Organizational Security

Question 0

What does quantitative risk analysis include?

Answer 0

Quantitative risk analysis includes intangible factors such as a loss of potential business in determining costs.

Question 1

What is quantitative risk analysis.

Answer 1

Quantitative risk analysis is a dollar amount calculation of the exact cost of the loss due to a disaster.

Question 2

How do you calculate in your Annual Loss Expectancy (ALE)?

Answer 2

ALE is calculated by multiplying the Annual Rate of Occurrence (ARO) in the single loss expectancy [SLE].

Question 3

What is a false positive?

Answer 3

A false positive is a legitimate action that is perceived as a risk or threat.

Question 4

What is a false negative?

Answer 4

A false-negative is a security issue that has passed your security controls as a legitimate action.

Question 5

what is an acceptable use policy?

Answer 5

An acceptable use policy is a set of established guidelines for the appropriate use of computer networks within an organization.

Question 6

What should be done once a user has been terminated?

Answer 6

All user access including physical and network access controls needs to be disabled for an employee once they’ve been terminated this prevents the employee from accessing the facility or the network.

Question 7

After a few incidents where customer data was transmitted to a third-party, your organization is required to create and adhere to a policy that describes the distribution protection and confidentiality of customer data which policies do you create?

Answer 7

A privacy policy is created.

Question 8

You are performing a risk analysis for a complex web-based application. Based on your conclusions regarding the probability, impact, and mitigation cost of an attack based on DNS manipulations or poisoning against your web domain, you decide to place the responsibility of the risk on your ISP, which handles your DNS service. Which risk-management option is this an example of?

Answer 8

Transference.

Question 9

Is the centralize management location from which you provide Internet-based application services to several external clients, which policy do you provide to your clients as an agreement for service uptime?

Answer 9

Service level agreement [SLA]

Question 10

There is a suspicion that a specific employee is performing illegal activities on your computer’s networks. In an effort to gather evidence about his activities, which principle and technique could you employ?

Answer 10

Mandatory vacation

Question 11

As part of a risk analysis of a very large and extensive back end database, you need to calculate the probability and impact of data corruption to the data. Which impact factor allows you to calculate your annual loss due to data corruption?

Answer 11

Annual loss expectancy [ALE] describes how much money you expect to lose on an annual basis because of the impact from the occurrence of a specific risk.

Question 12

You need to create an overall policy for your organization that describes how your users can properly make use of company communications services, such as Web browsing, email and FTP services which policy do you implement?

Answer 12

Acceptable use policy

Question 13

After the initial configuration of an anti-spam email filtering appliance on your network, users are complaining that too many legitimate messages are being flagged as spam in their mailbox. Which concept is this an example of?

Answer 13

False positive

Question 14

Your organization deals with sensitive health insurance information for patients that is covered by the HIPAA compliance policies. Which DLP security technologies would you implement to help protect the confidentiality and privacy of your patient’s health insurance data when communicating the information between healthcare facilities?

Answer 14

Encryption of outbound data containing health insurance information.

Question 15

It has been discovered that a former member of the IT department who switched to the development team still has administrative access to many major network infrastructure devices and servers. Which mitigation techniques should be implemented to help reduce the risk of this event reoccurring?

Answer 15

Regular user permission and rights reviews.

Question 16

A high-level executive has been terminated due to sharing company confidential data with competitors. Which action should be immediately performed?

Answer 16

Change the password and disable all user accounts for the user.

Question 17

What is a privacy policy?

Answer 17

A privacy policy concerns the protection and distribution of private customer data. Any company, especially one engaged in online activities or e-commerce, has a responsibility to adopt and implement a policy for protecting the privacy of individually identifiable information.

Question 18

What is a service level agreement [SLA]?

Answer 18

A service level agreement is an understanding among a supplier of services and the clients of those services that the service in question will be available for a specific percentage of time.

Question 19

What is a zero day attack?

Answer 19

A zero day attack takes advantage of existing software security vulnerabilities before a security fix his been developed or applied.

Question 20

Name the three risk control types

Answer 20

1 management - An ongoing high-level function within your organization
2 operational - how you conduct your daily organizational business to minimize the security risks to your organization and its business activities.
3 technical -actual technical measures used to prevent security risks in your organization

Question 21

Name the four access control policies

Answer 21

1 least privilege
2 separation of duties
3 job rotation
4 mandatory vacation

Question 22

What is quantitative risk analysis?

Answer 22

Quantitative risk analysis is a strict dollar amount calculation of the exact cost of the loss or a specific company asset because of a disaster.

Question 23

what is a single loss expectancy [SLE]?

Answer 23

The single loss expectancy is the potential loss of revenue based on a specific period of downtime.

Question 24

What is the annual rate of occurrence [ARO]?

Answer 24

The annual rate of occurrence is the chance of a risk occurring

Question 25

What is a P2P application?

Answer 25

Peer-to-peer [P2P] networking allows two computers to connect to each other directly and share files rather than through an intermediary server or service.

