CISSP Domain 8
Software Development Security involves

Answer 23

Using secure coding practices and guidelines to create secure applications and services.
Software development lifecycle
Performing application security tests

Question 24

What is a Software Development Lifecycle?

Answer 24

an efficient process used by teams to quickly build software products and features.

In this process, security is an additional step. By ensuring that each phase of the software development lifecycle undergoes security reviews, security can be fully integrated into the software product.

A security analyst may work with software development teams to ensure security practices are incorporated into the software development life-cycle.
performing a secure design review during the design phase
secure code reviews during the development and testing phases
penetration testing during the deployment and implementation phase

Question 25

Which of the following is a tool used for monitoring security events?
a) SIEM
b) IDS-Intrusion detection system (IDS)
c) IPS - Intrusion Prevention system (IPS)
d) All of the above

Answer 25

d) All of the above

Question 26

What is an IDS?

Answer 26

-Intrusion detection system (IDS)
An intrusion detection system or IDS is a monitoring device or software. It detects vulnerabilities, policy violations, and malicious activity in a system. An expanded IDS blocks threats in addition to identifying them.

Question 27

What is an IPS?

Answer 27

• Intrusion Prevention system (IPS)
  An application that monitors system activity for intrusive activity and takes action to stop the activity

Question 28

Why do Security teams use CISSP Security Domains?

Answer 28

to organize daily tasks and identify gaps in security that could cause negative consequences for an organization, and to establish the organisation’s security posture.