Information Security Chapter 5 – Flashcards
Unlock all answers in this set
Unlock answersquestion
A firewall can be a single device or a firewall extranet, which consists of multiple firewalls creating a buffer between the outside and inside networks.
answer
False
question
A(n) full backup only archives the files that have been modified that day, and thus requires less space and time than the differential.
answer
False
question
A(n) contingency plan is prepared by the organization to anticipate, react to, and recover from events that threaten the security of information and information assets in the organization, and, subsequently, to restore the organization to normal modes of business operations.
answer
True
question
NIST documents can assist in the design of a security framework.
answer
True
question
The security framework is a more detailed version of the security blueprint.
answer
False
question
Technical controls are the tactical and technical implementations of security in the organization.
answer
True
question
A managerial guidance SysSP document is created by the IT experts in a company to guide management in the implementation and configuration of technology.
answer
False
question
ISO/IEC 17799 is more useful than any other information security management approach.
answer
False
question
The Federal Bureau of Investigation deals with many computer crimes that are categorized as felonies.
answer
True
question
Quality security programs begin and end with policy.
answer
True
question
A policy should state that if employees violate a company policy or any law using company technologies, the company will protect them, and the company is liable for the employee's actions.
answer
False
question
A disaster recovery plan addresses the preparation for and recovery from a disaster, whether natural or man-made.
answer
True
question
Many industry observers claim that ISO/IEC 17799 is not as complete as other frameworks.
answer
True
question
Proxy servers can temporarily store a frequently visited Web page, and thus are sometimes called demilitarized servers.
answer
False
question
NIST 800-14, The Principles for Securing Information Technology Systems, provides detailed methods for assessing, designing, and implementing controls and plans for applications of varying size.
answer
False
question
A cold site provides many of the same services and options of a hot site.
answer
False
question
ACLs are more specific to the operation of a system than rule-based policies and they may or may not deal with users directly.
answer
False
question
Evidence is the physical object or documented information that proves an action occurred or identifies the intent of a perpetrator.
answer
True
question
NIST Special Publication 800-18 Rev. 1, The Guide for Developing Security Plans for Federal Information Systems, includes templates for major application security plans.
answer
True
question
A service bureau is an agency that provides a service for a fee.
answer
True
question
The Federal Agency Security Practices (FASP) site is a popular place to look up best practices.
answer
True
question
A standard is a plan or course of action that conveys instructions from an organization's senior management to those who make decisions, take actions, and perform other duties.
answer
False
question
Failure to develop an information security system based on the organization's mission, vision, and culture guarantees the failure of the information security program.
answer
True
question
One of the basic tenets of security architectures is the layered implementation of security, which is called defense in layers.
answer
False
question
A(n) integrated information security policy is also known as a general security policy.
answer
False
question
Each policy should contain procedures and a timetable for periodic review.
answer
True
question
A(n) IR plan ensures that critical business functions continue if a catastrophic incident or disaster occurs.
answer
False
question
Additional redundancy to RAID can be provided by mirroring entire servers called redundant servers or server fault tolerance.
answer
True
question
Disaster recovery personnel must know their roles without supporting documentation.
answer
True
question
A(n) honeynet is usually a computing device or a specially configured computer that allows or prevents access to a defined area based on a set of rules.
answer
False
question
Every member of the organization needs a formal degree or certificate in information security.
answer
False
question
Informational controls guide the development of education, training, and awareness programs for users, administrators, and management.
answer
False
question
Management controls address the design and implementation of the security planning process and security program management.
answer
True
question
Database shadowing only processes a duplicate in real-time data storage but does not duplicate the databases at the remote site.
answer
False
question
The gateway router can be used as the front-line defense against attacks, as it can be configured to allow only set types of protocols to enter.
answer
True
question
Laws are more detailed statements of what must be done to comply with policy.
answer
False
question
Security training provides detailed information and hands-on instruction to employees to prepare them to perform their duties securely.
answer
True
question
Host-based IDPSs are usually installed on the machines they protect to monitor the status of various files stored on those machines.
answer
True
question
Within security perimeters the organization can establish security circles.
answer
False
question
The global information security community has universally agreed with the justification for the code of practices as identified in the ISO/IEC 17799.
answer
False
question
You can create a single comprehensive ISSP document covering all information security issues.
answer
True
question
The Security Area Working Group endorses ISO/IEC 17799.
answer
False
question
The standard should begin with a clear statement of purpose.
answer
False
question
To remain viable, security policies must have a responsible individual, a schedule of reviews, a method for making recommendations for reviews, and a policy issuance and planned revision date.
answer
True
question
Some policies may also need a(n) sunset clause indicating their expiration date.
answer
True
question
The policy administrator is responsible for the creation, revision, distribution, and storage of the policy.
answer
True
question
The vision of an organization is a written statement of an organization's purpose.
answer
False
question
A(n) capability table specifies which subjects and objects users or groups can access.
answer
True
question
Information security safeguards provide two levels of control: managerial and remedial.
answer
False
question
Policies are living documents that must be managed.
answer
True
question
SP 800-18 Rev. 1, The Guide for Developing Security Plans for Federal Information Systems, must be customized to fit the particular needs of a(n) organization.
answer
True
question
A(n) sequential roster is activated as the first person calls a few people on the roster, who in turn call a few other people.
answer
False
question
The ISSP sets out the requirements that must be met by the information security blueprint or framework.
answer
False
question
The security blueprint is the basis for the design, selection, and implementation of all security program elements including such things as policy implementation and ongoing policy management.
answer
True
question
Systems-specific security policies are formalized as written documents readily identifiable as policy.
