Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cyber risk assessment and management > Question / Answers > Flashcards

Question / Answers Flashcards

1
Q

Name and explain the three evaluation criteria for risk assessment according to BSI Standard 100-3.

A
  • Completeness: Do the standard security measures provide protection for all aspects of each threat? (Example: Was the back door to the building and on the emergency exits also considered?)
  • Mechanism strength: Do the protection mechanisms recommended in the standard security measures counteract each threat adequately? (Example: Are the specifications for the minimum key length adequate?)
  • Reliability: How difficult is it to circumvent the planned security mechanisms? (Example: How easy is it for users to gain entry to the server room and therefore circumvent the file access control?)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name the three steps of the post-processing phase in the incident response process and provide an example for each.

A

Lessons learned:
The lessons learned meeting is used for improving and learning. In the meeting, the team reviews the event and identifies improvements.

Example Task: Hold a post-mortem meeting with the incident response team. Discuss what went well, what could be improved, and document actionable recommendations. For instance, if the incident revealed gaps in communication during critical moments, the lessons learned might emphasize the need for better coordination and timely updates.

Documentation:
Documentation is key for a proper incident response process. It is particularly helpful if similar events are happening.

Example:

Continuous Improvement:
Explanation: Implement changes based on lessons learned to enhance overall incident response capabilities.
Example Task: Update incident response playbooks, refine procedures, and provide additional training to team members. Continuously monitor and adapt the incident response process to stay resilient against evolving threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain the difference between a risk and a threat and how they relate. Provide an example of a threat resulting in risk for an organization and an example of a threat without risk for an organization.

A

Risk: level of impact a threat
can have on an organization, combined with the likelihood of that threat occurring.

Threat: A threat refers to a potential event or action that can exploit a vulnerability in a system or organization, resulting in harm.

How are Threat and risk related?:
a threat does not equal a risk. Not all threats to an organization
are also risks, but all risks contain a threat. A threat that stands on its own, independent
from an organization, would not cause an issue.

Example of a Threat Resulting in Risk for an Organization:

Consider an organization that stores sensitive customer data on its servers. A cybercriminal gains unauthorized access to the organization’s network (the threat) by exploiting a vulnerability in its outdated software. As a result, the cybercriminal steals the customer data and sells it on the dark web. In this scenario, the threat (cyberattack) has resulted in risk for the organization, including potential financial losses due to legal liabilities, reputational damage, and loss of customer trust.

Example of a Threat without Risk for an Organization:

Now, imagine the same organization has robust cybersecurity measures in place, including regular software updates, firewalls, intrusion detection systems, and employee training on cybersecurity best practices. Despite receiving numerous attempted cyberattacks (threats), none of them are successful in breaching the organization’s defenses. In this case, although threats exist, the organization’s effective security measures mitigate the risks associated with these threats, resulting in no actual harm or damage to the organization. Thus, the threats exist but do not pose a significant risk due to the organization’s proactive risk management strategies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

List six steps of the risk management process according to NIST SP 800-37, and provide and explain an example task for each step.

A

Prepare: Develop a risk management plan outlining the scope, objectives, roles and responsibilities, and methodology for the risk management process. This plan should include a communication strategy to ensure that all stakeholders are informed and involved throughout the process.

Categorize: Conduct a criticality analysis to categorize information systems and assets based on their impact on the organization’s mission and objectives. This analysis may consider factors such as data sensitivity, system functionality, and the potential consequences of loss or compromise.

Select: Referencing the organization’s risk management framework, select security controls from relevant standards and guidelines (such as NIST SP 800-53) that are appropriate for mitigating identified risks within the organization’s information systems and assets.

Implement: Develop and implement security policies, procedures, and technical measures to deploy the selected security controls within the organization’s information systems. This may involve configuring firewalls, implementing encryption mechanisms, and enforcing access controls.

Assess: Conduct security control assessments, such as vulnerability scans, penetration tests, and security audits, to evaluate the effectiveness of the implemented controls in reducing identified risks to an acceptable level.

Authorize: Review the assessment findings and determine whether the residual risks associated with the information systems are acceptable within the organization’s risk tolerance. Based on this analysis, authorize the information systems to operate or implement additional measures to further mitigate identified risks.

