Play It Safe Manage Security Risk

Question 1

National Institute of Standards and Technology (NIST) Cybersecurity Framework
(CSF):

Answer 1

A voluntary framework that consists of standards, guidelines, and best practices
to manage cybersecurity risk

1. Prepare
2. Categorize
3. Select
4. Implement
5. Assess
6. Authorize
   7.Monitor

Question 2

Assess:

Answer 2

The fifth step of the NIST RMF that means to determine if established controls are implemented correctly

Question 3

Authorize:

Answer 3

The sixth step of the NIST RMF that refers to being accountable for the security and privacy risks that may exist in an organization

Question 4

Business continuity:

Answer 4

An organization’s ability to maintain their everyday productivity by establishing risk disaster recovery plans

Question 5

Categorize:

Answer 5

The second step of the NIST RMF that is used to develop risk management processes and tasks

Question 6

External threat:

Answer 6

Anything outside the organization that has the potential to harm organizational assets

Question 7

Implement:

Answer 7

The fourth step of the NIST RMF that means to implement security and privacy plans for an organization

Question 8

Internal threat:

Answer 8

A current or former employee, external vendor, or trusted partner who poses a security risk

Question 9

Monitor:

Answer 9

The seventh step of the NIST RMF that means be aware of how systems are operating

Question 10

Prepare:

Answer 10

The first step of the NIST RMF related to activities that are necessary to manage security and privacy risks before a breach occurs

Question 11

Ransomware:

Answer 11

A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access

Question 12

Risk:

Answer 12

Anything that can impact the confidentiality, integrity, or availability of an asset

Question 13

Risk mitigation:

Answer 13

The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach

Question 14

Security posture:

Answer 14

An organization’s ability to manage its defense of critical assets and data and react to change

Question 15

Select:

Answer 15

The third step of the NIST RMF that means to choose, customize, and capture documentation of the controls that protect an organization

Question 16

Shared responsibility:

Answer 16

The idea that all individuals within an organization take an active role in lowering risk and maintaining both physical and virtual security

Question 17

Social engineering

Answer 17

A manipulation technique that exploits human error to gain private information, access, or valuables

Question 18

Vulnerability:

Answer 18

A weakness that can be exploited by a threat

Question 19

Attack vectors:

Answer 19

The pathways attackers use to penetrate security defenses

Question 20

Detect:

Answer 20

A NIST core function related to identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detections

Question 21

Encryption:

Answer 21

The process of converting data from a readable format to an encoded format

Question 22

Govern:

Answer 22

A NIST core function related to ensuring an organization establishes, oversees, and improves its cybersecurity strategy, policies, roles, and risk management processes to align with business goals and regulations

Question 23

Identify:

Answer 23

A NIST core function related to management of cybersecurity risk and its effect on an organization’s people and assets

Question 24

National Institute of Standards and Technology (NIST) Special Publication (S.P.) 800-53:

Answer 24

A unified framework for protecting the security of information systems within the U.S. federal government

Question 25

Protect:

Answer 25

A NIST core function used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cybersecurity threats

Question 26

Recover:

Answer 26

A NIST core function related to returning affected systems back to normal operation

Question 27

Respond:

Answer 27

A NIST core function related to making sure that the proper procedures are used to contain, neutralize, and analyze security incidents, and implement improvements to the security process

Question 28

Security audit:

Answer 28

A review of an organization's security controls, policies, and procedures against a set of expectations

Question 29

Security controls:

Answer 29

Safeguards designed to reduce specific security risks

Question 30

Security frameworks:

Answer 30

Guidelines used for building plans to help mitigate risk and threats to data and privacy

Question 31

Security posture:

Answer 31

An organization’s ability to manage its defense of critical assets and data and react to change

Question 32

Threat

Answer 32

Any circumstance or event that can negatively impact assets

Question 33

Chronicle:

Answer 33

A cloud-native tool designed to retain, analyze, and search data

Question 34

Incident response:

Answer 34

An organization’s quick attempt to identify an attack, contain the damage, and correct the effects of a security breach

Question 35

Log:

Answer 35

A record of events that occur within an organization’s systems

Question 36

Metrics:

Answer 36

Key technical attributes such as response time, availability, and failure rate, which are used to assess the performance of a software application

Question 37

Operating system (OS):

Answer 37

The interface between computer hardware and the user

Question 38

Playbook:

Answer 38

A manual that provides details about any operational action

Question 39

Security information and event management (SIEM):

Answer 39

An application that collects and analyzes log data to monitor critical activities in an organization

Question 40

Security orchestration, automation, and response (SOAR):

Answer 40

A collection of applications, tools, and workflows that use automation to respond to security events

Question 41

SIEM tools:

Answer 41

A software platform that collects, analyzes, and correlates security data from various sources across your IT infrastructure that helps identify and respond to security threats in real-time, investigate security incidents, and comply with security regulations

Question 42

Splunk Cloud:

Answer 42

A cloud-hosted tool used to collect, search, and monitor log data

Question 43

Splunk Enterprise:

Answer 43

A self-hosted tool used to retain, analyze, and search an organization's log data to provide security information and alerts in real-time

Question 44

Incident response:

Answer 44

An organization’s quick attempt to identify an attack, contain the damage, and correct the effects of a security breach

Question 45

Playbook:

Answer 45

A manual that provides details about any operational action

Question 46

What are the 8 security domains identified by CISSP?

Answer 46

1. Security & Risk management 2. Asset security 3.Security Architecture & Engineering 4. Communication & Network Security 5. Identity & Access Managment 6. Security Assessment & Testing 7.Security Operations 8. Software Development Security

Question 47

What is the focus of CISSP: Security & Risk Managment

Answer 47

Defining security goals and objectives, risk mitigation, compliance, business continuoity and legal regulations.

Question 48

What is the focus of CISSP: Asset Security?

Answer 48

Securing Digital & Physical Assets. It's also related to the storage, maintenance, retention and destruction of data.

Question 49

What is the focus of CISSP: Security Architecture & Engineering?

Answer 49

On optimizing data security by ensuring effective tools, systems and processes are in place to protect and organizations assets and data.

Question 50

What is the core concept of CISSP Secure Designed Architecture ?

Answer 50

Shared Responsibility

Question 51

What is Shared Responsibility?

Answer 51

All individuals within an organization take an active role in lowering risk and maintaining both physical and virtual.

Question 52

What is the focus of CISSP: Communication & Network Security

Answer 52

Focused on managing and securing physical networks and wireless communication.

Question 53

What is the focus of CISSP: Identity and Access management, also known as IAM?

Answer 53

Access and Authorization to keep data secure, b y making sure users follow established policies to control and manage assets

Question 54

What is the 4 main components to Identity and Access Managment ?

Answer 54

1.Identification 2 Authentication 3.Authorization 4. Accountability

Question 55

What is the focus of CISSP: Security Assessment and Testing ?

Answer 55

Conducting security control testing, collecting and analyzing data, and conducting security audits to monitor for risk, threats and vulnerabilities.

Question 56

What is the focus of CISSP: Security Operations?

Answer 56

Conducting investigations and implementing preventative measures.

Question 57

What is the focus of CISSP: Software Development Security?

Answer 57

On using secure coding practices.

Question 58

Low Risk Assets ?

Answer 58

Information that would not harm the organizations reputation or ongoing operations, and would not cause financial damage if compromised

Question 59

Medium Risk Assets?

Answer 59

Information that is not available to the public and may cause some damage to organizations finances, reputation, and ongoing operations.

Question 60

High Risk Assets?

Answer 60

Information protected by regulations or laws, which is compromised would have a severe negative impact on an organization's finances, ongoing operations, or reputation.

Question 61

What are the three layers of web?

Answer 61

1. Surface web 2. Deep web 3. Dark web

Question 62

What is the CIA triad?

Answer 62

A model which helps inform how organizations consider risk when setting up systems and security policies

Question 63

What does CIA stand for?

Answer 63

1. Confidentiality 2. Integrity 3. Availability

Question 64

CIA Triad :Confidentiality means what?

Answer 64

Only authorized users can access specific assets or data.

Question 65

CIA triad: Integrity means what?

Answer 65

Integrity means that data is correct, authentic and reliable.

Question 66

CIA Triad: Availability means what?

Answer 66

Data is accessible to those who are authorized to access it.

Question 67

What does NIST stand for?

Answer 67

National Institute Of Standards & Technology

Question 68

NIST Cybersecurity Framework (CSF)

Answer 68

A voluntary framework that consist of standards, guidelines and best practices to manage cyber security risk.

Question 69

The NIST CSF Framework consist of six core functions what are they?

Answer 69

1. Govern 2. Indentity 3.Protect 4. Detect 5. Respond 6. Recover

Question 70

What is the NIST S.P. 800-53

Answer 70

A unified framework for protecting the security of information systems within the federal goverment.

Question 71

NIST: Identify

Answer 71

The management of cybersecurity risk and its effect on an organization's people and assets.

Question 72

NIST: Protect

Answer 72

The strategy used to protect and organization through the implementation of policies, procedures, training and tools help to mitigate cybersecurity threats.

Question 73

NIST: Detect

Answer 73

Identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detection.

Question 74

NIST: Respond

Answer 74

Making sure the proper procedures are used to contain, neutralize and analyze security incidents and implement improvements to the security process.

Question 75

NIST: Recover

Answer 75

The process of returning affected systems back to normal operation.

Question 76

What does OWASP stand for?

Answer 76

Open Web Application Security Project

Question 77

What are the OWASP security principles

Answer 77

1. Minimize the attack surface area 2. Principle of least privilege 3. Defense in depth 4. Separation of duties 5. Keep Security Simple 6.Fix security issues correctly

Question 78

What are the 2 types of security audits?

Answer 78

external and internal

Question 79

What are the purpose of security audits?

Answer 79

1. Identify organizational risk 2. Assess controls 3. Correct compliance issues

Question 80

Common elements of a security audit?

Answer 80

1. Establishing the scope and goals 2.Conducting a risk assessment 3.Completing a control 4. Assessing compliance 5.Communicating results

Question 81

What are some common log sources?

Answer 81

Firewall log, Network log, Server log

Question 82

Firewall Log

Answer 82

a record of attempted or established connections for incoming traffic from the Internet. It also include outbound request to the internet from the network.

Question 83

Network Log

Answer 83

a record of all computers and devices that enter and leave the network. It also records connections between devices and services on the network.

Question 84

Server Log

Answer 84

A record of events related to services, such as websites, email, or file shares. It includes actions such as login, password and user name requests.

Question 85

What are the different type of SIEM tools?

Answer 85

1. Self Hosted 2.Cloud Hosted 3. Hybrid Hosted