Question 26

What is phishing?

Answer 26

A phishing scam is a type of email or web security threat that tries to use social engineering to trick an unsuspecting user into visiting a website or replying to an email with confidential personal information such as username address login password and banking or credit card details.

Question 27

What is spear phishing?

Answer 27

Spear phishing is a targeted type of attack that includes information familiar to the user and could appear to be from a trusted source such as a company that the user has previously purchased a product from or a financial service that the victim has used previously or even a specific trusted user.

Question 28

What is whaling?

Answer 28

Whaling is a type of phishing attack that is targeted at a specific high-level user such as a CEO of a company.

Question 29

what is pharming?

Answer 29

Pharming is a type of social engineering attack where a user is misdirected to an attacker’s website without his knowledge.

Question 30

How does pharming occur?

Answer 30

Pharming occurs when code is installed on the computer that actually modifies the destination URL to that of the attacker even if the URL is entered correctly or chosen from a web browser bookmark.

Question 31

What is spim?

Answer 31

Spim is instant messaging spam. A user receives an unsolicited instant message from another user including users that are known and in the clients contact list.

Question 32

what is vishing?

Answer 32

Vishing is when a hacker can program their autodialers to send recorded messages from spoofed voice addresses these messages can claim they are from bank call centers to retrieve personal information.

Question 33

How do you handle an email hoax?

Answer 33

An email hoax usually is an attempt to clog up the network. Delete the email and do nothing else.

Question 34

What is a first responder?

Answer 34

A first responder is the person or persons who are notified and respond to a security incident.

Question 35

What is forensics?

Answer 35

Forensics is the act of collecting and preserving evidence to use in a court of law for legal proceedings.u

Question 36

When collecting forensic evidence which data should you preserve first?

Answer 36

The most volatile data should be saved first. You should focus on system memory or crash dump files, error messages on screens and log files.

Question 37

How do you preserve data integrity on forensic evidence?

Answer 37

To help preserve data integrity you can create an MD5 hash of the file immediately after the incident.

Question 38

What method is used to reserve data integrity?

Answer 38

Hashing preserves the message integrity by ensuring that the original data has not been tampered with.

Question 39

You have enacted a new policy to combat the issue of confidential data and documents being stolen or leaked internally within the office after a user had confidential papers taken from their office. Which policy do you use?

Answer 39

Clean desk policy

Question 40

Redundancy planning is a crucial part of business continuity planning. Which two factors are important in redundancy planning?
A. Backup strategy
B. Fault tolerance
C. Self sustaining
D. High availability

Answer 40

B. Fault tolerance

D. High availability

Question 41

Which values are assigned to a critical function as part of a business impact analysis?
A. Performance baseline
B. Recovery time objective
C. Recovery point objective
D. Performance trend
E. Mean time between failure

Answer 41

B. Recovery time objective

C. Recovery point objective

Question 42

In an attempt to boost overall network security, a company hired you as a consultant. Which type of review should be performed on a reguar basis
A. User disk quota reviews
B. Security footage reviews
C. User password reviews
D. User permissions review

Answer 42

D. User permissions review

Question 43

What type of environment are hot/cold aisles deployed in?
A. Server rooms
B. Mantrap
C. Honeypot
D. Wiring closet

Answer 43

A. Server rooms

Question 44

Your organization wants to prevent unintended outages caused from changes to systems. What could they use?
(A) Patch management
(B) Regression testing
(C) Change management
(D) Security template

Answer 44

C
A change management system helps prevent unintended outages from unauthorized changes, and provides a method of documenting all changes.

Question 45

Your organization is addressing single points of failure as potential risks to security. What are they addressing?
(A) Confidentiality
(B) Integrity
(C) Availability
(D) Authentication

Answer 45

C
By addressing a single point of failure (SPOF), you increase availability. An SPOF can be a drive, a server, power, cooling or any other item whose failure will cause the entire system to fail.

Question 46

What is the top-most level of the LDAP hierarchy?

Answer 46

Root

Question 47

Which assessment examines physical and electronic information handling issues to determine whether security weaknesses exist?

Answer 47

An organizational risk assessment

Question 48

What is the first step in a business impact analysis?

Answer 48

Identify all of the organization’s business units

Question 49

What is the purpose of Network Access Control (NAC)?

Answer 49

It ensures that the computer on the network meets an organization’s security policies.

Question 50

Who is responsible for most security incidents in an organization?

Answer 50

Employees

Question 51

Which type of risk analysis is based on the expert

judgment and intuition of members of an organization?

Answer 51

Qualitative Risk Analysis

Question 52

Which risk response strategy involves purchasing
insurance to protect the organization should the risk
occur?

Answer 52

Transference

Question 53

In which location should all changes made to your

organization’s network and computers be listed?

Answer 53

In the change management system

Question 54

What is the primary goal of business continuity planning?

Answer 54

Maintain the organization