General Security 1

Question 1

Which Security Control Categories are there?

Answer 1

• Technical
  Controls implemented using systems
  Automated mechanisms and Technology
  Firewall, Anti-Virus
• Managerial
  Implemented by Manager / Administrator
  Security Controls, Standard operating procedures, Access Control, Incident response plan
• Operational
  Implemented by people instead of systems
  Security Guards, Awareness Training
• Physical
  Limiting physical access
  Fences, Guard Check, Walls, Badge Readers

Question 2

Which Control Types are there?

Answer 2

• Preventive
  Limitation of access to resource
  Firewall Rule, Fence, Badge
• Deterrent
  Discourage Intrusion
  Warning signs, Front desk reception
• Detective
  Identify and log an intrusion atempt
  Collect and review of system logs, login reports, patrol of property
• Compensating
  Countermeasures to mitigate risk
  May be temporary
• Directive
  Designed to establish desired outcome
  File storage policies, compliance policies, signs

Question 3

What describes non-repudiation?

Answer 3

• The Integrity of Data
  Nothing has been changed
• Proof of Origin
  Where does the Data comes from?

Can be achieved via:
Hashing
Digital Signature

Question 4

What are Planes of Operation?

Answer 4

• Splitting Network into Funtional Planes

Data Plane
* Everything related that helps processing data within Network
* Frames, packets, network data

Control Plane
* Manages Control of processed Data
* Defines Rules and Policies
* How packets should be forwarded
* Routing table, session tables, NAT table

Question 5

What are Security Zones?

Answer 5

• Zones following different rule sets of access
• Trusted, untrusted
• internal, external
• differentiated by departments

Question 6

How to Evaluate or Control Security Controls?

Answer 6

Adaptive Identity
* Approach that can change and adjust how it verifies or recognises a persons identity based on different circumstances or behavior
* Multiple Risk indicators: Physical location, Type of connection, IP Address
* Result: Make authentication stronger if needed

Threat Scope Reduction
* Decrease possible entry points to a system

Policy driven Access Control
* Combination of adaptive Identity with predefined rules

Question 7

How are Security Zones enforced?

Answer 7

Policy Enforcement Points (PEP)
* Gatekeeper of all traffic traversing the network
* Gathers all information of traffic

Policy Decision Point (PDP)
* Examines authentication provided by PEP and makes decision if communication should be allowed or not
Consists of:
Policy Engine
* Evaluates each accewss decision based on policy
* Grant, Evoke, Revoke
Policy Administrator
* Communicates with Policy Enforcement Point
* Generates tokens, credentials

Question 8

How does a typical change approval process looks like?

Answer 8

1. Complete Request form
2. Determine Purpose of change
3. Determine affected systems and impact
4. Analyze Risks accociated with it
5. Approval from change control board
6. Get end-user acceptance after change is completed

Question 9

What is ownership in change management?

Answer 9

• Individuals or entity need to make a change, but they usually dont perform the actual change
• Owner manages actual change

Question 10

What is Impact Analysis?

Answer 10

• Risk Value assignes to change
• Also risks involved if change is not done

Question 11

What is a Backout Plan?

Answer 11

• Plan to revert back to original configuration
• Should be planned before change is done