information security ch 11-12

When the memory usage associated with a particular CPU-based system averages ____% or more over prolonged periods, consider adding more memory.

60

A maintenance model such as ISO 1799 deals with methods to manage and operate systems

False

A maintenance ticket is opened when a user calls about an issue.

False

A mandatory furlough provides the organization with the ability to audit the work of an individual.

False

An effective information security governance program requires constant change.

False

An effective information security governance program requires little review once it is well established.

False

An intranet vulnerability scan starts with the scan of the organization's default Internet search engine.

False

Based on the 40% rule, when the amount of data stored on a particular hard drive averages 40% of available capacity for a prolonged period, consider and upgrade for the hard drive.

False

CERT stands for "computer emergency recovery team."

False

Documentation procedures are not required for configuration and change management processes.

False

Documenting information system changes and assessing their potential impacts on system security is an important and consequential part of digital forensics.

False

Existing information security-related certifications are typically well understood by those responsible for hiring in the organizations.

False

GIAC stands for Global Information Architecture Certification.

False

ISSEP stands for Information Systems Security Expert Professional.

False

ISSMP stands for Information Systems Security Monitoring Professional. _________________________

False

Many hiring managers in information security prefer to recruit a security professional who already has proven HR skills and professional experience, since qualified candidates with information security experience are scarce. _______________________

False

In some organizations, facilities management is the identification, inventory and documentation of the current information systems status-hardware,software and networking configurations.

False

Inventory characteristics for hardware and software assets that record the manufacturer and versions are related to technical functionality, and should be highly accurate and updated each time there is a change.

False

Organizations are not required by law to protect employee information that is sensitive or personal.

False

SACA touts the CISA certification as being appropriate for accounting, networking, and security professionals. _________________________

False

The CISA credential is geared toward experienced information security managers and others who may have similar management responsibilities. _________________________

False

The CISSP concentration concentrations are available for CISSPs to demonstrate knowledge that is already a part of the CISSP CBK.

False

The CISSP-ISSEP concentration focuses on the knowledge areas that are part of enterprise security management.

False

modem vulnerability assessment begins with the planning, scheduling and notification of all Internet connections, using software such as Wireshark.

False

​"Know more than you say, and be more skillful than you let on" advise for information security professionals indicates the actions taken to protect information should not interfere with users' actions.

False

The ____ list is intended to facilitate the development of the leading free network exploration .

Nmap-dev

The ______ vulnerability assessment is a process that is designed to find and document selected vulnerabilities that are likely to be present on the internal network of the organization.

intrA net

Many who move to business-oriented information security were formerly__________ who were often involved in national security or cybersecurity

military personnel

Control ___ baselines are established for network traffic and also for firewall performance and IDPS performance.

performance

The __________ position is typically considered the top information security officer in the organization.

(CISO)Chief Information Security Officer

Common vulnerability assessment processes include ____?

All of these

Many enter the field of information security from technical professionals such as __________ who find themselves working on information security applications and processes more often than traditional IT assignments.

All of the above

The ISSMP examination is designed to provide CISSPs with a mechanism to demonstrate competence in __________.

All of the above

The information security function can be placed within the __________.

All of the above

A primary mailing list for new vulnerabilities, called simply ______, provides time-sensitive converge of emerging vulnerabilities, documenting how they are exploited, and reporting on how to remediation them. Individuals can register for the flagship mailing list or any one of the entire family of its mailing list.

Bugtraq

According to Schwartz, Erwin, Weafer, and Briney "__________" are the real techies who create and install security solutions.

Builders

In recent years, the __________ certification program has added a set of concentration exams.

CISSP

The breadth and depth covered in each of the domains makes the __________ one of the most difficult-to-attain certifications on the market.

CISSP

A background check must always be conducted to determine the level of trust the business can place in a candidate for an information security position.

False

Many organizations use a(n) __________ interview to remind the employee of contractual obligations, such as nondisclosure agreements, and to obtain feedback on the employee's tenure in the organization.

Exit

"Builders" in the field of information security provide day-to-day systems monitoring and use to support an organization's goals and objectives.

False

You can document the results of the verification of a vulnerability by saving the results in what is called a(n) profile.

False

endly departures include termination for cause, permanent downsizing, temporary lay-off, or some instances of quitting ____

False

The SSCP examination is much more rigorous than the CISSP examination.

False

The final process in the vulnerability assessment and radiation domain is the exit phase.

False

The general management community of interest must plan for the proper staffing for the information security function. _________________________

False

The information security function cannot be placed within the protective services.

False

The most common credential for a CISO-level position is the Security+ certification.

False

The security manager position is much more general than that of the CISO.

False

The systems development life cycle (SDLC) is the overall process of developing, implementing., and retiring information systems through a multi step approach-initiation, analysis, design, implementation and use______

False

The target selection step of Internet vulnerability assessment involves using the external monitoring intelligence to configure a test engine (such as Nessus) for the test to be performed.

