Point to be remembered@27th march

Question 1

Policy, NIST 800-12

Answer 1

> mandtory
high level statements
regulatory and industry specific business standards are integrated
goal to support directive , long term ,strategic goals to achieve,scope
business case
Sr manaegement responsibility
enforcement and accountability
issue speciic policy : email , nework safety
System specific policy : Hardware software related policy each inidividual has differenct
acceptable usage policy : use printer for personal work in office
regulatory : government
Advisory : suggestions, organizational behavior
informative policy , not enforceable , issue specific to organization
Standrds –> Mandatory –> Procedures
Reinforce policy

Laws/Regulations/Standards Driver
ORG policy : Managment statements
Issue or system specific polcy : Managemnt security directive

Question 2

Risk Management

Answer 2

Risk Management 
  1. Risk assessment : identify threats assets vulnerabilities
    1.1 OCTAVE
    1.2 FRAP
    1.3 NIST 800-30
        9 Step process
        a.System charateriztion
        b.threat identification
        c.vulnerability identification
        d.control analysis
        e.likelihood determination
        f.Impact analysis
        risk determination
        control recommendtion
        results documentation

2. Risk Analysis : Value of potential risks
3. Risk Mitigation : responding to risk
4. Risk monitoring : risk is for ever

Question 3

BIA will be conducted by

Answer 3

BCP steering committee

Question 4

BCP life cycle

Answer 4

BCP life cycle

Risk assessmnet . business impact analysis 
RTO MTD defination 
BCP plan, resource assignment
BCM exercise
awareness and training 
communicate

Question 5

Evidence

Answer 5

Chain of custody evidence

who obtained and secured it?
where and when it was obtained
who had control and possesion of the evidence?
secure sorage in a monitoed vault is common?

Evidence Life cycle

Collection identification and protection
analysis
storage preservation transportation
present in court,and opinions
return the property to victim

Question 6

DRP PHASE nist 800-34

Answer 6

1.Develop continuity planning policy statement

write a policy that provides the guidance necesary to develop
BCP and that assigns authority to the necessary roles to carry out these tasks

2.condict business impact analysis
identify critical functions and systems that allows the origanization
to priotirize them based on necessity

3.identify preventive controls

once the threats are recongnized ,identify and implement controls and countermeasure to reduce the
organizational risk levels in a economical manner

4.develop recovery strategies

formulate the methods to ensure systems and critical funstions can be brought online quickly

5. develp the contigency plan

write procedures and guidelines how the organization can still stay functional in a crippled state
6.Test the plan
test the plan to identify deficiencies in the BCP conduct training to properly prepare individuals on their extended tasks

7.maintain th plan
put in place steps to ensure the BCP is a living document that is updted regularly

Question 7

cobit 4 domains

Answer 7

plan and organize
acquire and implement
delivery and support
monitor and evaluate

Question 8

social enginnering phases

Answer 8

Research
In the research phase, the attacker tries to gather information about the target company. The information about the target can be collected from various resources and means, such as dumpster diving, the company’s website, public documents, physical interactions, and so on. Research is necessary when targeting a single user.

Hook
In this phase the attacker makes the initial move by trying to start a conversation with the selected target after the completion of the research phase.

Play
The main purpose of this step is to make the relationship stronger and continue the dialog to exploit the relationship and get the desired information for which the communication was initiated.

Exit
This is the last phase of the social engineering attack, in which the social engineer walks out of the attack scene or stops the communication with the target without creating a scene or doing anything that will make the target suspicious.

Question 9

cobit provides

Answer 9

control objectives
control practices
goal indicators
performance indicators
success factors
maturity models

Question 10

BCP DRP steaps

Answer 10

Project initiation
strategy development
BIA
plan development
implementation
testing
maintenance

Question 11

BIA STEPs

Answer 11

1. select individuals for interviews of data gathering
2. Create dta gathering tecniques
3. identify the companys critical business functions
4. identify the resources these functions are dependent upon
5. calculte how long the functions can survice without these resources
6. identify vulnerabilities nd t these functions
7. calculate the risk of each different business functions
8. document findings and report them to management

Question 12

Grudge attacks

Answer 12

politically motivated hacktivism

Question 13

volatile data

Answer 13

investigation should always start from volatile to persistent

Question 14

triage

Answer 14

tracking the movement of virus

Question 15

CERT

Answer 15

computer crime and emergency response