Management Flashcards
How should words of estimative probability be used in the context of intelligence analysis?
As a relative guide to the level of confidence in a conclusion
What is ISO/IEC 27001:2013?
A standard for information security management
What is the role of senior management in implementing ISO/IEC 27001:2013?
To provide leadership and support for the implementation of and maintenance of the ISMS
What kind of information may executives be more interested in?
High-level risks and potential impact on business
What should be included in a cyber threat intelligence report to help the audience understand the severity of the threat?
Context for the information
What is the difference between likelihood and impact in a structured risk scale?
Impact refers to the severity of the risk while likelihood refers to the probability of occurrence.
How can a structured risk scale be used to communicate risk to stakeholders?
By presenting a clear and concise report
What is the main difference between traditional penetration testing and threat led penetration testing?
Traditional testing focuses on exploiting known vulnerabilities while threat led testing incorporates the latest threat intelligence to identify emerging threats and attack techniques
What are some of the methods used by testers to gather intelligence during a threat led penetration test?
Analysing public facing websites and social media profiles
What is the main goal of a threat led penetration test?
To simulate a real world attack and document potential attack scenarios
Which of the following angles are typically considered during threat modelling?
Technical, procedural and human factors.
Who within an organisation may not be interested in technical details in a cyber threat intelligence report?
Middle management
How can tailoring cyber threat intelligence reports for the right audience enhance the overall security posture of an organisation?
By ensuring the intelligence is acted upon and resources are deployed efficiently
What is the benefit of providing clear recommendations in cyber threat intelligence reports?
Creating actionable intelligence
T/f a risk matrix is a tool used to prioritise risk based on their likelihood and impact
True
T/f cyber threat intelligence analysts do not need to worry about implementing key findings from their disseminated reports
True
Threat modelling is a process of identifying potential threats and vulnerabilities that could harm an organisation t/f
True
Threat modelling involves ranking potential threats by their severity and likelihood of occurrence t/f
True
Organisations should only perform risk assessments when they have already experienced a security breach t/f
False
Threat modelling is only relevant for organisations that have a high level of security risk t/f
False
Why is tailoring your cyber threat reports important
To ensure that intelligence is acted upon
What can the diamond model be used for in a cyber threat intelligence report?
- to provide additional resources
- to provide a standardised format
To provide a standardised format
Which of the following factors should be considered when assigning values to risks in a structured scale?
- likelihood and impact of the risk
- location of the risk
- length of the report
Likelihood and impact of the risk
What is the benefit of using a standardised risk scale?
- increases likelihood of cyber attacks
- makes it easier to assign values to risks
- enables comparison of risks across organisations
Enables comparison of risks across organisations
What is the purpose of documenting findings during a threat led pen test?
To prioritise remediation efforts and improve overall security posture
