Question
2 points
Which of the following is not covered by Incident Response Controls within a company?
Quiz 4
Purpose
This assignment is intended to assess your ability to recommend managerial, technical and operational controls within governance channels.
Overview
This quiz covers Module 5 concepts. It will take about 60 minutes. This is an individual assignment. Make sure to complete all of the module’s reading and preparation before taking the quiz.
An employee deletes a critical �le by mistake.
One of the employees sends a sensitive �le to another employee by encrypted e-mail.
SQL injections attacks against web applications.
The Intrusion Detection System has detected port scanning activity.
1
2 points
What is the potential role of the information security department In the case of an infraction committed by a contractor?
2 points
Which one is not correct for the separation of duties principle?
2 points
A Change Control Board can be very bene�cial in the process of approving ____________________.
Terminating access to the information systems
Disabling account of the contractor
Providing evidence for the infraction
Collecting private information about the individual
Separating coding and testing teams is an example of the separation of duties principle.
It prevents malicious activity.
Separation of duties practices do not have to be documented.
It is one of the principles practices in the access control domain.
Con�guration Management Controls
Personnel Security Controls
Awareness and Training Controls
Incident Response Controls
2
3
4
2 points
Which one is not used in an authentication process?
2 points
Please map the �rst group to the second group. Group-1 (User type): A) Senior management B) End-user C) Security analyst Group-2 (Training type): D) SIEM training E) Risk management training F) Security awareness training
2 points
COBIT is a framework. ISO 27001 is an international standard. HIPAA is an act. All of them suggest technical controls that can be adapted by organizations. Which of these control repositories is prepared for a speci�c sector?
Software token
Encryption
SIEM
Hardware token
A-E, B-D, C-F
A-F, B-E, C-D
A-F, B-D, C-E
A-E, B-F, C-D
HIPAA
All of them
COBIT
ISO 27001
5
6
7
2 points
A Business continuity plan and _________________ are closely related operational-level controls.
2 points
Who sets the policies for record retention period?
2 points
Systems development lifecycle process can be regarded as a ____________________________.
Physical and Environmental Protection Controls
All of them
Contingency Planning Controls
Incident Response Controls
IT department
Legal department
Security department
CIO
Physical and environmental control
Con�guration management control
Maintenance control
System and information integrity control
8
9
10
2 points
What is the purpose of a covert channel analysis?
2 points
Which mappings are correct for Physical and Environmental Protection Controls?
2 points
The primary purpose of Media protection controls are to protect the ___________________ of the information.
To analyze the encryption methods and algorithms used in a covert channel.
To perform a cost-bene�t analysis on an existing covert channel for the decision-makers to decide on the next steps.
To identify the aspects of system communication that are potential avenues for hidden storage and timing channels.
To perform a requirements analysis within a company to determine which units within the organization would need such a communication channel.
Physical controls to ful�ll availability needs, environmental controls to meet access control needs.
Physical controls to ful�ll access control needs, environmental controls to meet availability needs.
Physical controls to ful�ll integrity needs, environmental controls to meet access control needs.
Physical controls to ful�ll access control needs, environmental controls to meet integrity needs.
Con�dentiality
Reliability
Integrity
Availability
11
12
13
2 points
Which of the following control families mainly ful�lled with the help of contracts?
2 points
Which of the following “system and communication protection” control family protects against availability losses?
2 points
What is the name of the following principle: “Allowing only authorized accesses for a user (and processes acting on behalf of the user) who are necessary to accomplish assigned tasks per organizational missions and business functions.”?
Incident Response Controls
Contingency Planning Controls
Con�guration Management Controls
Maintenance Controls
Boundary Protection
Honeypots
Network Disconnect
Denial of Service Protection
Need to know
Separation of duties
Least privilege
Privilege escalation
14
15
16
2 points
When should “System Use Notification" be shown to computer use?
2 points
Which control family satis�es the “need to know” principle?
2 points
Which statement is wrong for the auditable event?
After granting access to the system
Before granting access to the system
After a successful logon
When the user logoffs
Access control
Audit
Authentication
Communication protections
The organization determines based on current threat information.
The organization determines based on business needs.
The organization determines based on the ease of the application.
The organization determines based on risk assessment.
17
18
19
2 points
Which of the following group needs information security training?
C-level management
All of them
End users
Mid-level management
20