ECE Fund of Cybersecurity and Info Security: Ch 7
Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in? Monitor Audit Improve Secure
Audit
Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit? Does the organization have an effective password policy? Does the firewall properly block unsolicited network connection attempts? Who grants approval for access requests? Is the password policy uniformly enforced?
Does the firewall properly block unsolicited network connection attempts?
An SOC 1 report primarily focuses on security. True or False
False
During the secure phase of a security review, you review and measure all controls to capture actions and changes on the system. True or False
False
Anthony is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring? Remote administration error False positive error Clipping error False negative error
False positive error
Which regulatory standard would NOT require audits of companies in the United States? Sarbanes-Oxley Act (SOX) Personal Information Protection and Electronic Documents Act (PIPEDA) Health Insurance Portability and Accountability Act (HIPAA) Payment Card Industry Data Security Standard (PCI DSS)
Personal Information Protection and Electronic Documents Act (PIPEDA)
Which intrusion detection system strategy relies upon pattern matching? Behavior detection Traffic-based detection Statistical detection Signature detection
Signature detection
What is NOT generally a section in an audit report? Findings System configurations Recommendations Timeline for Implementation
System configurations
An auditing benchmark is the standard by which a system is compared to determine whether it is securely configured. True or False
True
Anomaly-based intrusion detection systems compare current activity with stored profiles of normal (expected) activity. True or False
True