Monitor: Establish a continuous monitoring program to regularly assess the effectiveness of security controls, detect and respond to security incidents, and update risk assessments based on changes in the organization’s environment or threat landscape. This may involve real-time monitoring of security alerts, periodic security assessments, and ongoing risk analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Name and explain the three levels of risk management according to NIST

A

Organization Level: At the organization level, risk management involves establishing an overall risk management strategy and governance structure that aligns with the organization’s mission, objectives, and risk tolerance. This level focuses on strategic decision-making and setting policies and procedures to manage risks across the entire organization. It includes establishing roles and responsibilities, defining risk management processes, and allocating resources for risk management activities.

Mission/Business Process Level: The mission/business process level involves identifying and managing risks specific to individual mission or business processes within the organization. At this level, organizations assess the impact of risks on critical processes and prioritize risk mitigation efforts accordingly. This level of risk management is more focused and tailored to the unique requirements of each mission or business process, considering factors such as operational requirements, dependencies, and criticality.

Information System Level: At the information system level, risk management is applied to individual information systems and the data they process, store, and transmit. This level involves identifying system-specific risks, selecting and implementing security controls to mitigate those risks, and assessing the effectiveness of those controls. It includes activities such as system categorization, security control selection and implementation, security control assessments, and authorization to operate (ATO) decisions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A company has identified a design flaw in its web application, the rectification of which would cost 10,000 euros. The application processes intellectual property of customers, and the design flaw could potentially expose this data. Explain when and why the company must mitigate the risk.

A

The company must mitigate the risk posed by the design flaw in its web application as soon as possible. There are several reasons why mitigation is necessary:

Protection of Intellectual Property: The web application processes intellectual property of customers, which is likely sensitive and valuable information. Any exposure of this data due to the design flaw could lead to significant harm, including theft, unauthorized access, or disclosure to competitors. Mitigating the risk helps protect the company’s intellectual property and preserves its competitive advantage.

Legal and Regulatory Compliance: Depending on the nature of the intellectual property processed by the web application and the jurisdiction in which the company operates, there may be legal and regulatory requirements governing the protection of customer data. Failure to address the design flaw could result in non-compliance with these regulations, leading to potential fines, legal actions, or reputational damage.

Customer Trust and Reputation: Customers expect companies to safeguard their sensitive information and privacy. If the design flaw leads to a data breach or unauthorized access to intellectual property, it could erode customer trust and damage the company’s reputation. Mitigating the risk demonstrates a commitment to security and customer protection, helping to maintain trust and loyalty.

Financial Impact: While the cost of rectifying the design flaw may seem significant (e.g., 10,000 euros in this case), the potential financial impact of a data breach or loss of intellectual property could be far greater. Data breaches can result in direct financial losses due to legal costs, regulatory fines, and compensation to affected customers, as well as indirect costs such as damage to brand reputation and loss of business opportunities. Investing in risk mitigation upfront can help prevent or minimize these potential financial impacts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name and explain the various sources of threats and provide two examples for each.

A

Human Threats:

Insider Threats: These threats arise from individuals within the organization who misuse their access privileges or intentionally cause harm.
Example 1: An employee with access to sensitive customer data steals the information for personal gain or to sell it to competitors.
Example 2: A disgruntled former employee launches a cyberattack against the company’s network, aiming to disrupt operations or cause damage.
Social Engineering: Social engineering involves manipulating individuals into divulging confidential information or performing actions that compromise security.
Example 1: A hacker poses as a trusted IT support technician and convinces an employee to share their login credentials, allowing unauthorized access to the company’s systems.
Example 2: A phishing email impersonates a legitimate organization (e.g., a bank or a government agency) and tricks recipients into clicking on malicious links or providing personal information.
Technical Threats:

Malware: Malware refers to malicious software designed to disrupt, damage, or gain unauthorized access to computer systems.
Example 1: A ransomware attack infects the company’s computers, encrypting files and demanding payment for their release.
Example 2: A keylogger silently captures keystrokes on a user’s device, including passwords and other sensitive information, which are then sent to the attacker.
Vulnerabilities: Vulnerabilities are weaknesses in software, hardware, or network configurations that can be exploited by attackers to compromise systems.
Example 1: An unpatched software vulnerability in the company’s web server allows attackers to execute arbitrary code and gain unauthorized access to the server.
Example 2: A misconfigured firewall permits unauthorized inbound traffic to the company’s internal network, exposing sensitive data to external threats.
Environmental Threats:

