Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
19 Cards in this Set
- Front
- Back
|
17. What is the objective of the planning and risk assessment domain of the maintenance model? Why is this important?
|
The primary objective of the planning and risk assessment domain according to our text is to keep lookout over the entire information security program, in part by planning ongoing information security activities that further reduce risk. This is of utmost importance due to it keeping track of how the actually security program is running and what can be done to improve upon it to mitigate further risk.
|
|
|
12. What's the difference between vulnerability assessment and penetration testing?
|
A vulnerability assessment is the process of having a professional come in and examine the potential security vulnerabilities in an environment. Penetration testing is having a third party simulated attack from a hacker. This is often done without the majority of the company knowing in order to properly simulate the attack. The difference between the two is that the penetration tester is actively trying to attack the system.
|
|
|
20. What is digital forensics
|
The investigation of what happened and how in the arena of information security is digital forensics–the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and/or root cause analysis. This is used when a security incident happens.
|
|
|
15. What does CERT stand for? Is there more than one CERT? What is the purpose of a CERT?
|
CERT stands for Computer Emergency Response Teams. There are a ton of CERTs around the world. Many states have CERT agencies and many countries have CERT organizations to deal with national issues and threats. Nowadays, CERT focuses on security breaches and denial-of-service incidents, providing alerts and incident-handling and avoidance guidelines. It also serves as an ongoing public awareness campaign and engages in research aimed at improving security systems.
|
|
|
5. What is a management maintenance model? What does it accomplish?
|
A management maintenance model is a framework that structures the task of managing certain activities or business functions.
|
|
|
1. List and define the factors that are likely to shift in an organization’s information security environment.
|
There are multiple scenarios that can lead to a shift in an organization information security environment. Every time a new asset is acquired, creating new partnerships or ending others, new employees or the employees that for one reason or another will not be working there, are some of the scenarios companies need to be careful because it can transform the information security environment. Hardware that is added need to be inspected and make sure that there are not vulnerabilities for the company. Partnerships are also important because they can have valuable information that could easily fall in competitors hands. We must never forget that previous, current, and future employees need to also be aware of the different policies the organization have and follow security protocol depending on how much access to information they have.
|
|
|
2. Who decides if the information security program can adapt to change adequately?
|
The CISO decides whether the information security program can adapt to change as it is implemented or whether the macroscopic process of the SecSDLC must be started anew.
|
|
|
7. What ongoing responsibilities do security managers have in securing the SDLC
|
The ongoing responsibilities security managers have includes:Monitor security controls to ensure that they continue to be effective in theirs application through periodic testing and evaluation.Perform self-administered audits independent security audits, or other assessments periodically. Use automated tools, internal control audits, security checklists, and penetration testing.Monitor the system and/or users by reviewing system logs and reports, using automated tools, reviewing change management, monitoring trade publications and other external sources, and performing periodic re-accreditation.Develop CM plan.Ensure adequate consideration of potential security impacts due to changes in an IS or its surrounding environment.
|
|
|
18. What is the primary goal of the vulnerability assessment and remediation domain of the maintenance model? Is this important to an organization with an Internet presence? Why?
|
The primary goal is the identification of specific, documented vulnerabilities and their timely remediation. It's important to an organization with an Internet presence because attackers are able to take advantage of any loophole or flaw that may be present.
|
|
|
6.What changes needed to be made to the model presented in SP 800-100 to adapt it for use in security management use.
|
Major changes aren't needed. The document is known to be written for the use of information security management applications. On the other hand while it might need to be tailored for specific requirements that are known to be local, it is also known to be functionally useable as it has been presented.
|
|
|
10. What is the difference between configuration management and change management?
|
Configuration management i the identification, inventory, and documentation of current hardware, software, and networking configurations. Change management addresses modifications to the base configuration. Configuration and Change management assists in making change management processes more efficient and prevents changes that might compromise the integrity of the security system.
|
|
|
9. What is penetration testing?
|
Penetration Testing is a set of security tests and evaluations that simulate attacks by malicious external source AKA hackers. These tests are typically scheduled to be performed periodically throughout each year as part of a full security audit. In other security tests, such as vulnerability assessments, organizations are very careful to avoid disruption of normal business operations. In penetration testing the ultimate responsibility is to find weaknesses in the security or the organization's systems, so the person testing as the supposed hacker tries to go as far as possible, simulating the actions of a true attacker.
|
|
|
19. List and describe the five vulnerability assessment processes described in the text. Can you think of some other assessment processes that might exist?
|
The five vulnerability assessment processes are:Internet vulnerability assessment- an assessment designed to find vulnerabilities in a external network.Intranet vulnerability assessment- an assessment designed to find vulnerabilities in a internal network.Platform security validation- an assessment designed to find vulnerabilities in a network systems various platforms.Wireless vulnerability assessment- an assessment designed to find vulnerabilities in an organizations wireless network.Modem vulnerability assessment- an assessment designed to find vulnerabilities in any modems installed on a network.Another type of vulnerability assessment would be a penetration tes
|
|
|
5. What is the management maintance model? What does it accomplish?
|
From our book on page 593, a management maintenance model is the structure that is used for the task of managing a certain set of business functions. A management maintenance model is created so that a business has clear and necessary guidelines in order operate successfully.
|
|
|
What are the three primary aspects of information security risk management? Why is each important?
|
Three aspects include threats, assets, and vulnerabilities.This triple is used to carefully evaluate the security posture of the organization via security maintenance and readiness.By carefully monitoring these three aspects of the organizations security, the organization will be more prepared for possible problems.By creating an aggressive monitoring policy, the organization can stay abreast of changes in the environment.
|
|
|
11. What is a performance baseline?
|
A performance baseline is an expected level of performance against which all subsequent levels of performance are compared.
|
|
|
13. What is the objective of the external monitoring domain of he maintenance model?
|
The objective of the external monitoring domain with in the maintenance model is to provide the early awareness of new and emerging threats, threat agents, vulnerabilities and attacks the organization needs insider to mount an effective and timely defense. External monitoring entails collecting intelligence form various data sources, and then giving that intelligence context and meaning for use by decision makers with in the organization.
|
|
|
8. What is vulnerability assessment?
|
Vulnerability assessment is defined as the process of identifying and documenting specific and provable flaws in the organization's information asset environment. There are many areas of vulnerability assessment, including: Internet, Intranet, Wireless, and Modem vulnerability assessment. Internet deals with the vulnerabilities that may be present in an organization's public network. Intranet deals with the vulnerabilities that may be present in an organization's private network. Wireless has to do with finding and documenting vulnerabilities that may exist in an organization's wireless networks. And Modem deals with finding and documenting vulnerabilities that may exist in dial-up connections on a network.
|
|
|
16. What is the primary objective of the internal monitoring domain?
|
An informed awareness of the state of the organization's networks, information systems, and information security defenses. This awareness must be communicated and documented, especially for components that are exposed to the external networks.
|
