information security ch 11-12
When the memory usage associated with a particular CPU-based system averages ____% or more over prolonged periods, consider adding more memory.
60
A maintenance model such as ISO 1799 deals with methods to manage and operate systems
False
A maintenance ticket is opened when a user calls about an issue.
False
A mandatory furlough provides the organization with the ability to audit the work of an individual.
False
An effective information security governance program requires constant change.
False
An effective information security governance program requires little review once it is well established.
False
An intranet vulnerability scan starts with the scan of the organization's default Internet search engine.
False
Based on the 40% rule, when the amount of data stored on a particular hard drive averages 40% of available capacity for a prolonged period, consider and upgrade for the hard drive.
False
CERT stands for "computer emergency recovery team."
False
Documentation procedures are not required for configuration and change management processes.
False
Documenting information system changes and assessing their potential impacts on system security is an important and consequential part of digital forensics.
False
Existing information security-related certifications are typically well understood by those responsible for hiring in the organizations.
False
GIAC stands for Global Information Architecture Certification.
False
ISSEP stands for Information Systems Security Expert Professional.
False
ISSMP stands for Information Systems Security Monitoring Professional. _________________________
False
Many hiring managers in information security prefer to recruit a security professional who already has proven HR skills and professional experience, since qualified candidates with information security experience are scarce. _______________________
False
In some organizations, facilities management is the identification, inventory and documentation of the current information systems status-hardware,software and networking configurations.
False
Inventory characteristics for hardware and software assets that record the manufacturer and versions are related to technical functionality, and should be highly accurate and updated each time there is a change.
False
Organizations are not required by law to protect employee information that is sensitive or personal.
False
SACA touts the CISA certification as being appropriate for accounting, networking, and security professionals. _________________________
False
The CISA credential is geared toward experienced information security managers and others who may have similar management responsibilities. _________________________
False
The CISSP concentration concentrations are available for CISSPs to demonstrate knowledge that is already a part of the CISSP CBK.
False
The CISSP-ISSEP concentration focuses on the knowledge areas that are part of enterprise security management.
False
modem vulnerability assessment begins with the planning, scheduling and notification of all Internet connections, using software such as Wireshark.
False
"Know more than you say, and be more skillful than you let on" advise for information security professionals indicates the actions taken to protect information should not interfere with users' actions.
False
The ____ list is intended to facilitate the development of the leading free network exploration .
Nmap-dev
The ______ vulnerability assessment is a process that is designed to find and document selected vulnerabilities that are likely to be present on the internal network of the organization.
intrA net
Many who move to business-oriented information security were formerly__________ who were often involved in national security or cybersecurity
military personnel
Control ___ baselines are established for network traffic and also for firewall performance and IDPS performance.
performance
The __________ position is typically considered the top information security officer in the organization.
(CISO)Chief Information Security Officer
Common vulnerability assessment processes include ____?
All of these
Many enter the field of information security from technical professionals such as __________ who find themselves working on information security applications and processes more often than traditional IT assignments.
All of the above
The ISSMP examination is designed to provide CISSPs with a mechanism to demonstrate competence in __________.
All of the above
The information security function can be placed within the __________.
All of the above
A primary mailing list for new vulnerabilities, called simply ______, provides time-sensitive converge of emerging vulnerabilities, documenting how they are exploited, and reporting on how to remediation them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing list.
Bugtraq
According to Schwartz, Erwin, Weafer, and Briney "__________" are the real techies who create and install security solutions.
Builders
In recent years, the __________ certification program has added a set of concentration exams.
CISSP
The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market.
CISSP
A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position.
False
Many organizations use a(n) __________ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee's tenure in the organization.
Exit
"Builders" in the field of information security provide day-to-day systems monitoring and use to support an organization's goals and objectives.
False
You can document the results of the verification of a vulnerability by saving the results in what is called a(n) profile.
False
endly departures include termination for cause, permanent downsizing, temporary lay-off, or some instances of quitting ____
False
The SSCP examination is much more rigorous than the CISSP examination.
False
The final process in the vulnerability assessment and radiation domain is the exit phase.
False
The general management community of interest must plan for the proper staffing for the information security function. _________________________
False
The information security function cannot be placed within the protective services.
False
The most common credential for a CISO-level position is the Security+ certification.
False
The security manager position is much more general than that of the CISO.