Natural Disasters: Natural events such as floods, earthquakes, fires, or storms can disrupt business operations and cause damage to infrastructure.
Example 1: A severe flood damages the company’s data center, resulting in data loss and extended downtime for critical systems.
Example 2: A wildfire threatens the company’s headquarters, forcing evacuation and disrupting operations until the area is deemed safe for return.
Power Outages: Power outages or electrical failures can disrupt access to critical systems and lead to data loss or corruption.
Example 1: A widespread power outage in the region causes the company’s servers to shut down unexpectedly, leading to temporary loss of services and potential data corruption.
Example 2: A sudden power surge damages the company’s network infrastructure, rendering it inoperable until repairs can be completed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In a web application, a security vulnerability has been found. This vulnerability can be exploited to access internal server data. The security vulnerability can only be exploited if a user is logged in. List nine possible mitigation measures and classify the mitigation strategy of each measure.

A

Implement Multi-factor Authentication (MFA):

Classification: Preventive
Explanation: Require users to provide multiple forms of authentication (such as a password and a one-time code sent to their phone) before accessing the application. This adds an extra layer of security, making it more difficult for unauthorized users to exploit the vulnerability even if they manage to gain login credentials.
Enforce Strong Password Policies:

Classification: Preventive
Explanation: Require users to create strong passwords with a combination of alphanumeric characters, special symbols, and minimum length requirements. This helps prevent unauthorized access via brute-force attacks or password guessing.
Implement Session Management Controls:

Classification: Detective
Explanation: Set session timeouts to automatically log users out after a period of inactivity. Additionally, implement mechanisms to detect and terminate suspicious or inactive sessions to reduce the window of opportunity for attackers to exploit the vulnerability.
Regular Security Patching and Updates:

Classification: Corrective
Explanation: Regularly apply security patches and updates to the web application and underlying server software to fix known vulnerabilities and weaknesses. This helps address the root cause of the vulnerability and reduces the likelihood of exploitation.
Implement Role-based Access Controls (RBAC):

Classification: Preventive
Explanation: Restrict access to sensitive data and functionalities based on users’ roles and permissions. Only users with specific roles or privileges should be allowed to access internal server data, reducing the attack surface and limiting the impact of potential exploits.
Use Web Application Firewalls (WAF):

Classification: Preventive
Explanation: Deploy a WAF to monitor and filter HTTP traffic between the web application and the internet. WAFs can help detect and block suspicious requests or malicious payloads that attempt to exploit the vulnerability.
Implement Input Validation and Sanitization:

Classification: Preventive
Explanation: Validate and sanitize user inputs to prevent injection attacks, such as SQL injection or cross-site scripting (XSS). By validating and sanitizing input data, the application can prevent attackers from injecting malicious code to exploit the vulnerability.
Encrypt Sensitive Data at Rest and in Transit:

Classification: Preventive
Explanation: Encrypt sensitive data stored on the server and ensure that data transmitted between the client and server is encrypted using secure protocols (e.g., HTTPS). Encryption helps protect data confidentiality and integrity, even if attackers manage to access it.
Implement Intrusion Detection and Monitoring:

Classification: Detective
Explanation: Deploy intrusion detection systems (IDS) or intrusion prevention systems (IPS) to monitor network traffic and detect suspicious activities or attempts to exploit the vulnerability. Monitoring and alerting mechanisms can help identify and respond to potential threats in real-time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Name three differences and three similarities between STRIDE and LINDDUN.

A

Focus on Threat Categories:

  • STRIDE: STRIDE focuses on categorizing threats based on six different threat types: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. It identifies threats based on the attacker’s actions or objectives.
  • LINDDUN: LINDDUN, on the other hand, categorizes threats based on six architectural properties: Linkability, Identifiability, Non-repudiation, Detectability, Disclosure of Information, and Unawareness. LINDDUN focuses more on architectural vulnerabilities and how they can be ex-ploited.
  1. Application Stage:
    * STRIDE: STRIDE is typically applied during the design and develop-ment stages of software engineering. It helps in identifying potential threats early in the software development lifecycle to design appropri-ate security controls.
    * LINDDUN: LINDDUN is often applied during the architectural design phase of software development. It focuses on identifying architectural vulnerabilities and making design decisions to mitigate these vulnera-bilities.
  2. Origin and Usage:
    * STRIDE: STRIDE was originally developed by Microsoft as a threat modeling framework for designing secure software systems. It is widely used in the software industry, especially in environments where Mi-crosoft technologies are prevalent.
    * LINDDUN: LINDDUN was developed by Cigital (now Synopsys) as a lightweight threat modeling approach specifically for agile and DevOps environments. It is designed to be simpler and more accessible than traditional threat modeling frameworks like STRIDE.
    .

