Week 6 - Creating a Company Culture for Security
A strong password is a good step towards good security, but what else is recommended to secure authentication? Strong encryption Vulnerability scanning 2-factor authentication Password rotation
2-factor authentication
What's a quick and effective way of evaluating a third party's security? A security assessment questionnaire A signed contract A manual evaluation of all security systems A comprehensive penetration testing review
A security assessment questionnaire
When you are working on your laptop in a public area, always _____ when you get up to use the restroom. Set up a VPN. Lock your screen. Ask permission to leave. Take your smartphone.
Lock your screen.
Which of these are examples of security tools that can scan computer systems and networks for vulnerabilities? Check all that apply. Wireshark OpenVAS Nessus Qualys
OpenVAS Nessus Qualys
Which of these are bad security habits commonly seen amongst employees in the workplace? Check all that apply. Log out of website session Lock desktop screen Password on a post-it note Leave laptop logged in and unattended
Password on a post-it note Leave laptop logged in and unattended
When considering third-party service providers to host sensitive data, you should conduct a vendor risk review. What actions does this include? Check all that apply. Test the vendor's hardware or software. Ask vendor for a cost comparison. Ask vendor to fill out a security questionnaire. Talk to vendor employees.
Test the vendor's hardware or software. Ask vendor to fill out a security questionnaire.
Security risk assessment starts with _____. Attack impact Payment processing Threat modeling Outside attackers
Threat modeling
What's the first step in performing a security risk assessment? Logs analysis Threat modeling Vulnerability scanning Penetration testing
Threat modeling
What risk are you exposing your organization to when you contract services from a third party? Zero-day vulnerabilities Man-in-the-middle attacks Trusting the third party's security DDoS attacks
Trusting the third party's security
A company wants to restrict access to sensitive data. Only those who have a "need to know" will have access to this data. Strong access controls need to be implemented. Which of these examples, that don't include user identification, are used for 2-factor authentication? Check all that apply. U2F token Common Access Card Smart card Password
U2F token Password
Google provides free _____, which is a good starting point when assessing third-party vendors. Mobile phone services Cloud storage Business apps Vendor security assessment questionnaires
Vendor security assessment questionnaires
What tool can you use to discover vulnerabilities or dangerous misconfigurations on your systems and network? Antimalware software Firewalls Bastion hosts Vulnerability scanners
Vulnerability scanners
The very first step of handling an incident is _____ the incident. ignoring understanding detecting blaming
detecting
After a known good backup has been restored and the known vulnerabilities have been closed, systems should be thoroughly _____. backed up removed tested baselined
tested
Which of the following should be incorporated into a reasonably secure password policy that balances security with usability? Check all that apply. A length of at least 8 characters A requirement to use dictionary words A password expiration time of 6-12 months A complexity requirement of special characters and numbers
A length of at least 8 characters A password expiration time of 6-12 months A complexity requirement of special characters and numbers
When employees need to access sensitive data, they should do all of the following EXCEPT what? Provide justification Specify exact data needed A second signature Time limit
A second signature
Your company wants to establish good privacy practices in the workplace so that employee and customer data is properly protected. Well-established and defined privacy policies are in place, but they also need to be enforced. What are some ways to enforce these privacy policies? Check all that apply. Lease privilege Print customer information Audit access logs VPN connection
Audit access logs Lease privilege
How can events be reconstructed after an incident? By replaying security video footage By interviewing the people involved By doing analysis of forensic malware By reviewing and analyzing logs
By reviewing and analyzing logs
Beyond restoring normal operations and data, what else should be done during the recovery phase? Correct the underlying root cause Update documentation Assign blame for the incident Take systems offline
Correct the underlying root cause
Management wants to build a culture where employees keep security in mind. Employees should be able to access information freely and provide feedback or suggestions without worry. Which of these are great ideas for this type of culture? Check all that apply. Posters promoting good security behavior Desktop monitoring software Bring your own device Designated mailing list
Posters promoting good security behavior Designated mailing list
In the Payment Card Industry Data Security Standard (PCI DSS), which of these goals would benefit from encrypted data transmission? Protecting cardholder data Implement strong access control measures Maintaining a vulnerability management program Monitoring and testing networks regularly
Protecting cardholder data
Third-party services that require equipment on-site may require your company to do which of the following? Check all that apply. Provide additional monitoring via a firewall or agentless solution. Provide remote access to third-party service provider. Evaluate hardware in the lab first. Report any issues discovered from evaluating hardware.
Provide additional monitoring via a firewall or agentless solution. Evaluate hardware in the lab first. Report any issues discovered from evaluating hardware.
What characteristics are used to assess the severity of found vulnerabilities? Check all that apply. Remotely exploitable or not Type of access gained Use of encryption or not Chance of exploitation
Remotely exploitable or not Type of access gained Chance of exploitation
The incident response team found malware on several user workstations. Trying to remove the malware infection is becoming time consuming. There is important data on the workstations. Which of these actions will recover the workstations back to a malware-free state? Check all that apply. Replace network cable Replace the hard drive Rebuild the machine Restore file from backup
Restore file from backup
A co-worker needs to share a sensitive file with you, but it is too large to send via an encrypted email. The co-worker works out of a remote office. You work at headquarters. Which of these options would most likely be approved by the company's security policies? Check all that apply. Upload to a personal OneDrive Share directly via VPN Upload to a personal Google drive Upload to company secure cloud storage.
Share directly via VPN Upload to company secure cloud storage.
Periodic mandatory security training courses can be given to employees in what way? Check all that apply. One-on-one interviews Short video Brief quiz Interoffice memos
Short video Brief quiz
Once the scope of the incident is determined, the next step would be _____. containment documentation escalation remediation
containment