Memorize

Question 1

DSM (regarding data)

Answer 1

Data Services Management

Question 2

SOAR

Answer 2

Security Orchestration, Automation, Response

Question 3

SIEM

Answer 3

Security Information and Event Management

Question 4

FPE (data protection)

Answer 4

Format Preserving Encryption

Question 5

VRF (networking)

Answer 5

Virtual Routing and Forwarding

Question 6

FTD

Answer 6

Firepower Threat Defense

Question 7

ISE

Answer 7

Identity Services Engine

Question 8

AIA

Answer 8

Authority Information Access

Question 9

DRS (re: data)

Answer 9

Designated Record Set

Question 10

ISL

Answer 10

Integration Services Library

Question 11

CRI-O

Answer 11

an implementation of the Kubernetes CRI (Container Runtime Interface) to enable using OCI (Open Container Initiative compatible runtimes).

Question 12

FISMA

Answer 12

Federal Information Security Modernization Act
Enacted in 2002 - mandates a process to security posture of federal government.
Name change from management to modernization in 2014.
Codifies DHS authority to develop and oversee implementation of binding operational directives

Question 13

CISA

Answer 13

Cybersecurity & Infrastructure Security Agency
Federal agency

Question 14

NIST SP 800-190

Answer 14

Application Container Security Guide

Question 15

FISMA compliance most often refers to?

Answer 15

meeting controls identified in SP 800-53

Question 16

NIST SP 800-37

Answer 16

describes Risk Management Framework

Question 17

SMART Goals

Answer 17

Specific Measurable Attainable Relevant Time-bound

Question 18

5 functions in CSF

Answer 18

Identify
Protect
Detect
Respond
Recover

Question 19

Layers of CSF (levels of hierarchy)

Answer 19

Function (5)
Category (23)
Subcategory (108)

Question 20

ID.AM-1

Answer 20

Physical devices and systems within the organization are inventoried

Question 21

ID.AM-2

Answer 21

Software platforms and applications within the organization are inventoried

Question 22

ID.AM-3

Answer 22

Organizational communication and data flows are mapped

Question 23

ID.AM-4

Answer 23

External information systems are catalogued

Question 24

ID.AM-5

Answer 24

Resources (e.g., hardware, devices, data, time, personnel, and software) are prioritized based on their classification, criticality, and business value

Question 25

ID.AM-6

Answer 25

Cybersecurity roles and responsibilities for the entire workforce and third-party stakeholders (e.g., suppliers, customers, partners) are established

Question 26

CSF: Categories of Identify

Answer 26

Asset Managment
Business Environment
Governance
Risk Assessment
Risk Management Strategy
Supply Chain Risk Management

Question 27

HIPAA

Answer 27

Health Insurance Portability and Accountability Act

Question 28

VPC

Answer 28

Virtual Private Cloud

Question 29

ARN

Answer 29

Amazon Resource Name

Question 30

ECS

Answer 30

Elastic Container Service

Question 31

ELB

Answer 31

Elastic Load Balancer

Question 32

CORS

Answer 32

Cross-Origin Resource Sharing

Question 33

SGT

Answer 33

Security Group Tag

Question 34

ADM (re: architecture framework)

Answer 34

Architecture Development Method
The core of TOGAF
Proven way of developing an architecture
Iterative

Question 35

ACF (RE: architecture frameworks)

Answer 35

Architecture Content Framework
Deliverables, artifacts, building blocks

Question 36

The Enterprise Continuum

Answer 36

The Architecture Repository

Question 37

ABBs

Answer 37

Architectural Building Blocks

Question 38

Togaf TRM

Answer 38

Technical Reference Model

Question 39

HKS

Answer 39

Hitachi Kubernetes Service

Question 40

HKE

Answer 40

Hitachi Kubernetes Engine

Question 41

NIST Zero Trust SP

Answer 41

SP 800-207

Question 42

PEP (ZT)

Answer 42

Policy Enforcement Point

Question 43

PDP (ZT)

Answer 43

Policy Decision Point

Question 44

PDP is broken into what two components

Answer 44

Policy Engine and Policy Administrator

Question 45

IGP (around Authn)

Answer 45

Identity Governance Program

Question 46

PE/PA (ZTA)

Answer 46

Policy Engine/Policy Administrator

Question 47

CMDB lead

Answer 47

Mahesh Mukka

Question 48

HV vision

Answer 48

To deliver data-driven solutions for commercial and industrial enterprises

To capitalize on Hitachi’s social innovation capability in both operational technologies (OT) and information technologies (IT).

