Chapter 11 Reading (half butted)

The Trust Service Framework organizes IT-related controls into 5 principles, what are they

Security

Confidentiality

Privacy

Processing Integrity

Availability

What are the 4 steps in the security life cycle?

1. Assess threats and select risk response

2. Develop and communicate policy

3. Acquire and implement solutions

4. Monitor Performance

time based model of information security formula?

p > D + R

p= time it takes hacker to get in

D= time it takes for organization to detect attack

R= time it takes to respond and stop attack

If formula is satisfied then security procedures are effective

The Trust Services Framework identifies five principles for systems reliability. Which one of those five principles is a necessary prerequisite to the other​ four? (Reading question)

security

The Trust Services Principle​ "Confidentiality" focuses on? (Reading question)

protection of sensitive corporate data from unauthorized disclosure.

Authentication definition

process of verifying the identity of the person or device attempting to access the system

3 types of credentials for authentication

Something someone knows (password or pin)

Something someone has (smart card or id badge)

Some physical characteristic (fingerprint or typing pattern?)

Using 2 or more authentication methods at same time

multifactor authentication

Better than multimodal since credentials are independent of each other

Using 2 or more authentication methods of the same type at same time

multimodal authentication

authorization

process of restricting access of authenticated users to specific portions of the system and limiting what actions they are permitted to perform (goal is to maintain adequate segregation of duties)

When an authenticated employee attempts to access a particular information system resource, the system performs a

compatibility test, which compares the users credentials against the control matrix (to see if they have access)

what device connects an organizations information system to the internet

border router

the demilitarized zone is

a separate network located outside of the organization i.s. to permit access from the internet to selected resources

If the time an attacker takes to break through the​ organization's preventive controls is shorter than the sum of the time required for the organization to detect the attack and the time required to respond to the​ attack, then​ organization's security is considered (Reading question)

ineffective.

Which of the following is not an example of​ multi-factor authentication? (Reading question)

A passphrase and a security question - multimodal

Which device blocks or admits individual packets by examining information in the TCP and IP​ headers? (Reading question)

Firewall

Which step should happen first as part of the incident response​ process? (Reading question)

Recognition of an attack

Which of the following is the correct sequence of steps in the incident response​ process? (Reading question)

Recognize that a problem​ exists, stop the​ attack, repair the​ damage, learn from the attack

Change management and change control processes need to be applied to any modifications​ to: (Reading question)

• hardware.

• operating procedures.

• software.

Which of the following are indicators that an​ organization's change management and change control process is​ effective? (Reading question)

1. 
   Testing of all changes takes place in a system separate from the one used for regular business operations

2. A reduction in the number of problems that need to be fixed

3. A low number of emergency changes

Which of the following​ is(are) true? (Reading question)

2. Multifactor authentication is necessary for controlling access to virtualized systems.

3. The Cloud and virtualization increase the risk associated with unsupervised physical access.

4. Network access controls​ (e.g., firewalls, intrusion prevention systems​ (IPS), and intrusion detection systems​ (IDS)) should be employed both in the cloud and in virtualized systems.