Similarities:
1. Structured Approach:
* Both STRIDE and LINDDUN provide structured methodologies for iden-tifying and categorizing threats to software systems. They offer a sys-tematic approach to analyzing potential vulnerabilities and risks.
2. Six Categories:
* Both frameworks use a categorization scheme based on six elements. While STRIDE focuses on threat types (Spoofing, Tampering, Repudia-tion, Information Disclosure, Denial of Service, and Elevation of Privi-lege), LINDDUN focuses on architectural properties (Linkability, Identi-fiability, Non-repudiation, Detectability, Disclosure of Information, and Unawareness).
3. Integration with Development Lifecycle:
* Both frameworks emphasize integrating threat modeling into the soft-ware development lifecycle. They promote the idea of considering se-curity concerns early in the design and development stages to build more secure software systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Name and explain three LINDDUN threats.

A

Linkability:

Threat: Linkability refers to the ability to link different pieces of information together, which can lead to unintended correlations or associations between data elements. Attackers may exploit linkability to aggregate and analyze data to reveal sensitive information or patterns.
Explanation: For example, in a healthcare system, if patient records are not properly anonymized or if identifiers such as social security numbers or medical record numbers are exposed, an attacker could correlate patient data across different databases or systems. This could lead to breaches of privacy or unauthorized access to sensitive medical information.

Identifiability:

Threat: Identifiability refers to the ability to uniquely identify individuals or entities based on available information. When sensitive information is exposed or improperly handled, it may be possible for attackers to identify specific individuals or entities.
Explanation: For instance, in an online platform where users are required to register with personal information such as email addresses or usernames, if this information is leaked or improperly protected, attackers could use it to identify and target specific users. This could lead to various risks such as identity theft, harassment, or unauthorized access to accounts.
Non-repudiation:

Threat: Non-repudiation refers to the inability of a party to deny the authenticity or origin of a message or action. If non-repudiation is not ensured, it becomes possible for malicious actors to deny their involvement in certain actions or transactions.
Explanation: For example, in an e-commerce application, if proper mechanisms for non-repudiation are not in place, a user could make a purchase and then deny having placed the order. Without sufficient evidence to prove otherwise, such as transaction logs or digital signatures, the user’s claim of non-involvement could be difficult to refute, leading to potential disputes or loss of revenue for the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Name three risk management strategies and provide an example for each.

A

Risk Avoidance:

Definition: Risk avoidance involves taking actions to eliminate or avoid activities, processes, or exposures that pose a significant risk to the organization.
Example: An organization decides not to engage in a particular business venture that carries a high risk of financial loss or reputational damage. For instance, a company may choose not to enter a volatile market with uncertain demand and potential regulatory hurdles, thereby avoiding the associated risks.

Risk Mitigation:

Definition: Risk mitigation focuses on reducing the impact or likelihood of identified risks through proactive measures or controls.
Example: A software development company implements regular security patches and updates to its applications and infrastructure to mitigate the risk of cyberattacks and data breaches. By promptly addressing known vulnerabilities and weaknesses, the organization reduces the likelihood of successful exploitation by malicious actors.

Risk Transfer:

Definition: Risk transfer involves transferring the financial consequences of a risk to another party, such as an insurance company or a contractual partner.
Example: A construction firm purchases liability insurance to transfer the financial risk associated with workplace accidents or property damage to the insurance provider. In the event of an incident, the insurance company covers the costs of legal claims, medical expenses, or property repairs, thereby reducing the financial impact on the construction firm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Name and explain the different sources of threats and provide two examples for each.

A

see question 7

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Name and explain the four types of measures in resilience engineering, and provide two examples for each type of measure.

A

Anticipation:

Definition: Anticipation measures involve proactively identifying and preparing for potential disruptions or challenges before they occur. These measures aim to anticipate possible scenarios and develop strategies to mitigate their impact.
Examples:
Conducting regular risk assessments and scenario planning exercises to identify potential threats and vulnerabilities. For example, a manufacturing company might simulate a supply chain disruption scenario to assess its resilience and develop contingency plans.
Implementing early warning systems and monitoring tools to detect emerging risks or trends. For instance, an IT department might deploy intrusion detection systems and security monitoring software to identify and respond to cyber threats before they escalate.