answer
False
question
Strategic planning is the process of moving the organization towards its ____.
answer
Vision
question
The ____________________ of an organization is a written statement about the organization's goals answering the question of where the organization will be in five years.
answer
Vision
question
Incident damage ____ is the rapid determination of the scope of the breach of the confidentiality, integrity, and availability of information and information assets during or just following an incident.
answer
Assessment
question
Effective management includes planning and ____.
answer
Controlling Organizing and Leading
question
The transfer of live transactions to an off-site facility is called ____________________.
answer
Remote Journaling
question
The ____ is based on and directly supports the mission, vision, and direction of the organization and sets the strategic direction, scope, and tone for all security efforts.
answer
EISP
question
A(n) ____________________ server performs actions on behalf of another system.
answer
Proxy
question
What country adopted ISO/IEC 17799?
answer
Britain
question
The spheres of ____ are the foundation of the security framework and illustrate how information is under attack from a variety of sources.
answer
Security
question
A(n) ____________________ is a contract between two or more organizations that specifies how each will assist the other in the event of a disaster.
answer
Mutual Agreement
question
____ controls address personnel security, physical security, and the protection of production inputs and outputs.
answer
Operational
question
A(n) ____________________ is a plan or course of action that conveys instructions from an organization's senior management to those who make decisions, take actions, and perform other duties.
answer
Policy
question
Computer ____________________ is the process of collecting, analyzing, and preserving computer-related evidence.
answer
Forensics
question
A ____ site provides only rudimentary services and facilities.
answer
Cold
question
A(n) ____________________ is a detailed examination of the events that occurred from first detection to final recovery.
answer
AAR or After- Action Review
question
A(n) ____________________ is any clearly identified attack on the organization's information assets that would threaten the assets' confidentiality, integrity, or availability.
answer
Incident
question
Security ____ are the areas of trust within which users can freely communicate.
answer
Domains
question
The SETA program is the responsibility of the ____ and is a control measure designed to reduce the incidences of accidental security breaches by employees.
answer
CISO
question
____ controls cover security processes that are designed by strategic planners and implemented by the security administration of the organization.
answer
Managerial
question
RAID ____ drives can be hot swapped.
answer
5
question
The transfer of large batches of data to an off-site facility is called ____.
answer
Electronic Vaulting
question
The first phase in the development of the contingency planning process is the ____.
answer
BIA
question
The policy champion and manager is called the policy ____________________.
answer
Administrator
question
Implementing multiple types of technology and thereby precluding that the failure of one system will compromise the security of information is referred to as ____________________.
answer
Redundancy
question
An attack ____________________ is a detailed description of the activities that occur during an attack.
answer
Profile
question
A security ____ is an outline of the overall information security strategy for the organization and a roadmap for planned changes to the information security environment of the organization.
answer
Framework
question
Incident ____________________ is the set of activities taken to plan for, detect, and correct the impact of an incident on information assets.
answer
Response
question
The Security Area Working Group acts as an advisory board for the protocols and areas developed and promoted by the Internet Society and the ____.
answer
IETF
question
A buffer against outside attacks is frequently referred to as a(n) ____.
answer
DMZ
question
____________________ controls are security processes that are designed by strategic planners and implemented by the security administration of the organization.
answer
Managerial
question
A(n) ____________________ backup is the storage of all files that have changed or been added since the last full backup.
answer
Differential
question
____-based IDPSs look at patterns of network traffic and attempt to detect unusual activity based on previous baselines.
answer
Network
question
An alert ____ is a document containing contact information for the people to be notified in the event of an incident.
answer
Roster
question
A(n) ____________________ site is a fully configured computer facility, with all services, communications links, and physical plant operations including heating and air conditioning.
answer
Hot
question
A(n) ____________________ message is a scripted description of an incident, usually just enough information so that each individual knows what portion of the IR plan to implement, and not enough to slow down the notification process.
answer
Alert
question
Some policies may need a(n) ____________________ indicating their expiration date.
answer
Sunset Clause
question
A(n) ____________________ is a device that selectively discriminates against information flowing into or out of the organization.
answer
Firewall
question
____________________-specific security policies often function as standards or procedures to be used when configuring or maintaining systems.
answer
Systems
question
The stated purpose of ____ is to "give recommendations for information security management for use by those who are responsible for initiating, implementing, or maintaining security in their organization."
answer
ISO/IEC 27002
question
The security ____________________ is an outline of the overall information security strategy for the organization and a roadmap for planned changes to the information security environment of the organization.
answer
Framework
question
Standards may be published, scrutinized, and ratified by a group, as in formal or ____ standards.
answer
De jure
question
A(n) ____ plan deals with the identification, classification, response, and recovery from an incident.
answer
IR
question
Redundancy can be implemented at a number of points throughout the security architecture, such as in ____.
answer
Access Controls Firewalls and Proxy servers
question
A(n) _________________________ plan ensures that critical business functions continue if a catastrophic incident or disaster occurs.
answer
Business Continuity
question
____ often function as standards or procedures to be used when configuring or maintaining systems.
answer
SysSPs
question
Incident ____________________ is the process of examining a potential incident, or incident candidate, and determining whether or not the candidate constitutes an actual incident.
answer
Classification
question
SP 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, provides best practices and security principles that can direct the security team in the development of a security ____.
answer
Blueprint
question
A security ____________________ defines the boundary between the outer limit of an organization's security and the beginning of the outside world.
answer
Perimeter
question
RAID Level 1 is commonly called disk ____________________.
answer
Mirroring
question
The actions taken during and after a disaster are referred to as ____________________ management.
answer
Crisis