False

Threats cannot be removed without requiring a repair of the vulnerability.

False

To be put to the most effective use, the information that comes from the IDPS must be integrated into the inventory process.

False

WLAN stands for wide local area network.

False

____ allows for the major security control components to be reviewed on a periodic bais to ensure that they are current, accurate, and appropriate.

Program review

The optimum approach for escalation is based on a thorough integration of the monitoring process into the _____.

IRP

The model commonly used by large organizations places the information security department within the __________ department.

Information technology

he ISSEP allows CISSP certificate holders to demonstrate expert knowledge of all of these except __________.

International laws

Like the CISSP, the SSCP certification is more applicable to the security__________ than to the security __________.

Manager, technician

____ is used to respond to network change requests and network architectural design proposals.

Network Connectivity RA

The ____ process is designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization.

PSV

The ___ commercial site focuses on current security tool resources.

Packet Storm

____, a level beyond vulnerability testing, is a set of security tests and evaluations that simulate attacks by a malicious external source (hacker).

Penetration testing

System Administration, Networking, and Security Organization is better known as __________.

SANS

The ____ is a statement of the boundaries of the RA.

Scope

__________ are the technically qualified individuals tasked to configure firewalls, deploy IDSs, implement security software, diagnose and troubleshoot problems, and coordinate with systems and network administrators to ensure that an organization's security technology is properly implemented.

Security technicians

The ___ mailing list includes announcements and discussion of an open-source IDPS

Snort-SIGS

__________ are hired by the organization to serve in a temporary position or to supplement the existing workforce.

Temporary employees

All systems that are mission critical should be enrolled in PSV measurement.

True

CM assists in streamlining change management processes and prevents changes that could detrimentally affect the security posture of a system before they happen.

True

External monitoring entails collecting intelligence from various data sources and then giving that intelligence context and meaning for use by decision makers within the organization.

True

ISSAP stands for Information Systems Security Architecture Professional.

True

Intelligence for external monitoring can come from a number of sources: Vendors, CERT organizations, public network sources and membership sites.

True

Organizations should have a carefully planned and fully populated inventory of all their network devices, communication and computing devices. ___

True

Over time, external monitoring processes should capture information about the external environment in a format that can be referenced both across the organization as threats emerge and for historical use.

True

Over time, policies and procedures may become inadequate because of changes in agency mission and operational requirements, threats, or the environment.

True

Remediation of vulnerabilities can be accomplished by accepting or transferring the risk, removing the threat, or repairing the vulnerability.

True

Security managers accomplish objectives identified by the CISO and resolve issues identified by technicians. _______________________

True

Security managers are accountable for the day-to-day operation of the information security program.

True

The International Society of Forensic Computer Examiners (ISFCE) offers two levels of certification, the Certified Computer Examiner (CCE) and the Master Certified Computer Examiner (MCCE).

True

The basic function of the external monitoring process is to monitor activity, report results, and escalate warnings.___

True

The general management community of interest must work with the information security professionals to integrate solid information security concepts into the personnel management practices of the organization

True

The organization should integrate the security awareness education into a new hire's ongoing job orientation and make it a part of every employee's on-the-job security training.

True

The process of identifying and documenting specific and provable flaws in the organization's information asset environment is called vulnerability assessment(VA)____.

True

The process of integrating information security perspectives into the hiring process begins with reviewing and updating all job descriptions.

True

The use of standard job descriptions can increase the degree of professionalism in the information security field.

True

To maintain a secure facility, all contract employees should be escorted from room to room, as well as into and out of the facility.

True

US-CERT is generally viewed as the definitive authority for computer emergency response teams.

True

Upper management should learn more about the budgetary needs of the information security function and the positions within it. _____________

True

When possible, major incident response plan elements should be rehearsed.

True

n many organizations, information security teams lacks established roles and responsibilities.

True

____ penetration testing is usually used when a specific system or network segment is suspect and the organization wants the pen tester to focus on a particular aspect of the target.

White Box

One approach that can improve the situational awareness of the information security function uses a process known as ____ to quickly identify changes to the internal environment.

difference analysis

The CISA credential is touted by ISACA as the certification that is appropriate for all but which type of professionals?

accounting

A(n) ___ item is a hardware item that is to be modified and revised throughout its live cycle.

configuration

To evaluate the performance of a security system, administrators must establish system performance ___.

baselines.

The International Society of Forensic Computer Examiners (ISFCE) offers which certifications

booth of these certifications

__________ is a cornerstone in the protection of information assets and in the prevention of financial loss.

separation of duties

__________ is the requirement that every employee be able to perform the work of another employee.

task rotation

A ____ is the recorded state of a particular revision of a software or hardware configuration item.

version