Monitoring:

Definition: Monitoring measures involve continuously monitoring organizational processes, systems, and environments to detect deviations from normal operations or signs of impending disruptions.
Examples:
Implementing real-time performance monitoring systems to track key indicators and metrics related to operational efficiency, safety, and security. For example, an airline might use cockpit instruments and sensors to monitor aircraft performance during flight.
Establishing regular review processes and audits to assess the effectiveness of organizational controls and procedures. This might involve conducting periodic safety inspections or security assessments to identify and address potential weaknesses before they result in incidents.

Response:

Definition: Response measures involve implementing plans and procedures to effectively respond to disruptions or incidents as they occur. These measures focus on mobilizing resources, coordinating actions, and mitigating the impact of disruptions.
Examples:
Developing incident response plans and protocols to guide actions during emergencies or crises. For instance, a hospital might have a detailed response plan for managing patient surges during a mass casualty event.
Conducting regular training and drills to ensure that personnel are prepared to respond effectively to different types of emergencies. This could involve simulating fire drills, active shooter scenarios, or cyberattack simulations to practice response procedures and coordination.

Learning:

Definition: Learning measures involve capturing lessons learned from past experiences and using them to improve organizational resilience over time. These measures focus on fostering a culture of continuous learning, adaptation, and improvement.
Examples:
Conducting post-incident reviews and debriefings to analyze root causes, identify opportunities for improvement, and implement corrective actions. For example, an IT team might conduct a post-mortem analysis after a major system outage to identify the underlying causes and prevent similar incidents in the future.
Encouraging open communication, feedback, and knowledge sharing among employees to promote a learning culture. This could involve establishing forums, workshops, or communities of practice where employees can share insights, best practices, and lessons learned from their experiences.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Name four fundamental tasks that a Security Champion can take on.

A

Security Awareness and Training:

A Security Champion can help facilitate security awareness training sessions for employees to educate them about common security threats, best practices for safeguarding sensitive information, and the organization’s security policies and procedures. They can also create and distribute security awareness materials, such as posters, email reminders, or online resources, to reinforce key security messages.

Policy Advocacy and Compliance:

Security Champions can advocate for the adoption and enforcement of security policies and standards within their respective teams or departments. They serve as ambassadors for security initiatives, ensuring that employees understand the importance of adhering to security policies and procedures. They can also assist in identifying areas where security policies may need to be updated or strengthened to address emerging threats or compliance requirements.

Risk Assessment and Mitigation:

Security Champions can help assess and mitigate security risks within their areas of responsibility. They can collaborate with the organization’s security team to identify potential vulnerabilities, conduct risk assessments, and implement appropriate security controls or measures to mitigate identified risks. This may involve reviewing system configurations, conducting security assessments, and recommending security improvements or remediation actions.

Incident Response and Reporting:

In the event of a security incident or breach, Security Champions can serve as first responders to help contain the incident, gather relevant information, and escalate the issue to the appropriate authorities or incident response team. They can also assist in documenting and reporting security incidents, including their root causes, impact, and remediation steps, to ensure that lessons are learned and improvements are made to prevent future incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Name the three steps of crisis management and provide an example for each.

A

Prevention and Preparation:

Definition: This step involves identifying potential crisis scenarios, assessing risks, and implementing preventive measures and preparedness plans to minimize the likelihood and impact of crises.
Example: A manufacturing company conducts regular safety audits and implements robust safety protocols and training programs to prevent workplace accidents. By proactively identifying and addressing potential safety hazards, the company reduces the risk of accidents and associated injuries or disruptions to production.

Response and Mitigation:

Definition: In this step, the organization responds to the crisis as it unfolds, mobilizing resources, implementing crisis management plans, and taking immediate actions to mitigate the impact of the crisis on the organization and its stakeholders.
Example: In the event of a cybersecurity breach, an organization activates its incident response team to investigate the incident, contain the breach, and restore affected systems and data. The team collaborates with internal and external stakeholders, such as IT professionals, legal counsel, and law enforcement, to assess the extent of the breach and mitigate further damage to the organization’s reputation and customer trust.

Recovery and Learning:

Definition: After the crisis has been contained, this step focuses on restoring normal operations, addressing the aftermath of the crisis, and learning from the experience to strengthen the organization’s resilience and preparedness for future crises.
Example: Following a natural disaster, a retail store damaged by flooding takes immediate steps to clean up the premises, repair damaged infrastructure, and resume business operations as quickly as possible. The organization also conducts a post-incident review to evaluate its response efforts, identify areas for improvement, and update its crisis management plans and procedures based on lessons learned from the experience.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Name the six STRIDE threats and provide an example for each threat.

