Information Security Chapter

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Systems-specific security policies are formalized as written documents readily identifiable as policy.

False

The SETA program is the responsibility of the ____ and is a control measure designed to reduce the incidences of accidental security breaches by employees.

CISO

The global information security community has universally agreed with the justification for the code of practices as identified in the ISO/IEC 17799.

False

The security blueprint is the basis for the design, selection, and implementation of all security program elements including such things as policy implementation and ongoing policy management.

True

To remain viable, security policies must have a responsible individual, a schedule of reviews, a method for making recommendations for reviews, and a policy issuance and planned revision date.

True

You can create a single comprehensive ISSP document covering all information security issues.

True

Some policies may need a(n) ____________________ indicating their expiration date.

Sunset Clause

____ often function as standards or procedures to be used when configuring or maintaining systems.

SysSPs

____________________-specific security policies often function as standards or procedures to be used when configuring or maintaining systems.

Systems

Technical controls are the tactical and technical implementations of security in the organization.

True

The Federal Agency Security Practices (FASP) site is a popular place to look up best practices.

True

The Federal Bureau of Investigation deals with many computer crimes that are categorized as felonies.

True

Strategic planning is the process of moving the organization towards its ____.

Vision

The ____________________ of an organization is a written statement about the organization's goals answering the question of where the organization will be in five years.

Vision

A(n) ____________________ message is a scripted description of an incident, usually just enough information so that each individual knows what portion of the IR plan to implement, and not enough to slow down the notification process.

Alert

The first phase in the development of the contingency planning process is the ____.

BIA

SP 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, provides best practices and security principles that can direct the security team in the development of a security ____.

Blueprint

What country adopted ISO/IEC 17799?

Britain

A(n) _________________________ plan ensures that critical business functions continue if a catastrophic incident or disaster occurs.

Business Continuity

Incident ____________________ is the process of examining a potential incident, or incident candidate, and determining whether or not the candidate constitutes an actual incident.

Classification

A ____ site provides only rudimentary services and facilities.

Cold

A cold site provides many of the same services and options of a hot site.

False

A firewall can be a single device or a firewall extranet, which consists of multiple firewalls creating a buffer between the outside and inside networks.

False

A managerial guidance SysSP document is created by the IT experts in a company to guide management in the implementation and configuration of technology.

False

A policy should state that if employees violate a company policy or any law using company technologies, the company will protect them, and the company is liable for the employee's actions.

False

Disaster recovery personnel must know their roles without supporting documentation.

True

Each policy should contain procedures and a timetable for periodic review.

True

Evidence is the physical object or documented information that proves an action occurred or identifies the intent of a perpetrator.

True

A(n) IR plan ensures that critical business functions continue if a catastrophic incident or disaster occurs.

False

A(n) full backup only archives the files that have been modified that day, and thus requires less space and time than the differential.

False

Database shadowing only processes a duplicate in real-time data storage but does not duplicate the databases at the remote site.

False

Proxy servers can temporarily store a frequently visited Web page, and thus are sometimes called demilitarized servers.

False

The ISSP sets out the requirements that must be met by the information security blueprint or framework.

False

The Security Area Working Group endorses ISO/IEC 17799.

False

The security framework is a more detailed version of the security blueprint.

False

The standard should begin with a clear statement of purpose.

False

The vision of an organization is a written statement of an organization's purpose.

False

Within security perimeters the organization can establish security circles.

False

A(n) ____________________ is a device that selectively discriminates against information flowing into or out of the organization.

Firewall

Computer ____________________ is the process of collecting, analyzing, and preserving computer-related evidence.

Forensics

A security ____ is an outline of the overall information security strategy for the organization and a roadmap for planned changes to the information security environment of the organization.

Framework

The security ____________________ is an outline of the overall information security strategy for the organization and a roadmap for planned changes to the information security environment of the organization.

Framework

A(n) ____________________ site is a fully configured computer facility, with all services, communications links, and physical plant operations including heating and air conditioning.

Hot

____ controls cover security processes that are designed by strategic planners and implemented by the security administration of the organization.

Managerial

____________________ controls are security processes that are designed by strategic planners and implemented by the security administration of the organization.

Managerial

RAID Level 1 is commonly called disk ____________________.

Mirroring

A(n) ____________________ is a contract between two or more organizations that specifies how each will assist the other in the event of a disaster.

Mutual Agreement

A(n) ____________________ server performs actions on behalf of another system.

Proxy

The transfer of live transactions to an off-site facility is called ____________________.

Remote Journaling

Incident ____________________ is the set of activities taken to plan for, detect, and correct the impact of an incident on information assets.

Response

RAID ____ drives can be hot swapped.

5

A(n) ____________________ is a detailed examination of the events that occurred from first detection to final recovery.

AAR or After- Action Review

Redundancy can be implemented at a number of points throughout the security architecture, such as in ____.

Access Controls Firewalls and Proxy servers

The policy champion and manager is called the policy ____________________.