False
The systems development life cycle (SDLC) is the overall process of developing, implementing., and retiring information systems through a multi step approach-initiation, analysis, design, implementation and use______
False
The target selection step of Internet vulnerability assessment involves using the external monitoring intelligence to configure a test engine (such as Nessus) for the test to be performed.
False
Threats cannot be removed without requiring a repair of the vulnerability.
False
To be put to the most effective use, the information that comes from the IDPS must be integrated into the inventory process.
False
WLAN stands for wide local area network.
False
____ allows for the major security control components to be reviewed on a periodic bais to ensure that they are current, accurate, and appropriate.
Program review
The optimum approach for escalation is based on a thorough integration of the monitoring process into the _____.
IRP
The model commonly used by large organizations places the information security department within the __________ department.
Information technology
he ISSEP allows CISSP certificate holders to demonstrate expert knowledge of all of these except __________.
International laws
Like the CISSP, the SSCP certification is more applicable to the security__________ than to the security __________.
Manager, technician
____ is used to respond to network change requests and network architectural design proposals.
Network Connectivity RA
The ____ process is designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization.
PSV
The ___ commercial site focuses on current security tool resources.
Packet Storm
____, a level beyond vulnerability testing, is a set of security tests and evaluations that simulate attacks by a malicious external source (hacker).
Penetration testing
System Administration, Networking, and Security Organization is better known as __________.
SANS
The ____ is a statement of the boundaries of the RA.
Scope
__________ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization's security technology is properly implemented.
Security technicians
The ___ mailing list includes announcements and discussion of an open-source IDPS
Snort-SIGS
__________ are hired by the organization to serve in a temporary position or to supplement the existing workforce.
Temporary employees
All systems that are mission critical should be enrolled in PSV measurement.
True
CM assists in streamlining change management processes and prevents changes that could detrimentally affect the security posture of a system before they happen.
True
External monitoring entails collecting intelligence from various data sources and then giving that intelligence context and meaning for use by decision makers within the organization.
True
ISSAP stands for Information Systems Security Architecture Professional.
True
Intelligence for external monitoring can come from a number of sources: Vendors, CERT organizations, public network sources and membership sites.
True
Organizations should have a carefully planned and fully populated inventory of all their network devices, communication and computing devices. ___
True
Over time, external monitoring processes should capture information about the external environment in a format that can be referenced both across the organization as threats emerge and for historical use.
True
Over time, policies and procedures may become inadequate because of changes in agency mission and operational requirements, threats, or the environment.
True
Remediation of vulnerabilities can be accomplished by accepting or transferring the risk, removing the threat, or repairing the vulnerability.
True
Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _______________________
True
Security managers are accountable for the day-to-day operation of the information security program.
True
The International Society of Forensic Computer Examiners (ISFCE) offers two levels of certification, the Certified Computer Examiner (CCE) and the Master Certified Computer Examiner (MCCE).
True
The basic function of the external monitoring process is to monitor activity, report results, and escalate warnings.___
True
The general management community of interest must work with the information security professionals to integrate solid information security concepts into the personnel management practices of the organization
True
The organization should integrate the security awareness education into a new hire's ongoing job orientation and make it a part of every employee's on-the-job security training.
True
The process of identifying and documenting specific and provable flaws in the organization's information asset environment is called vulnerability assessment(VA)____.
True
The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions.
True
The use of standard job descriptions can increase the degree of professionalism in the information security field.
True
To maintain a secure facility, all contract employees should be escorted from room to room, as well as into and out of the facility.
True
US-CERT is generally viewed as the definitive authority for computer emergency response teams.
True
Upper management should learn more about the budgetary needs of the information security function and the positions within it. _____________
True
When possible, major incident response plan elements should be rehearsed.
True
n many organizations, information security teams lacks established roles and responsibilities.
True
____ penetration testing is usually used when a specific system or network segment is suspect and the organization wants the pen tester to focus on a particular aspect of the target.
White Box
One approach that can improve the situational awareness of the information security function uses a process known as ____ to quickly identify changes to the internal environment.
difference analysis
The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals?
accounting
A(n) ___ item is a hardware item that is to be modified and revised throughout its live cycle.
configuration
To evaluate the performance of a security system, administrators must establish system performance ___.
baselines.
The International Society of Forensic Computer Examiners (ISFCE) offers which certifications
booth of these certifications
__________ is a cornerstone in the protection of information assets and in the prevention of financial loss.
separation of duties
__________ is the requirement that every employee be able to perform the work of another employee.
task rotation
A ____ is the recorded state of a particular revision of a software or hardware configuration item.
version