Protect Data and Communicate Incidents M1 Flashcards
You will recognize the importance of security professionals in the workplace. You'll discover how proper detection and escalation can impact an organization’s security posture.
What does a security mindset enable a security analyst to do when protecting their organization? Select two answers.
- Evaluate risks and identify potential system breaches
- Recognize what they are defending
A security mindset enables an analyst to recognize what they are defending. It also helps them evaluate risks and identify potential system breaches.
Which type of asset would have the least impact on an organization if it were compromised?
- Guest Wi-Fi network
A guest Wi-Fi network is an asset that would have the least impact on an organization if it were compromised because an organization’s business operations would experience little to no impact.
How can security analysts cultivate a security mindset?
- By researching the latest security vulnerabilities
Security analysts can cultivate a security mindset by researching the latest security vulnerabilities. Staying updated about threats and vulnerabilities can help analysts take the necessary actions to prevent potential attacks from happening.
Which of the following examples describes the use of a security mindset? Select two answers.
- Exercising suspicion before opening email attachments
- Reporting suspicious emails
Exercising suspicion before opening email attachments and reporting suspicious emails are examples of the use of a security mindset. A security mindset can help you identify and reduce security risks and potential incidents.
Public Data
Public data, such as press releases, job descriptions, and marketing materials, does not require additional security measures as it is already accessible to the public. While it poses a minimal risk to the organization if viewed or shared by others, it still needs protection from security attacks.
Private Data
Private data is highly sensitive information that should be kept confidential and protected from unauthorized access. If someone gains access to this data without permission, it can pose a significant risk to the organization.
**Examples of private data can include company email addresses, employee identification numbers, and an organization’s research data. **
Sensitive Data
Sensitive data includes personally identifiable information (PII), sensitive personally identifiable information (SPII), and protected health information (PHI). Examples include financial account numbers, social security numbers, passwords, passport numbers, and medical information.
**This information must be protected from everyone who does not have authorized access. Unauthorized access to sensitive data can cause significant damage to an organization’s finances and reputation. **
Asset Classification
Asset classification means labeling assets based on sensitivity and importance to an organization. The classification of an organization’s assets ranges from low- to high-level.
Identify and Protect
Creating business continuity and disaster recovery plans are the final steps of a four-part process that most security teams go through to help ensure the security of an organization.
First, the security team identifies the assets that must be protected in the organization. Next, they determine what potential threats could negatively impact those assets. After the threats have been determined, the security team implements tools and processes to detect potential threats to assets. Lastly, the IT or appropriate business function creates the business continuity and disaster recovery plans. These plans are created in conjunction with one another. The plans help to minimize the impact of a security incident involving one of the organization’s assets.
Conduct a Business Impact Analysis
The business impact analysis step focuses on the possible effects a disruption of business functions can have on an organization.
Identify, Document, and Implement Steps to Recover ritical Business Functions and Processes
This step helps the business continuity team create actionable steps toward responding to a security event.
Organize a Business Continuity Team
This step brings various members of the organization together to help execute the business continuity plan, if it is needed. The members of this team are typically from the cybersecurity, IT, HR, communications, and operations departments.
Conduct Training for the Business Continuity Team
The team considers different risk scenarios and prepares for security threats during these training exercises.
A security analyst notices that an employee has installed an app on their work device without getting permission from the help desk. The log indicates that potentially malicious code might have been executed on the host. Which of these security events should the security analyst escalate to a supervisor?
Both events should be escalated.
Both events should be escalated to a supervisor. There are no issues that are too small or too big. It’s always best to err on the side of caution and report events to the appropriate team members.
Which are types of data and assets that stakeholders are most interested in protecting? Select two answers.
- Sensitive financial data
- Customers’ usernames and passwords
Sensitive financial data and customers’ usernames and passwords are examples of data and assets that stakeholders are most interested in protecting.
