Information Security

Question 1

What are the three threat categories in information asset protection?

Answer 1

Intentional,
Natural,
Inadvertent.

Question 2

What kinds of companies are particularly vulnerable to counterfeiting and piracy?

Answer 2

Startups,
Early stage firms,
Small and medium size companies that are rich in intangible assets.

Question 3

According to the FBI, what are the six steps of protecting a business from espionage?

Answer 3

Recognize the (insider or outsider) threat,
Identify and valuate trade secrets,
Implement a proactive plan for protecting trade secrets,
Secure physical and electronics versions of trade secrets,
Confine intellectual knowledge to “need to know”,
Train employees on intellectual property protection.

Question 4

How does layered protection apply to information protection?

Answer 4

Apply multiple levels of protection to information assets,
Ensure that layers of protection complement each other,
Build a coordinated strategy that integrates families of protective measures (e.g. technical, physical, access control).

Question 5

Access to internal information should be restricted to which groups?

Answer 5

Company personnel and those who have signed a nondisclosure agreement.

Question 6

How should obsolete Prototypes, models, and test items be disposed of?

Answer 6

They should be destroyed so they can’t be reversed engineered.

Question 7

What is a patent?

Answer 7

A patent is a property right granted to an inventor to exclude others from making, using, offering for sale, or selling the invention for a limited time.

Question 8

What is a trademark?

Answer 8

Legal protection for words, names, symbols, devices, or images applied to products or used in connection with goods or services to identify their source.

Question 9

What is a copyright?

Answer 9

Legal protection of the expression of ideas in literary, artistic, and musical works.

Question 10

What is the best way to start addressing infringements of patents, copyrights, and trademarks?

Answer 10

By registering those rights.

Question 11

How long is US patent protection?

Answer 11

20 years from filing.

Question 12

What qualifies something as a trade secret?

Answer 12

The information added value or benefit to the owner,
The trade secret was specifically identified,and the owner provided a reasonable level of protection for the information.

Question 13

What is an intrusion detection system?

Answer 13

And intrusion detection system monitors for malicious programs and unauthorized changes to files and settings. It also monitors network traffic and provides alarms for network based attacks.

Question 14

What are the three methods of sanitizing electronic media?

Answer 14

Overwriting,
Degaussing,
Physical destruction.

Question 15

What are the two primary aspects of recovery after an information loss?

Answer 15

Return to normal business operations as soon as possible,

Implement measures to prevent a recurrence.

Question 16

During which stage of a project is critical information most vulnerable?

Answer 16

The intermediate phase.

Question 17

When is it appropriate to recycle papers that contain proprietary information?

Answer 17

When the papers have been properly destroyed.

Question 18

What access control protocol passes credentials between the reader and the control panel in plain text?

Answer 18

Wiegand.

Question 19

What is the difference between embedded and host based systems?

Answer 19

Embedded systems were typically programmed at the manufacturer and run proprietary or non-standard operating systems, e.g. cameras, card readers, and video converters.
Host based systems run on more standard operating systems such as windows and Linux and are easier to change.

Question 20

What are the two components of a legacy HID card?

Answer 20

A secret facility number,

An ID number that is printed on the card.

Question 21

What is a gecko?

Answer 21

A gecko is an inexpensive tool that can be used to give an intruder complete control over a door.

Question 22

What three aspects of information must be protected?

Answer 22

Confidentiality,
Integrity,
Availability.

Question 23

What is the fundamental equation of information systems security?

Answer 23

Residual Risk =

Threat x Vulnerabilities
————————————
Countermeasures

Question 24

What are the three categories of information system threat agents?

Answer 24

Nature,
People,
Virtual threats.

Question 25

What is the first job of a person tasked with an organizations information system security?

Answer 25

Create an information security management system appropriate for the size of the organization.

Question 26

What are the five general types of vulnerabilities of information systems?

Answer 26

Information systems infrastructure,
People using the infrastructure,
People maintaining the infrastructure,
Executive and senior management,
Information management processes.

Question 27

What are the five information systems infrastructure management counter measures?

Answer 27

Vulnerability and patch management,
System monitoring and log review,
Information system security metrics,
Physical security of the information system infrastructure,
IT staff training in information security.

Question 28

What are the seven layers of the open systems interconnect (OSI) network model?

Answer 28

Physical,
Data link,
Network,
Transport,
Session,
Presentation,
Application.

Question 29

What is a buffer overflow attack?

Answer 29

A buffer overflow attack occurs when a user or programmer gives a computer more information than the program is expecting. The extra characters may give the computer instructions to do some thing not originally intended.

Question 30

What is the “AAA triad” of information security with regard to access control?

Answer 30

Authentication,
Authorization,
Auditing/accountability.

Question 31

What is the IT infrastructure library

(ITIL)?

Answer 31

And international standard for managing IT - Particularly service-level agreements, the way an organization negotiates for IT security services.

Question 32

What is an escalation of privilege attack?

Answer 32

An escalation of privilege attack occurs when an email program is tricked into executing an email as if it were a program rather than text.

Question 33

What are the three major vulnerabilities of a printer?

Answer 33

They often connect to the network, so communications can be intercepted.
They may contain onboard memory, which must be wiped when printing confidential information.
The hardcopies they create can be taken from one place to another.

Question 34

What is a security information and event manager (SIEM)?

Answer 34

A security information and event manager is a device that looks at all the log activity on the network and attempts to point out what is most important to facilitate response to incursions and other problems on the network.

Question 35

What are ISO 27001 and 27002?

Answer 35

ISO 27001 and 27002 are the first acknowledged worldwide standards to identify a code of practice for the management of information security.

Question 36

What are the six elements of the payment card industry data security standard (PCI DSS)?

Answer 36

Build and maintain a secure network,
Protect cardholder data,
Maintain a vulnerability management program,
Implement strong access control measures,
Regularly monitor and test networks,
Maintain and information systems policy.

Question 37

According to ISO 27002, which three elements of guidance should information security policies include, at a minimum?

Answer 37

Definition of information security and its objectives/scope,
Statement of management intent,
Brief explanation of security policies/principles/standards important to the organization.

Question 38

What is the fundamental idea behind an information security management system?

Answer 38

Continual improvement.

Question 39

On what does the effectiveness of an information security program ultimately depend?

Answer 39

Peoples behavior.

Question 40

Which five information security systems (ISS) issues can also weaken physical security in a converged system?

Answer 40

Denial of services,
Insertion of incorrect data,
Data theft,
Data modification,
Data destruction.

Question 41

What are four main vectors via which network security systems can be attacked?

Answer 41

Social engineering,
Direct hacking,
Malware,
Web attack.

Question 42

What are three main reasons that malware is effective?

Answer 42

Out of date antivirus software,
Users open booby-trapped emails or websites,
System administrator’s allow users to install software on the desktop.

Question 43

What is cross site scripting?

Answer 43

A cross site scripting error on a website enables an attacker to run a malicious code from a second website on the browser of the person viewing the first website.

Question 44

What is cross site request forgery?

Answer 44

A cross site request forgery is an attack where the victim’s browser is tricked into issuing a command to a vulnerable web application.

Question 45

What is an injection attack?

Answer 45

An injection attack allows an adversary to execute a command directly on a database contrary to allowed access rights.