ECE Fund of Cybersecurity and Info Security: Ch 7

Ricky is reviewing security logs to independently assess security controls. Which security review process is Ricky engaging in? Monitor Audit Improve Secure

Audit

Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit? Does the organization have an effective password policy? Does the firewall properly block unsolicited network connection attempts? Who grants approval for access requests? Is the password policy uniformly enforced?

Does the firewall properly block unsolicited network connection attempts?

An SOC 1 report primarily focuses on security. True or False

False

During the secure phase of a security review, you review and measure all controls to capture actions and changes on the system. True or False

False

Anthony is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring? Remote administration error False positive error Clipping error False negative error

False positive error

Which regulatory standard would NOT require audits of companies in the United States? Sarbanes-Oxley Act (SOX) Personal Information Protection and Electronic Documents Act (PIPEDA) Health Insurance Portability and Accountability Act (HIPAA) Payment Card Industry Data Security Standard (PCI DSS)

Personal Information Protection and Electronic Documents Act (PIPEDA)

Which intrusion detection system strategy relies upon pattern matching? Behavior detection Traffic-based detection Statistical detection Signature detection

Signature detection

What is NOT generally a section in an audit report? Findings System configurations Recommendations Timeline for Implementation

System configurations

An auditing benchmark is the standard by which a system is compared to determine whether it is securely configured. True or False

True

Anomaly-based intrusion detection systems compare current activity with stored profiles of normal (expected) activity. True or False

True