Deck 9: Security Management Practices
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/59
Play
Full screen (f)
Deck 9: Security Management Practices
1
What are the legal requirements that an organization adopt a standard based on what a prudent organization should do,and then maintain that standard?
A) Certification and accreditation
B) Best practices
C) Due care and due diligence
D) Baselining and benchmarking
A) Certification and accreditation
B) Best practices
C) Due care and due diligence
D) Baselining and benchmarking
C
2
Creating a blueprint by looking at the paths taken by organizations similar to the one whose plan you are developing is known as which of the following?
A) benchmarking
B) best practices
C) baselining
D) due diligence
A) benchmarking
B) best practices
C) baselining
D) due diligence
A
3
Performance measurements are seldom required in today's regulated InfoSec environment.
False
4
Standardization is an an attempt to improve information security practices by comparing an organization's efforts against those of a similar organization or an industry-developed standard to produce results it would like to duplicate.____________
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
5
Recommended practices are those security efforts that seek to provide a superior level of performance in the protection of information.____________
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following is NOT a question to be used as a self-assessment for recommended security practices in the category of people?
A) Do you perform background checks on all employees with access to sensitive data,areas, or access points?
B) Are the user accounts of former employees immediately removed on termination?
C) Would the typical employee recognize a security issue?
D) Would the typical employee know how to report a security issue to the right people?
A) Do you perform background checks on all employees with access to sensitive data,areas, or access points?
B) Are the user accounts of former employees immediately removed on termination?
C) Would the typical employee recognize a security issue?
D) Would the typical employee know how to report a security issue to the right people?
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
7
Which of the following is a possible result of failure to establish and maintain standards of due care and due diligence?
A) Baselining
B) Legal liability
C) Competitive disadvantage
D) Certification revocation
A) Baselining
B) Legal liability
C) Competitive disadvantage
D) Certification revocation
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
8
A comprehensive assessment of a system's technical and nontechnical protection strategies,as specified by a particular set of requirements is known as accreditation.____________
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
9
A standard of due process is a legal standard that requires an organization and its employees to act as a "reasonable and prudent" individual or organization would under similar circumstances.____________
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
10
Data or the trends in data that may indicate the effectiveness of security countermeasures or controls-technical and managerial-implemented in the organization are known as program measurements.____________
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
11
One question you should ask when choosing among recommended practices is "Can your organization afford to implement the recommended practice?"
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
12
The biggest barrier to baselining in InfoSec is the fact that many organizations do not share warnings with other organizations.____________
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
13
One of the critical tasks in the measurement process is to assess and quantify what will be measured and how it is measured.____________
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
14
Which of the following is NOT a consideration when selecting recommended best practices?
A) Threat environment is similar
B) Resource expenditures are practical
C) Organization structure is similar
D) Same certification and accreditation agency or standard
A) Threat environment is similar
B) Resource expenditures are practical
C) Organization structure is similar
D) Same certification and accreditation agency or standard
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
15
A performance measure is an an assessment of the performance of some action or process against which future performance is assessed._____________
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
16
Problems with benchmarking include all but which of the following?
A) Organizations don't often share information on successful attacks
B) Organizations being benchmarked are seldom identical
C) Recommended practices change and evolve, thus past performance is no indicator of future success
D) Benchmarking doesn't help in determining the desired outcome of the security process
A) Organizations don't often share information on successful attacks
B) Organizations being benchmarked are seldom identical
C) Recommended practices change and evolve, thus past performance is no indicator of future success
D) Benchmarking doesn't help in determining the desired outcome of the security process
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
17
Attaining certification in security management is a long and difficult process,but once attained,an organization remains certified for the life of the organization.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
18
A company striving for 'best security practices' makes every effort to establish security program elements that meet every minimum standard in their industry.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
19
Using a practice called baselining,you are able to develop policy based on the typical practices of the industry in which you are working.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
20
The authorization by an oversight authority of an IT system to process,store,or transmit information is known as certification.____________
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
21
Which of the following is the first phase in the NIST process for performance measurement implementation?
A) Develop the business case
B) Obtain resources
C) Prepare for data collection
D) Identify corrective actions
A) Develop the business case
B) Obtain resources
C) Prepare for data collection
D) Identify corrective actions
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
22
Which of the following is NOT a factor critical to the success of an information security performance program?
