IT Security: Defense against the digital dark arts. Week6: Creating a Company Culture for Security
Data handling policies usually forbid the storing of confidential information on which of these devices? Check all that apply.
USB sticks; Storing confidential information on removable media such as USB sticks is usually forbidden. CD drives; Storing confidential information on removable media such as CD drives is usually forbidden.
What's a quick and effective way of evaluating a third party's security?
a security assessment questionnaire; A security assessment questionnaire would help you understand how well-defended a third party is, before deciding to do business with them.
What's the first step in handling an incident?
detect the incident; Before you can take any action, you have to be aware that an incident occurred in the first place.
What are some restrictions that should apply to sensitive and confidential data? Check all that apply.
it can be stored on encyrpted media only; Sensitive data should be treated with care so that an unauthorized third-party doesn't gain access. Ensuring this data is encrypted is an effective way to safeguard against unauthorized access.
In the Payment Card Industry Data Security Standard (PCI DSS), which of these goals would benefit from encrypted data transmission?
protecting cardholder data; To protect cardholder data, the transmission of cardholder data across open networks needs to be encrypted.
The incident response team found malware on several user workstations. Trying to remove the malware infection is becoming time consuming. There is important data on the workstations. Which of these actions will recover the workstations back to a malware-free state? Check all that apply.
rebuild the machine; Affected systems can be restored to a known good configuration by rebuilding the machine. restore file backup; After rebuilding the machine, user files can be restored from a backup store.
When you are working on your laptop in a public area, always _____ when you get up to use the restroom.
Lock your screen; When you are working on your laptop in a public space, like a coffee shop, lock your screen when you get up to use the restroom.
When handling credit card payments, your organization needs to adhere to the _____.
PCI DSS; When handling credit card payments, your organization needs to adhere to the Payment Card Industry Data Security Standard (PCI DSS).
_____ is the practice of attempting to break into a system or network for the purpose of verification of systems in place.
Penetration testing; Penetration testing is the practice of attempting to break into a system or network for the purpose of verification of systems in place.
What's the first step in performing a security risk assessment?
Threat modeling; Threat modeling is the process of identifying likely threats to your systems or network, and assigning them priorities. This is the first step to assessing your security risks.
What's a privacy policy designed to guard against?
misuse or abuse of sensitive data; Privacy policies are meant to govern the access and use of sensitive data for authorized parties.
What are some examples of security goals that you may have for an organization? Check all that apply.
to prevent unauthorized access to customer credentials to protect customer data from unauthorized access; These are super important goals. Safeguards or systems should be implemented to help achieve them. It's important to distinguish between a discrete goal and the mechanisms or defense systems that help you to achieve these goals. Defenses on their own aren't goals, but they allow us to work towards these goals.
How do you protect against a similar incident occurring again in the future?
conduct a post-incident analysis; By analyzing the incident and figuring out the details of how an attacker compromised a network or system, you can learn what vulnerabilities were exploited and take steps to close them.
Third-party services that require equipment on-site may require your company to do which of the following? Check all that apply.
provide additional monitoring via a firewall or agentless solution; Your company should monitor these third-party devices because it is a new potential attack surface on the network. provide remote access to third party service provider;Your company may need to open remote access for third-party service provider to maintain equipment. evaluate hardware in the lab first; Your company should evaluate the third-party devices in a lab, prior to being deployed on the network. report any issues discovered from evaluating hardware; After evaluating and monitoring the devices, any issues found should be reported to the vendor for remediation.
You're interested in using the services of a vendor company. How would you assess their security capabilities? Check all that apply.
ask them to provide any penetration testing or security assessment reports ask them to complete a questionnaire; A security assessment questionnaire allows you to quickly and efficiently get a broad understanding of what security measures a vendor company has in place. If available, any reports detailing penetration testing results or security assessments would also be valuable.
Which of these would you consider high-value targets for a potential attacker? Check all that apply.
customer credit card information authentication databases; Customer credit card data is really valuable to attackers, since it can be a hot commodity in the shadier areas of the internet. The same goes for authentication databases, since this could provide attackers with usernames and passwords that might give them access to accounts on other websites and services.
What's the purpose of a vulnerability scanner?
it detects vulnerabilities on your network and systems; A vulnerability scanner will scan and evaluate hosts on your network. It does this by looking for misconfigurations or vulnerabilities, then compiling a report with what it found.
What's the goal of mandatory IT security training for an organization? Check all that apply.
to educate employees on how to stay secure to build a culture that prioritizes security; IT security training for employees should be designed to educate them on how to keep themselves and the organization secure, and to encourage a culture of security.
What risk are you exposing your organization to when you contract services from a third party?
trusting the third party's security; You're trusting this third party to have reasonable security in place to protect the data or access you're entrusting them with.
What are some ways to combat against email phishing attacks for user passwords? Check all that apply.
user education; Helping users understand what a phishing email looks like can prevent them from visiting fake websites. spam filters; Spam filters can send phishing-like emails to the spam folder or block them completely.
