Unformatted text preview: ITC482 REVISION #1 INTRO TO INFOSEC PLANNING
1 1. What is the definition of What security? How is a secure state usually achieved? state 2 1 Answer: Security is defined as Answer: “the quality or state of being the secure – to be free from to danger.” It means to be danger. It protected from adversaries and other hazards. Security is achieved with several approaches usually undertaken singly or used in a combination with one another. with
3 What is the C.I.A. triangle? Define What each of its component parts. each 4 2 Answer: The CIA triangle acts as the cornerstone of Answer: computer security since the days of the mainframe. Its component parts are Confidentiality, Integrity, and Availability. Availability. Confidentiality iis the property of preventing disclosure of s information to unauthorized individuals or systems. Integrity Means that data cannot be modified without Integrity Means authorization. Integrity is violated when an employee accidentally or with malicious intent deletes important data files, when a computer virus infects a computer, or other similar action takes place. other Availability For any information system to serve its purpose, For the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. 5 1. Define the InfoSec processes Define InfoSec processes of identification, authentication, authorization, and accountability. accountability. 6 3 Answer: Identification iis when an Answer: Identification s information system is able to recognize individual users. It is the first step in gaining access to secured information or areas. Authentication iis where a user Authentication s provides proof that he or she is who he or she really is. Authorization iis Authorization s the assurance that the user or the computer has been authorized to be granted access to specific information. Accountability iis when Accountability s a control provides assurance that all activities can be linked or attributed to a certain person or a process. to
7 1. What is management and what What is a manager? What roles do managers play as they execute their responsibilities? execute 8 4 Answer: Management is the process of Answer: achieving objectives/goals using a given set of resources. A manager is someone who works with and through other people by coordinating their work activities in order to accomplish the company’s desired accomplish desired goals. As managers execute their responsibilities, there are some specific roles needed to play within the company such as informational role, interpersonal role, and decisional role. decisional
9 1. What is a mission statement? What Why is it important? What does it contain? does 10 5 Answer: The mission statement Answer: explicitly declares the business of the organization, as well as its intended areas of operations. The mission statement must explain what the organization does and for whom. does 11 1. What is a vision statement? What Why is it important? What does it contain? does 12 6 Answer: The vision statement Answer: expresses what the organization wants to become. Vision statements should be ambitious; after all, they are meant to express the aspirations of the organization and to serve as a means for visualizing its future. means
13 1. Describe top-down strategic down planning. How does it differ from bottom-up strategic from up planning? Which is usually more effective in implementing security in a large, diverse organization 14 7 Answer: Top down strategic planning involves high level Answer: Top strategic managers providing resources and giving directions. Directors also issue polices, procedures and processes and dictate the goals and expected outcomes of the project, they also determine whose is accountable for each of the required actions. Difference between bottom up planning and top down planning is that in top up planning managers give directions on how projects should be handled while in bottom up planning system bottom planning administrators give directions on how on how projects should be handled. Of the two top down and bottom up planning the most effective is in implementing security in a large diverse organization is top down planning since it encompasses critical features such as coordination between departments, coordinated plans from top management, provision of sufficient resources and it also includes support from end users. support 15 1. What is the difference between What a threat and an attack? threat 16 8 Answer: An attack is a deliberate Answer: act that exploits a vulnerability, whereas, a threat is when a system is in danger of being attacked. attacked. 17 1. List and describe the three List sets of procedures used to detect, contain, and resolve an incident. incident. 18 9 Answer: A team creates three sets of Answer: procedures for incident handling. The first set of procedures is that which must be performed during the incident. These procedures are function-specific and they procedures specific are grouped and assigned to individuals. The second set of procedures is that which must be performed after the incident. These procedures also may be functionThese specific. The third set of procedures is that specific. which must be performed to prepare for the incident. These procedures include the details of the data backup schedules, disaster recovery preparation, training schedules, testing plans, copies of service agreements, and business continuity plans. agreements,
19 1. What are the three types of What general planning? Define each. each. 20 10 Answer: Three types of general Answer: planning are tactical, strategic and operational. Tactical planning focuses on resource planning by those just under “senior senior management” to cover a time period management to of no more than 5 years. Strategic planning is planning done at the highest level of an organization, and usually covers a time period of more than 5 years. Operational planning is short-term, day-to-day planning of is day resources. resources.
21 1. Who are the stakeholders? Who Why is it important to consider their views when planning? their 22 11 Answer: Stakeholders are people Answer: that will make money or lose money depending on how the business is doing. Stakeholders provide a lot of the financing for a business so they need to be consulted. consulted. 23 1. What is the primary objective What of the SecSDLC? What are its SecSDLC What major steps, and what are the major objectives of each step? major 24 12 Answer: The SecSDLC iinvolves the identification of Answer: SecSDLC nvolves specific threats and the risks that they represent, and the subsequent design and implementation of specific controls to counter those threats and assist in the management of the risk. The major steps and their objectives are: their
Investigation – Teams of managers, employees, and contractors Teams are assembled to analyze problems, define their scope, specify analyze problems, goals, and objectives and identify any additional constraints not goals, covered in the enterprise security policy. covered Analyze – In this phase, the documents from the investigation Analyze In phase are studied. Logical Design – The team members create and develop the The blueprint for security, and examine and implement key policies that influence later decisions. Physical Design – Team members evaluate the technology Team needed to support the security blueprint, generate alternative solutions, and agree upon a final decision. Implementation – The security solutions are acquired, tested, The implemented, and tested again. Maintenance – The most important phase. Information systems The need constant monitoring, testing, modification, updating and repairing. repairing.
25 1. What is a Incident Response What Plan, and why is it important? Plan, 26 13 Answer: The IRP is a detailed set IRP of processes and procedures that anticipate, detect, and mitigate the impact of an unexpected event that might compromise information resources and assets. Incident response (IR) is a set of procedures that commence when an incident is detected when
27 1. What is a disaster recovery What plan, and why is it important to the organization? the 28 14 Answer: The disaster recovery plan is Answer: the preparation for and recovery from a disaster. Disasters may be man-made or natural. The disaster man made recover plan is critical to the organization because it allows incidents identified by the incident response team to be escalated to the level of disaster. At this point the disaster recovery team must use this plan to determine how to reestablish reestablish business operations at the location business where the disaster occurred and the business is located. business
29 1. What is a business continuity What plan, and why is it important? plan, 30 15 Answer: A business contingency Answer: plan ensures that critical business functions can continue is disaster occurs. It is important because if you do not have even the critical functions u, then you not business at all. u, 31 1. List and describe the three List sets of procedures used to detect, contain, and resolve an incident? incident? 32 16 Answer: The CP team creates three sets of Answer: procedures for incident handling. The first set of procedures is that which must be performed during the incident. These procedures are function-specific and they procedures specific are grouped and assigned to individuals. The second set of procedures is that which must be performed after the incident. These procedures also may be functionThese specific. The third set of procedures is that specific. which must be performed to prepare for the incident. These procedures include the details of the data backup schedules, disaster recovery preparation, training schedules, testing plans, copies of service agreements, and business continuity plans. agreements,
33 17 ...
View Full Document