A

Spoofing:

Definition: Spoofing involves the act of impersonating or masquerading as someone or something else to gain unauthorized access or deceive users.

Example: A cyber attacker sends phishing emails that appear to be from a legitimate company, tricking recipients into clicking on malicious links or providing sensitive information such as login credentials. By spoofing the sender’s identity, the attacker aims to gain unauthorized access to the recipient’s accounts or compromise their systems.

Tampering:

Definition: Tampering refers to unauthorized modifications or alterations made to data, software, or system components, often with the intention of causing harm or gaining unauthorized access.
Example: A malicious actor intercepts network traffic and modifies the contents of a financial transaction to transfer funds to their own account instead of the intended recipient. By tampering with the transaction data, the attacker aims to steal money or manipulate financial records for personal gain.

Repudiation:

Definition: Repudiation involves denying or disowning actions or transactions that have taken place, making it difficult to hold individuals or entities accountable for their actions.
Example: A user performs unauthorized actions in an online banking application, such as transferring funds between accounts, and later denies having made those transactions. Without proper logging and auditing mechanisms in place, it becomes challenging for the organization to prove the user’s involvement and hold them accountable for the unauthorized transactions.

Information Disclosure:

Definition: Information disclosure involves the unauthorized exposure or release of sensitive information to unauthorized parties, potentially leading to privacy breaches, identity theft, or other forms of harm.
Example: A software vulnerability allows attackers to exploit a web application and gain access to a database containing users’ personally identifiable information (PII), such as names, addresses, and credit card numbers. The unauthorized disclosure of this sensitive data can result in identity theft, financial fraud, or reputational damage to the organization.

Denial of Service (DoS):

Definition: Denial of Service (DoS) involves disrupting or degrading the availability or performance of a system, application, or network, making it inaccessible or unusable for legitimate users.
Example: A distributed denial of service (DDoS) attack floods a company’s website with a high volume of malicious traffic, overwhelming the server and causing it to become unresponsive to legitimate user requests. As a result, the website becomes inaccessible to users, leading to potential loss of revenue and damage to the organization’s reputation.

Elevation of Privilege:

Definition: Elevation of Privilege involves unauthorized escalation of privileges or access rights, allowing an attacker to gain elevated privileges or permissions beyond their authorized level.
Example: A software vulnerability in an operating system allows an attacker to exploit a privilege escalation vulnerability and gain administrative access to a computer system. With elevated privileges, the attacker can install malware, steal sensitive data, or manipulate system settings without detection, potentially causing significant damage to the organization’s assets and operations.

17
Q

A company processes customers’ personal data. This data is stored together with other customer project data. All data is stored in databases and storage solutions in the network. The data is processed by a computing cluster (backend) and then made available on the frontend server. The security information (cryptographic material) is stored using appropriate access procedures.Assign the assets mentioned in the scenario to the correct category and explain each category. For each of the secondary assets, give a practical example of the technology that may be used.

A

Primary Assets:

Customer Personal Data:
Explanation: This is the primary asset of concern as it contains sensitive information about customers, such as personal details, financial information, or any other data that can identify individuals.
Example of Technology: Database Management Systems (DBMS) like MySQL, Oracle, or PostgreSQL may be used to store and manage customer personal data securely. Additionally, encryption techniques such as AES (Advanced Encryption Standard) can be employed to protect the confidentiality of the stored data.
Secondary Assets:

Customer Project Data:

Explanation: This data is related to specific projects involving customers. While not as sensitive as personal data, it still holds value for the organization and may contain proprietary information or intellectual property.
Example of Technology: Distributed File Systems (DFS) like Hadoop HDFS or Apache HBase may be used to store and manage large volumes of project data efficiently. Access control mechanisms such as Access Control Lists (ACLs) or Role-Based Access Control (RBAC) can be implemented to restrict unauthorized access to project data.
Computing Cluster (Backend):

Explanation: The computing cluster is responsible for processing the data and executing backend operations. It serves as the computational backbone of the system.
Example of Technology: Technologies like Apache Hadoop or Apache Spark can be used to build computing clusters for processing large datasets in parallel. Container orchestration platforms such as Kubernetes or Apache Mesos may be utilized to manage and scale the computing cluster efficiently.
Frontend Server:

