Introduction Flashcards
What are the four major domains covered by the CISM exam covers ?
- Information Security Governance
- Information Security Risk Management
- Information Security Program
- Incident Management
What is a deterrent control ?
Deterrent controls are administrative mechanisms (such as policies, procedures, standards, guidelines, laws, and regulations) that are used to guide the execution of security within an organization. Deterrent controls are utilized to promote compliance with external controls, such as regulatory compliance.
Deterrent controls attempt to discourage individuals from causing an incident.
What are the different type of controls ?
Preventive controls attempt to prevent an incident from occurring.
Detective controls attempt to detect incidents after they have occurred.
Corrective controls attempt to reverse the impact of an incident.
Deterrent controls attempt to discourage individuals from causing an incident.
Compensating controls are alternative controls used when a primary control is not feasible.
Who is the ultimate authority over the organization ?
The board of directors
What does MOU mean ?
Memoranda of Understanding
When is a MOU (Memoranda of Understanding) relevant ?
When it is an agreement with another INTERNAL organization
What does MSA mean ?
Master Service Agreement
What does SLA mean ?
Service Level Agreement
When to use MSA and SLAs ?
When the service is to be provided to external service providers
What does BPA mean ?
Business Partnership Agreement
When to use a BPA ?
When 2 organizations are entering into a joint effort.
What does AV mean ?
Asset Value
What is threat hunting ?
Cyber threat hunting is a proactive security search through networks, endpoints, and datasets to hunt malicious, suspicious, or risky activities that have evaded detection by existing tools.
Thus, there is a distinction between cyber threat detection versus cyber threat hunting. Threat detection is a somewhat passive approach to monitoring data and systems for potential security issues, but it’s still a necessity and can aid a threat hunter. Proactive cyber threat hunting tactics have evolved to use new threat intelligence on previously collected data to identify and categorize potential threats in advance of attack.
What is the role of the Red Team ?
They attempt to gain access to systems
What is the role of the Blue Team ?
They are defenders who secure systems from attack
What is the role of the White team ?
They are observers and judges
What is the role of the Purple team ?
They bring together members of red and blue teams
What does “preponderance of the evidence” mean
The evidence demonstrate that the outcome of the case is more likely than not.
Which “evidence standard” do civil cases follow ?
Preponderance of the evidence
What is a parallel test ?
It is a type of tests where the alternate processing facility is activated but the primary site retains operational control
What is a full interruption tests ?
In this type of test the primary site is shut down and operational control moves to the alternate site
What is a simulation test ?
Simulations and Structured Walk-Throughs do not affect normal operations and do not activate the alternate site.
What are the supporting tasks covered in the 1st chapter “Today’s Information Security Manager” ?
- Identify Internal and external Influences to the organization that impact the information security strategy
- Establish and/or maintain an information security strategy in alignment with organizational goals and objectives
- Gain ongoing commitment from Senior Leadership and other stakeholders to support the successful implementation of the Information Security Strategy
- Define, Communicate and Monitor Information Security Responsibilities throughout the organization and lines of authority
What is the responsibility of an Information Security Manager ?
Leading teams of cybersecurity professionals and helping them achieve the goals of the cybersecurity program while aligning those objectives with the needs of the business.