Question 49

Hitachi Credo

Answer 49

Contribute to society through the development of superior, original technology and products

Question 50

SANS Top 20 CSC 1

Answer 50

Inventory of Authorized and Unauthorized devices

Question 51

SANS Top 20 CSC 2

Answer 51

Inventory of Authorized and Unauthorized software

Question 52

TPRM

Answer 52

Third Party Risk Management

Question 53

Wa

Answer 53

harmony, trust, respect

Question 54

Makoto

Answer 54

Sincerity, Fairness, Honesty, Integrity

Question 55

Kaitakusha-Seishin

Answer 55

Pioneering Spirit, Challenge

Question 56

VMDR

Answer 56

Vulnerability Management Detection and Response

Question 57

Zero Trust Tenets

Answer 57

*Identity - User identity, Device Identity, User Analytics
*Applications - Catalog, Entitlements, Logging
*Enforcement - Policy Engine Segmentation, Encryption
*Enrichment - Threat Intelligence, Network Analytics, Automation

Question 58

RFO

Answer 58

Reason for Outage

Question 59

Aditya

Answer 59

Choppara
Network Operations Engineer
India
Reports to Ibrahim Anchal

Question 60

Ankit

Answer 60

Yadav
IT Infrastructure Engineer (VMware)
Colorado
Reports to Hari Kumar Nadipalli

Question 61

HV data classification

Answer 61

Public, confidential, restricted

Question 62

HRO

Answer 62

Hitachi Remote Operations

Question 63

Global COE Presales person

Answer 63

Will Edds

Question 64

Will Edds
Postion
Time Zone

Answer 64

Global COE Presales
Eastern Time (PT+3)

Question 65

Qualys person

Answer 65

Francisco Contreras

Question 66

Sylwia Jedrzejczyk
position
time zone

Answer 66

Threat and Vulnerability Management
Krakow, Poland (pt + 9h)

Question 67

Threat and Vulnerability Management Person

Answer 67

Sylwia Jedrzejczyk

Question 68

CSVS

Answer 68

OWASP Container Security Verification Standard

Question 69

DEVOPS cycle

Answer 69

Plan
Code
Build
Test
Release
Deploy
Operate
Monitor

Question 70

Management areas

Answer 70

Strategy
Coordination
Resource Allocation
Objectives

Question 71

Windows Server Administrator

Answer 71

Ravikiran Dushetti

Question 72

Ravikiran Dushetti

Answer 72

Windows Server Administrator

Question 73

LSH (HV Product)

Answer 73

Lumada Solution Hub

Question 74

Configuration Compliance policy (Is this HV Policy doc#?)

Answer 74

CO-07.2

Question 75

DORA (regulation)

Answer 75

Digital Operational Resilience ACT

The Digital Operational Resilience Act, or DORA, is a European Union (EU) regulation that creates a binding, comprehensive information and communication technology (ICT) risk management framework for the EU financial sector.

Question 76

Security by Design

Answer 76

Security is considered at every step from requirements to deployment.

Question 77

Risk Mitigation choices

Answer 77

Reduce
Avoid
Transfer
Accept
Reject

Question 78

Threats

Answer 78

Intentions with capability

Question 79

Risk

Answer 79

Most often measured based on Probability and Impact

Question 80

Risk Assessment

Answer 80

Risk Assessment involves identification of risk through analysis of assets, threats and vulnerabilities, including their impacts and likelihood.

Question 81

Threat modeling (focus)

Answer 81

Threat modeling primarily focuses on data assets and involves systematically identifying the potential risks and vulnerabilities which are exploitable but from an attackers viewpoint

Question 82

Risk focus

Answer 82

event focused

Question 83

Threats focus

Answer 83

intentions

Question 84

STRIDE

Answer 84

Spoofing
Tampering
Repudiation
Information Disclosure
Denial of Service
Escalation of Privileges

Question 85

Threats are addressed by:

Answer 85

Mitigation
Elimination
Transference
Acceptance

Question 86

DREAD is used for?

Answer 86

Assess, analyze, and find probability of risk by rating the threats

Question 87

DREAD

Answer 87

Damage
Reproducibility
Exploitability
Affected users
Discoverability

Question 88

CSOD

Answer 88

Related to our training system

Question 89

HMAC

Answer 89

Hash-based Message Authentication Codes

Question 90

AWS RDS

Answer 90

Amazon Relational Database Service