A) Strong upper level management support
B) High level of employee buy-in
C) Quantifiable performance measurements
D) Results oriented measurement analysis
A) Strong upper level management support
B) High level of employee buy-in
C) Quantifiable performance measurements
D) Results oriented measurement analysis
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
23
A goal of 100 percent employee InfoSec training as an objective for the training program is an example of a performance __________.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
24
A practice related to benchmarking is ____________,which is a measurement against a prior assessment or an internal goal.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
25
Which of the following is NOT one of the three types of performance measures used by organizations?
A) Those that determine the effectiveness of the execution of InfoSec policy
B) Those that determine the effectiveness and/or efficiency of the delivery of InfoSec services
C) Those that evaluate the compliance of non-security personnel in adhering to InfoSec policy
D) Those that assess the impact of an incident or other security event on the organizationor its mission
A) Those that determine the effectiveness of the execution of InfoSec policy
B) Those that determine the effectiveness and/or efficiency of the delivery of InfoSec services
C) Those that evaluate the compliance of non-security personnel in adhering to InfoSec policy
D) Those that assess the impact of an incident or other security event on the organizationor its mission
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
26
InfoSec measurements collected from production statistics depend greatly on which of the following factors?
A) Types of performance measures developed
B) Number of systems and users of those systems
C) Number of monitored threats and attacks
D) Activities and goals implemented by the business unit
A) Types of performance measures developed
B) Number of systems and users of those systems
C) Number of monitored threats and attacks
D) Activities and goals implemented by the business unit
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
27
The InfoSec measurement development process recommended by NIST is is divided into two major activities.Which of the following is one of them?
A) Regularly monitor and test networks
B) Identification and definition of the current InfoSec program
C) Maintain a vulnerability management program
D) Compare organizational practices against organizations of similar characteristics
A) Regularly monitor and test networks
B) Identification and definition of the current InfoSec program
C) Maintain a vulnerability management program
D) Compare organizational practices against organizations of similar characteristics
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
28
Best security practices balance the need for user _____________ to information with the need for adequate protection while simultaneously demonstrating fiscal responsibility.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
29
Which of the following InfoSec measurement specifications makes it possible to define success in the security program?
A) Development approach
B) Establishing targets
C) Prioritization and selection
D) Measurements templates
A) Development approach
B) Establishing targets
C) Prioritization and selection
D) Measurements templates
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
30
In security management,which of the following is issued by a management official and serves as a means of assuring that systems are of adequate quality?
A) Accreditation
B) Certification
C) Performance measurement
D) Testimonial
A) Accreditation
B) Certification
C) Performance measurement
D) Testimonial
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
31
When choosing from among recommended practices,an organization should consider a number of questions. List four.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
32
Which of the following is NOT a question a CISO should be prepared to answer,about a performance measures program,according to Kovacich?
A) Why should these measurements be collected?
B) Where will these measurements be collected?
C) What affect will measurement collection have on efficiency?
D) Who will collect these measurements?
A) Why should these measurements be collected?
B) Where will these measurements be collected?
C) What affect will measurement collection have on efficiency?
D) Who will collect these measurements?
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
33
Organizations must consider all but which of the following during development and implementation of an InfoSec measurement program?
A) Measurements must yield quantifiable information
B) Data that supports the measures needs to be readily obtainable
C) Only repeatable InfoSec processes should be considered for measurement
D) Measurements must be useful for tracking non-compliance by internal personnel
A) Measurements must yield quantifiable information
B) Data that supports the measures needs to be readily obtainable
C) Only repeatable InfoSec processes should be considered for measurement
D) Measurements must be useful for tracking non-compliance by internal personnel
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
34
Which of the following is the last phase in the NIST process for performance measures implementation?
A) Apply corrective actions
B) Obtain resources
C) Document the process
D) Develop the business case
A) Apply corrective actions
B) Obtain resources
C) Document the process
D) Develop the business case
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
35
Which of the following terms is described as the process of designing,implementing,and managing the use of the collected data elements to determine the effectiveness of the overall security program?
A) Performance management
B) Baselining
C) Best practices
D) Standards of due care/diligence
A) Performance management
B) Baselining
C) Best practices
D) Standards of due care/diligence
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
36
Which of the following is Tier 3 (indicating environment of operation)of the tiered risk management approach?
A) Mission/business process
B) Information system
C) Accounting/logistics
D) Organization
A) Mission/business process
B) Information system
C) Accounting/logistics
D) Organization
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
37
____________________ encompasses a requirement that the implemented standards continue to provide the required level of protection.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
38
According to NIST SP 800-37,which of the following is the first step in the security controls selection process?