Administrator

Incident damage ____ is the rapid determination of the scope of the breach of the confidentiality, integrity, and availability of information and information assets during or just following an incident.

Assessment

Effective management includes planning and ____.

Controlling Organizing and Leading

The actions taken during and after a disaster are referred to as ____________________ management.

Crisis

A buffer against outside attacks is frequently referred to as a(n) ____.

DMZ

Standards may be published, scrutinized, and ratified by a group, as in formal or ____ standards.

De jure

A(n) ____________________ backup is the storage of all files that have changed or been added since the last full backup.

Differential

Security ____ are the areas of trust within which users can freely communicate.

Domains

The ____ is based on and directly supports the mission, vision, and direction of the organization and sets the strategic direction, scope, and tone for all security efforts.

EISP

The transfer of large batches of data to an off-site facility is called ____.

Electronic Vaulting

A standard is a plan or course of action that conveys instructions from an organization's senior management to those who make decisions, take actions, and perform other duties.

False

A(n) honeynet is usually a computing device or a specially configured computer that allows or prevents access to a defined area based on a set of rules.

False

A(n) integrated information security policy is also known as a general security policy.

False

A(n) sequential roster is activated as the first person calls a few people on the roster, who in turn call a few other people.

False

ACLs are more specific to the operation of a system than rule-based policies and they may or may not deal with users directly.

False

Every member of the organization needs a formal degree or certificate in information security.

False

ISO/IEC 17799 is more useful than any other information security management approach.

False

Information security safeguards provide two levels of control: managerial and remedial.

False

Informational controls guide the development of education, training, and awareness programs for users, administrators, and management.

False

Laws are more detailed statements of what must be done to comply with policy.

False

NIST 800-14, The Principles for Securing Information Technology Systems, provides detailed methods for assessing, designing, and implementing controls and plans for applications of varying size.

False

One of the basic tenets of security architectures is the layered implementation of security, which is called defense in layers.

False

The Security Area Working Group acts as an advisory board for the protocols and areas developed and promoted by the Internet Society and the ____.

IETF

A(n) ____ plan deals with the identification, classification, response, and recovery from an incident.

IR

The stated purpose of ____ is to "give recommendations for information security management for use by those who are responsible for initiating, implementing, or maintaining security in their organization."

ISO/IEC 27002

A(n) ____________________ is any clearly identified attack on the organization's information assets that would threaten the assets' confidentiality, integrity, or availability.

Incident

Security training provides detailed information and hands-on instruction to employees to prepare them to perform their duties securely.

True

____-based IDPSs look at patterns of network traffic and attempt to detect unusual activity based on previous baselines.

Network

____ controls address personnel security, physical security, and the protection of production inputs and outputs.

Operational

A security ____________________ defines the boundary between the outer limit of an organization's security and the beginning of the outside world.

Perimeter

A(n) ____________________ is a plan or course of action that conveys instructions from an organization's senior management to those who make decisions, take actions, and perform other duties.

Policy

Some policies may also need a(n) sunset clause indicating their expiration date.

True

An attack ____________________ is a detailed description of the activities that occur during an attack.

Profile

Implementing multiple types of technology and thereby precluding that the failure of one system will compromise the security of information is referred to as ____________________.

Redundancy

An alert ____ is a document containing contact information for the people to be notified in the event of an incident.

Roster

The spheres of ____ are the foundation of the security framework and illustrate how information is under attack from a variety of sources.

Security

The gateway router can be used as the front-line defense against attacks, as it can be configured to allow only set types of protocols to enter.

True

The policy administrator is responsible for the creation, revision, distribution, and storage of the policy.

True

A disaster recovery plan addresses the preparation for and recovery from a disaster, whether natural or man-made.

True

A service bureau is an agency that provides a service for a fee.

True

A(n) capability table specifies which subjects and objects users or groups can access.

True

A(n) contingency plan is prepared by the organization to anticipate, react to, and recover from events that threaten the security of information and information assets in the organization, and, subsequently, to restore the organization to normal modes of business operations.

True

Additional redundancy to RAID can be provided by mirroring entire servers called redundant servers or server fault tolerance.

True

Failure to develop an information security system based on the organization's mission, vision, and culture guarantees the failure of the information security program.

True

Host-based IDPSs are usually installed on the machines they protect to monitor the status of various files stored on those machines.

True

Management controls address the design and implementation of the security planning process and security program management.

True

Many industry observers claim that ISO/IEC 17799 is not as complete as other frameworks.

True

NIST Special Publication 800-18 Rev. 1, The Guide for Developing Security Plans for Federal Information Systems, includes templates for major application security plans.

True

NIST documents can assist in the design of a security framework.

True

Policies are living documents that must be managed.

True

Quality security programs begin and end with policy.

True

SP 800-18 Rev. 1, The Guide for Developing Security Plans for Federal Information Systems, must be customized to fit the particular needs of a(n) organization.

True


Ensembles d'études connexes

English File Advanced Vocabulary : Money

View Set

Resistance and the Abolition Movement

View Set