Explanation: The frontend server is responsible for serving the processed data to users through web interfaces or APIs. It acts as the interface between users and the backend computing resources.
Example of Technology: Web servers like Apache HTTP Server or Nginx can be used to host frontend applications and serve static or dynamic content to users. Frameworks like React.js, Angular, or Vue.js may be employed to develop interactive user interfaces for web applications.
Security Information (Cryptographic Material):

Explanation: This includes cryptographic keys, certificates, or other security information used to protect sensitive data and communications within the system.
Example of Technology: Key Management Systems (KMS) such as AWS Key Management Service (KMS) or HashiCorp Vault can be used to securely store and manage cryptographic keys. Public Key Infrastructure (PKI) solutions like OpenSSL or Microsoft Active Directory Certificate Services (AD CS) may be utilized to issue and manage digital certificates for secure communication.

18
Q

Name the 6 steps of the SEI risk management paradigm

A
  1. Risk Identification:
    * This step involves systematically identifying potential risks, threats, vul-nerabilities, and uncertainties that could impact the success of the software project. Various techniques such as brainstorming, checklists, documentation review, and expert judgment are used to identify risks comprehensively.
  2. Risk Assessment:
    * After identifying risks, the next step is to assess and analyze them. This involves evaluating the likelihood and potential impact of each identi-fied risk on project objectives such as schedule, cost, quality, and per-formance. Risk assessment helps prioritize risks based on their severity and likelihood of occurrence.
  3. Risk Prioritization:
    * Once risks have been assessed, they are prioritized based on their se-verity and likelihood of occurrence. High-priority risks, which have a significant impact on project objectives and a high likelihood of occur-rence, are given greater attention and resources for mitigation.
  4. Risk Mitigation:
    * In this step, strategies and action plans are developed to mitigate, avoid, transfer, or accept identified risks. Risk mitigation measures aim to reduce the likelihood or impact of risks on the project. Mitigation strategies may include implementing preventive measures, contingen-cy plans, or risk transfer mechanisms.
  5. Risk Monitoring:
    * Risk monitoring involves continuously monitoring and tracking identi-fied risks throughout the software project lifecycle. This step ensures that risks are managed effectively and that any changes in risk status or new risks are promptly addressed. Regular risk reviews and status up-dates help project teams stay informed and proactive in managing risks.
  6. Risk Communication:
    * Effective communication of risks is essential for ensuring that stake-holders are aware of potential threats and uncertainties affecting the project. This step involves transparently sharing risk information, analy-sis, and mitigation strategies with project stakeholders, including team
18
Q

Explain the concepts of identifying, analysing and planning the SEI risk management paradigm

A

Identifying Risks:

Definition: Identifying risks involves systematically identifying potential threats, vulnerabilities, and uncertainties that could impact the success of a software project. This stage aims to create a comprehensive list of potential risks that the project may encounter.

Process: During the identification stage, project stakeholders collaborate to brainstorm and identify potential risks. This can be done through techniques such as brainstorming sessions, checklists, documentation review, and expert judgment. Risks can be categorized into various types, such as technical risks, schedule risks, cost risks, and organizational risks.

Example: In a software development project, potential risks could include requirements volatility, technology dependencies, resource constraints, changes in project scope, and unexpected stakeholder expectations. These risks may be identified through discussions with project team members, historical data analysis, or lessons learned from previous projects.

Analyzing Risks:

Definition: Analyzing risks involves assessing the likelihood and potential impact of identified risks on the project objectives. This stage helps prioritize risks based on their severity and likelihood of occurrence, allowing project managers to focus resources on addressing the most critical risks.

Process: Risk analysis typically involves evaluating each identified risk based on its probability of occurrence, potential impact on project objectives (such as schedule, cost, quality, and performance), and the effectiveness of existing risk mitigation measures. Quantitative techniques, such as risk probability and impact assessment or Monte Carlo simulation, may be used to analyze risks and prioritize them based on their overall risk exposure.

Example: For each identified risk, project managers may assess the likelihood of occurrence (e.g., low, medium, high) and the potential impact on project objectives (e.g., minor, moderate, severe). Risks with high likelihood and severe impact are prioritized for further attention, while low-probability risks with minor impact may be accepted or monitored with minimal mitigation efforts.

Planning Risk Responses:

Definition: Planning risk responses involves developing strategies and action plans to address identified risks proactively. This stage aims to mitigate, avoid, transfer, or accept risks based on their analysis and prioritization, ensuring that the project remains on track to achieve its objectives.