A) Categorize the information system and the information processed
B) Select an initial set of baseline security controls
C) Assess the security controls using appropriate assessment procedures
D) Authorize information system operation based on risk determination
A) Categorize the information system and the information processed
B) Select an initial set of baseline security controls
C) Assess the security controls using appropriate assessment procedures
D) Authorize information system operation based on risk determination
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
39
The Authorize step of the NIST six-step approach to the risk management framework involves all but which of the following tasks?
A) Prepare the plan of action and develop milestones
B) Assemble the security authorization package
C) Determine if the cost/benefit ratio is acceptable
D) Determine the risk to organizational operations
A) Prepare the plan of action and develop milestones
B) Assemble the security authorization package
C) Determine if the cost/benefit ratio is acceptable
D) Determine the risk to organizational operations
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
40
The last phase in the NIST performance measures implementation process is to apply ______________ actions which closes the gap found in Phase 2.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
41
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
Those procedures that provide a superior level of security for an organization's information.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
Those procedures that provide a superior level of security for an organization's information.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
42
List the four factors critical to the success of an InfoSec performance program,according to NIST SP 800-55,Rev.1.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
43
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
An attempt to improve information security practices by comparing an organization's efforts against practices of a similar organization or an industry-developed standard to produce results it would like to duplicate.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
An attempt to improve information security practices by comparing an organization's efforts against practices of a similar organization or an industry-developed standard to produce results it would like to duplicate.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
44
The process of implementing a performance measures program recommended by NIST involves six phases. List and describe them.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
45
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
An assessment of the performance of some action or process against which future performance is assessed.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
An assessment of the performance of some action or process against which future performance is assessed.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
46
What are the two major activities into which the InfoSec measurement development process recommended by NIST is divided?
ANSWER: 1.Identification and definition of the current InfoSec program
2.Development and selection of specific measurements to gauge the implementation,effectiveness,efficiency,and impact of the security controls
ANSWER: 1.Identification and definition of the current InfoSec program
2.Development and selection of specific measurements to gauge the implementation,effectiveness,efficiency,and impact of the security controls
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
47
Compare and contrast accreditation and certification.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
48
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
The authorization of an IT system to process,store,or transmit information.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
The authorization of an IT system to process,store,or transmit information.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
49
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
Those security efforts that are considered among the best in the industry.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
Those security efforts that are considered among the best in the industry.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
50
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
A legal standard that requires an organization and its employees to act as a reasonable and prudent individual or organization would under similar circumstances.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
A legal standard that requires an organization and its employees to act as a reasonable and prudent individual or organization would under similar circumstances.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
51
Why must you do more than simply list the InfoSec measurements collected when reporting them? Explain.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
52
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
A common approach to a Risk Management Framework (RMF)for InfoSec practice.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
A common approach to a Risk Management Framework (RMF)for InfoSec practice.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
53
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
A comprehensive assessment of a system's technical and nontechnical protection strategies,as specified by a particular set of requirements.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
A comprehensive assessment of a system's technical and nontechnical protection strategies,as specified by a particular set of requirements.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
54
Describe the three tier approach of the RMF as defined by NIST SP 800-37.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
55
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
The data or the trends in data that may indicate the effectiveness of security countermeasures or controls-technical and managerial-implemented in the organization.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
The data or the trends in data that may indicate the effectiveness of security countermeasures or controls-technical and managerial-implemented in the organization.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
56
Why it measurement prioritization and selection important? How can it be achieved?
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
57
a. Accreditation
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
The actions that demonstrate that an organization has made a valid effort to protect others a requirement and that the implemented standards continue to provide the required level of protection.
b. Baseline
c. Benchmarking
d. Certification
e. due diligence
f. best security practices
g. recommended business practices
h. standard of due care
i. performance measurements
j. NIST SP 800-37
The actions that demonstrate that an organization has made a valid effort to protect others a requirement and that the implemented standards continue to provide the required level of protection.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
58
Before beginning the process of designing,collecting,and using measures,the CISO should be prepared to answer the following questions posed by Kovacich. List four of these questions.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck
59
On what do measurements collected from production statistics greatly depend? Explain your answer.
Unlock Deck
Unlock for access to all 59 flashcards in this deck.
Unlock Deck
k this deck