Play It Safe: Manage Security Risks

Question 1

Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor

Answer 1

Name the steps of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) in order

Question 2

Assess

Answer 2

The fifth step of the NIST RMF that means to determine if established controls are implemented correctly.

Question 3

Authorize

Answer 3

The sixth step of the NIST RMF that refers to being accountable for the security and privacy risks that may exist in an organization.

Question 3

Business continuity

Answer 3

An organization’s ability to maintain their everyday productivity by establishing risk disaster recovery plans.

Question 4

Categorize

Answer 4

The second step of the NIST RMF that is used to develop risk management processes and tasks.

Question 5

External threat

Answer 5

Anything outside the organization that has the potential to harm organizational assets.

Question 6

Implement

Answer 6

The fourth step of the NIST RMF that means to implement security and privacy plans for an organization.

Question 7

Monitor

Answer 7

The seventh step of the NIST RMF that means be aware of how systems are operating.

Question 8

Prepare

Answer 8

The first step of the NIST RMF related to activities that are necessary to manage security and privacy risks before a breach occurs.

Question 9

Risk mitigation

Answer 9

The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach.

Question 10

Select

Answer 10

The third step of the NIST RMF that means to choose, customize, and capture documentation of the controls that protect an organization.

Question 11

Shared responsibility

Answer 11

The idea that all individuals within an organization take an active role in lowering risk and maintaining both physical and virtual security.

Question 12

What are the five core functions of NIST CSF?

Answer 12

Identify, protect, detect, respond, and recover.

Question 13

What does OWASP stand for?

Answer 13

Open Worldwide Application Security Project

Question 14

What is OWASP’s security principles?

Answer 14

Minimize attack surface area, Principle of least privilege, Defense in depth, Separation of duties, Keep security simple, and Fix security issues correctly.

Question 15

Security audit

Answer 15

A review of an organization’s security controls, policies, and procedures against a set of expectations

Question 16

List the audit checklist

Answer 16

Identify the scope of the audit, Complete a risk assessment, Conduct the audit, Create a mitigation plan, and Communicate results to stakeholders.

Question 17

Attack vectors

Answer 17

The pathways attackers use to penetrate security defenses.

Question 18

Authentication

Answer 18

The process of verifying who someone is.

Question 19

Authorization

Answer 19

The concept of granting access to specific resources in a system.

Question 20

Biometrics

Answer 20

The unique physical characteristics that can be used to verify a person’s identity.

Question 21

Detect

Answer 21

A NIST core function related to identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detections.

Question 22

Encryption

Answer 22

The process of converting data from a readable format to an encoded format.

Question 23

Identify

Answer 23

A NIST core function related to management of cybersecurity risk and its effect on an organization’s people and assets.

Question 24

National Institute of Standards and Technology (NIST) Special Publication (S.P.) 800-53

Answer 24

A unified framework for protecting the security of information systems within the U.S. federal government.

Question 25

Open Worldwide Application Security Project (OWASP)

Answer 25

A non-profit organization focused on improving software security.

Question 26

Protect

Answer 26

A NIST core function used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cybersecurity threats.

Question 27

Recover

Answer 27

A NIST core function related to returning affected systems back to normal operation.

Question 28

Respond

Answer 28

A NIST core function related to making sure that the proper procedures are used to contain, neutralize, and analyze security incidents, and implement improvements to the security process.

Question 29

What does SOAR stand for?

Answer 29

Security orchestration, automation, and response

Question 30

Security orchestration, automation, and response (SOAR)

Answer 30

A collection of applications, tools, and workflows that uses automation to respond to security events.

Question 31

Chronicle

Answer 31

A cloud-native tool designed to retain, analyze, and search data.

Question 32

Incident response

Answer 32

An organization’s quick attempt to identify an attack, contain the damage, and correct the effects of a security breach.

Question 33

Metrics

Answer 33

Key technical attributes such as response time, availability, and failure rate, which are used to assess the performance of a software application.

Question 34

SIEM tools

Answer 34

A software platform that collects, analyzes, and correlates security data from various sources across your IT infrastructure that helps identify and respond to security threats in real-time, investigate security incidents, and comply with security regulations.

Question 35

Splunk Cloud

Answer 35

A cloud-hosted tool used to collect, search, and monitor log data.

Question 36

Splunk Enterprise

Answer 36

A self-hosted tool used to retain, analyze, and search an organization’s log data to provide security information and alerts in real-time.