Process: During the planning stage, project managers collaborate with relevant stakeholders to develop risk response strategies tailored to each identified risk. These strategies may include risk mitigation measures to reduce the likelihood or impact of risks, contingency plans to address risks if they occur, risk transfer mechanisms such as insurance or contracts, or risk acceptance if the potential benefits outweigh the potential drawbacks.

Example: For high-priority risks, project managers may develop detailed risk response plans outlining specific actions, responsibilities, and timelines for implementing risk mitigation measures. For example, if a critical software component has a high risk of delay due to resource constraints, the project team may allocate additional resources, adjust the project schedule, or explore alternative solutions to mitigate the risk and ensure timely delivery. Additionally, contingency plans may be developed to address potential disruptions caused by the risk, such as implementing fallback options or seeking management approval for changes in project scope or budget.

19
Q

Name and explain three elements of a data flow diagram

A
  1. Processes:
    * Processes represent the functions or transformations that occur within the system. They depict the activities or operations performed on data as it flows through the system. Processes are typically represented by circles or rectangles on a DFD diagram.
    * Each process on a DFD diagram should have a unique label or identifier to distinguish it from other processes. Processes may involve data manipulation, calculations, storage, or communication with external entities.
    * Example: In a banking system, a process labeled “Process Transaction” might represent the functionality for processing customer transactions, including verifying account balances, updating transaction records, and generating receipts.
  2. Data Flows:
    * Data flows represent the movement of data between processes, stores, and external entities within the system. They indicate the direction and flow of data as it moves through the system’s various components.
    * Data flows are depicted by arrows on a DFD diagram, with labels describing the types of data being transferred. Data flows may represent inputs, outputs, or intermediate data exchanged between processes and other system components.
    * Example: In a retail inventory management system, a data flow labeled “Sales Data” might represent the flow of sales transaction information from a point-of-sale (POS) terminal to a central inventory database for updating stock levels.
  3. Data Stores:
    * Data stores represent repositories or locations where data is stored within the system. They depict the persistent storage of data that can be accessed or modified by processes as needed.
    * Data stores are typically represented by rectangles with rounded corners on a DFD diagram. They may represent databases, files, or other storage mechanisms used to store and retrieve data within the system.
    * Example: In a customer relationship management (CRM) system, a data store labeled “Customer Database” might represent a centralized database containing customer information such as names, contact details, purchase history, and preferences.
20
Q

BSI Standard 100-3, describe and explain the risk analysis proce

A
  1. Establish Context:
    * The first step in the risk analysis process is to establish the context for the analysis. This involves defining the scope, objectives, and assumptions of the risk assessment. It also includes identifying the stakeholders involved and understanding their requirements and concerns regarding information security.
  2. Identify Assets:
    * The next step is to identify and inventory the organization’s information assets. This includes all tangible and intangible assets that are important to the organization’s operations, such as data, systems, applications, hardware, software, facilities, personnel, and intellectual property.
  3. Identify Threats and Vulnerabilities:
    * Once the assets have been identified, the next step is to identify potential threats and vulnerabilities that could exploit or impact those assets. Threats are potential events or incidents that could harm the organization, while vulnerabilities are weaknesses or gaps in security controls that could be exploited by threats.
  4. Assess Risks:
    * With the assets, threats, and vulnerabilities identified, the next step is to assess the risks associated with each asset. Risk assessment involves evaluating the likelihood and potential impact of threats exploiting vulnerabilities to cause harm to the organization’s assets or operations.
  5. Risk Evaluation:
    * After assessing the risks, the next step is to evaluate and prioritize them based on their severity and significance to the organization. Risk evaluation considers factors such as the likelihood of occurrence, the potential impact on business objectives, the effectiveness of existing controls, and the organization’s risk tolerance.
  6. Risk Treatment:
    Once risks have been evaluated and prioritized, the next step is to develop and implement risk treatment plans to address them. Risk treatment involves selecting and implementing appropriate controls, measures, or measures, or actions to mitigate, avoid, transfer, or accept risks based on the organization’s risk appetite and priorities.
  7. Monitor and Review:
    * Finally, the risk analysis process includes ongoing monitoring and re-view of the organization’s risk management activities. This involves tracking changes in the risk landscape, assessing the effectiveness of risk treatments, and updating risk assessments and treatment plans as needed to ensure that information security risks are effectively man-aged over time.

Cyber risk assessment and management (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions