CCSA Training

Question 1

Framework Profile represents

Answer 1

Represents the outcomes based on business needs an organization has selected from the Framework Categories and Subcategories.

Question 2

Current Profile

Answer 2

Indicated the cyber security outcomes that are currently being achieved.

Question 3

Target Profile

Answer 3

Indicates the outcomes needed to achieve the desired cyber security risk management goals

Question 4

What are the tiers of Framework implementation?

Answer 4

1. Partial
2. Risk Informed
3. Repeatable
4. Adaptive

Question 5

What is the partial risk management process?

Answer 5

Organizational cyber security risk management practices are not formalized, and risk is managed in an ad how and sometimes reactive manner.

Question 6

Partial Integrated Risk Management Program?

Answer 6

There is limited awareness of cyber security risk at the organizational level and an organizational-wide approach to managing cyber security risk has not been established.

Question 7

Partial External Partcipation

Answer 7

The organization is usually unaware of the cyber supply chain risks of the products and services it provides and that it uses.

Question 8

Risk Informed (Risk Management)

Answer 8

Prioritization of cyber security is directly informed by organizational risk objectives, the threat environment, or business/mission requirements.

Question 9

Risk Informed (Integrated Risk Management Program)

Answer 9

Cyber security is shared within the organization on an informal basis.

Question 10

Risk Informed(External Participation)

Answer 10

The organization collaborated with and receives some information from other entities and generated some of its own information, but may not share information with others.

Question 11

Repeatable (Risk Management Process)

Answer 11

Organizational cyber security practices are regularly updated based on the application of risk management processes to changes in business/mission requirements and a changing threat and technology landscape.

Question 12

Repeatable (Integrated Risk Management Program)

Answer 12

Risk-Informed policies, processes, and procedures are defined implemented as intended, and reviewed.

Question 13

Repeatable (External Partcipation)

Answer 13

It collaborates with and receives information from other entities regularly that complements internally generated information, and shares information with other entities.

Question 14

Adaptive (Risk Management Process)

Answer 14

The organization adapts its cybersecurity practices based on previous and current cybersecurity activities, including lessons learned and predictive indicators

Question 15

Adaptive (Integrated Risk Management Program)

Answer 15

The organization can quickly and efficiently account for changes to business/mission objectives in how risk is approached and communicated.

Question 16

Adaptive (External Participation)

Answer 16

The organization understands its role, dependencies, and dependents in the larger ecosystem and contributes to the community’s broader understanding of risks.

Question 17

Functions

Answer 17

Organize basic cybersecurity activities at their highest level.

Question 18

Categories

Answer 18

Are the subdivisions of a function into groups of cybersecurity outcomes closely tied to programmatic needs and particular activities.

Question 19

Subcategories

Answer 19

Further divide a category into specific outcomes of technical and/or management activities.

Question 20

Informative References

Answer 20

Are specific sections of standards, guidelines, and practices common among critical infrastructure sectors that illustrate a method to achieve the outcomes associated with each subcategory.

Question 21

5 types of cybersecurity framework

Answer 21

1. Identify
2. Protect
3. Detect
4. Respond
5. Recover

Question 22

Identify

Answer 22

Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities

Question 23

Protect

Answer 23

Develop and implement appropriate safeguards to ensure delivery of critical services

Question 24

Detect

Answer 24

Develop and implement appropriate activities to identify the occurrence of a cybersecurity event

Question 25

Respond

Answer 25

Develop and implement appropriate activities to take action regarding a detected cybersecurity incident

Question 26

Recover

Answer 26

Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident.

Question 27

NIST Cybersecurity Framework

Answer 27

1. Profile 2. Tiers 3. Functions 4. Categories 5. Subcategories 6. Informative References

Question 28

Two types of profiles

Answer 28

Current and Target

Question 29

Framework Core Structures

Answer 29

Categories are made up of subcategories and subcategories are made up of informative references/

Question 30

Framework Functions

Answer 30

Identify ID, Protect PR, Detect DE, Respond RS, and Recover RC

Question 31

Identify categories

Answer 31

Asset management, business environment, governance, risk assessment, risk management strategy, and supply chain risk management

Question 31

Protect categories

Answer 31

Identify management and access controls, awareness and training, data security, information protection process and procedures, maintenance , and protective technology.

Question 31

Detect categories

Answer 31

Anomalies and events, security continuous and monitoring, and detection processes

Question 32

Respond categories

Answer 32

Response planning, communications, analysis, mitigation, and improvements

Question 33

Recover categories

Answer 33

Recovery planning, improvements, and communications

Question 34

Cybersecurity framework

Answer 34

1. Identify 2. Protect 3. Detect 4. Respond 5. Recover

Question 35

CEA

Answer 35

Cybersecurity Enhancement Act of 2014

Question 36

CIS

Answer 36

Center for Internet Security

Question 37

COBIT

Answer 37

Control Objectives for Information and Related Technology

Question 38

CSC

Answer 38

Critical Security Control

Question 39

DHS

Answer 39

Department of Homeland Security

Question 40

EO

Answer 40

Executive Order

Question 41

IEC

Answer 41

International Electrotechnical Commission

Question 42

IR

Answer 42

Interagency Report

Question 43

ISO

Answer 43

International Organization for Standardization

Question 44

OT

Answer 44

Operational Technology

Question 45

RFI

Answer 45

Request for Information

Question 46

RMP

Answer 46

Risk Management Process

Question 47

SCRM

Answer 47

Supply Chain Risk Management

Question 48

SP

Answer 48

Special Publication

Question 49

DoD

Answer 49

Department of Defense

Question 50

How many Domains are in CMMC?

Answer 50

17

Question 51

DIB

Answer 51

Defense Industrial Base

Question 52

How many level descriptions are there in CMMC?

Answer 52

5

Question 53

CMMC

Answer 53

Cybersecurity Maturity Model Certification

Question 54

DFARS

Answer 54

Defense Federal Acquisition Regulation Supplement

Question 55

CUI

Answer 55

Controlled Unclassified Information

Question 56

Definition of CMMC

Answer 56

Certification process that measures DIB sector company’s ability to protect FCI and CUI.

Question 57

FCI

Answer 57

Federal Contract Information

Question 58

CMMC Model Framework

Answer 58

Models consists of domains, domains consist of capabilities, and capabilities consist of practices and processes

Question 59

How many capabilities in CMMC?

Answer 59

43

Question 60

Level 1 of CMMC process

Answer 60

Performed

Question 61

Level 1 Practices of CMMC?

Answer 61

Basic Cyber Hygiene

Question 62

Level 2 of Processes (CMMC)

Answer 62

Documented

Question 63

CMMC Level 2 Practices

Answer 63

Intermediate Cyber Hygiene

Question 64

CMMC Level 3 Processes

Answer 64

Managed

Question 65

CMMC Level 3 Practices

Answer 65

Good Cyber Engine

Question 66

CMMC Level 4 Processes

Answer 66

Reviewed

Question 67

CMMC Level 4 Practices

Answer 67

Proactive

Question 68

CMMC Level 5 Processes

Answer 68

Optimizing

Question 69

CMMC Level 5 Practices

Answer 69

Advanced/Progressive

Question 70

Level 1 focuses on

Answer 70

The protection of FCI and consists only of practices that correspond to the basic safeguarding requirements specified

Question 71

Level 2 requires

Answer 71

An organization that can establish and document practices and policies to guide the implementation of their CMMC efforts

Question 72

Level 3 requires

Answer 72

An organization establish, maintain, and resource a plan demonstrating the management of activities for practice implementation

Question 73

Level 3 focuses on

Answer 73

The protection of CUI

Question 74

Level 4 requirements

Answer 74

An organization review and measure practices for effectiveness

Question 75

Level 4 focuses on

Answer 75

The protection of CUI from the APTs and encompasses a subset of enhanced security requirements

Question 76

Level 5 requires

Answer 76

An organization to standardize and optimize process implementation across the organization

Question 77

Level 5 focuses on

Answer 77

The protection of CUI from the APTs

Question 78

CMMC Domain 1

Answer 78

Access Control

Question 79

CMMC Domain 2

Answer 79

Asset Management

Question 80

CMMC Domain 3

Answer 80

Audit and Accountability

Question 81

CMMC Domain 4

Answer 81

Awareness and Training

Question 82

CMMC Domain 5

Answer 82

Configuration Management

Question 83

CMMC Domain 6

Answer 83

Identification Authentication

Question 84

CMMC Domain 7

Answer 84

Incident Responses

Question 85

CMMC Domain 8

Answer 85

Maintenance

Question 86

CMMC Domain 9

Answer 86

Media Protection

Question 87

CMMC Domain 10

Answer 87

Personal Security

Question 88

CMMC Domain 11

Answer 88

Physical Protection

Question 89

CMMC Domain 12

Answer 89

Recovery

Question 90

CMMC Domain 13

Answer 90

Risk Management

Question 91

CMMC Domain 14

Answer 91

Security Assessment

Question 92

CMMC Domain 15

Answer 92

Situational Awareness

Question 93

CMMC Domain 16

Answer 93

System and Communications Protections

Question 94

CMMC Domain 17

Answer 94

System and Information Integrity

Question 95

C###

Answer 95

Capability number ###

Question 96

CERT

Answer 96

Computer Emergency Response Team

Question 97

CFR

Answer 97

Code of Federal Regulations

Question 98

CIS

Answer 98

Center for Internet Security

Question 99

CMMC

Answer 99

Cybersecurity Maturity Model Certification

Question 100

CNSSI

Answer 100

Committee on National Security Systems Instructionss

Question 101

CSF

Answer 101

Cybersecurity Feamework

Question 102

CSP

Answer 102

Credential Service Provider

Question 103

CUI

Answer 103

Controlled Unclassified Information

Question 104

CVE

Answer 104

Common Vulnerabilities and Exposures

Question 105

DFARS

Answer 105

Defense Federal Acquisition Regulation Supplement

Question 106

DNS

Answer 106

Domain Name System

Question 107

FAR

Answer 107

Federal Acquisition Regulation

Question 108

FCI

Answer 108

Federal Contact Information

Question 109

FIPS

Answer 109

Federal Information Processing Standards

Question 110

IEC

Answer 110

International Electrotechnical Commission

Question 111

ISO

Answer 111

International Organization for Standardization

Question 112

ISCM

Answer 112

Information Security Continuous Monitoring

Question 113

L#

Answer 113

Level number #

Question 114

MA

Answer 114

Maintenance

Question 115

ML

Answer 115

Maturity Level

Question 116

ML#

Answer 116

Maturity Level number #

Question 117

MP

Answer 117

Media Protection

Question 118

N/A

Answer 118

Not Applicable

Question 119

NAS

Answer 119

National Aerospace Standard

Question 120

NCSC

Answer 120

National Cyber Security Standard

Question 121

NCSC

Answer 121

National Cyber Security Centre

Question 122

NISTIR

Answer 122

NIST Interagency Report

Question 123

OUSD AandS

Answer 123

Office of the Under Secretary of Defense for Acquisition and Sustainment

Question 124

TTP

Answer 124

Tactics, techniques, and procedures

Question 125

UK

Answer 125

United Kingdom

Question 126

URL

Answer 126

Uniform Resource Locator

Question 127

US

Answer 127

United States

Question 128

VolP

Answer 128

Voice over Internet Protocol

Question 129

Col

Answer 129

Volume

Question 130

NIST SP 800-171 R2 Purpose

Answer 130

To provide federal agencies with recommended security requirements for protecting the confidentiality of CUI

Question 131

NIST SP 800-171 Target Audience

Answer 131

Public and Private sectors

Question 132

CUI

Answer 132

Controlled Unclassified Information

Question 133

CUI Definition

Answer 133

A non-classified information that must be safeguarded by implementing a uniform set of requirements and information security controls directed at securing sensitive government information

Question 134

Basic security requirements section

Answer 134

Are obtained from FIPS 200 which provides the high-level and fundamental security requirements for federal information and systems

Question 135

Derived security requirement actions

Answer 135

Supplement the basic security requirements, are taken from security controls in SP 800-53

Question 136

How many Distinct Categories are there?

Answer 136

14

Question 137

What are the 14 Distinct Categories?

Answer 137

Access Control, Awareness and Training, Audit and Accountability, Configuration Management, Identification and Authentication, Incident Response, Maintenance, System and Information Integrity, System and Communications Protections, Security Assessment, Risk Assessment, Physical Protection, Personnel Protection, and Media Protection

Question 138

CSIRT responsible for?

Answer 138

Providing incident response services to part or all of an organization.

Question 139

CSIRT

Answer 139

Computer Security Incident Response Team

Question 140

Incident Response Plan provides

Answer 140

The roadmap for implanting the incident response capability

Question 141

SOP

Answer 141

Standard Operating Procedures

Question 142

SOP Definition

Answer 142

Are a delineation of the specific technical processes techniques, checklists, and forms used by the incident response team

Question 143

Incident Response Team

Answer 143

Law Enforcement Agencies, Software and Support Vendors, Customer, Constituents and Media, Other Incident Response Team, Internet Service Provider, and Incident Reporters

Question 144

Incident Response Life Cycle

Answer 144

Preparation, Detection & Analysis, Containment Eradication & Recovery, and Post-Incident Activity

Question 145

None

Answer 145

No effect to the organization’s ability to provide all services to all users

Question 146

Low

Answer 146

Minimal effect

Question 147

Medium

Answer 147

Organization has lost the ability to provide a critical service to a subset of system users

Question 148

High

Answer 148

Organization is no longer able to provide some critical services to any users

Question 149

Four Areas Covered in Incident Security

Answer 149

Preparation, Detection & Analysis, Containment, Eradication & Recovery, and Post Incident Activity

Question 150

NIST and Risk Assessment

Answer 150

Scope of Risk Assessment, Asset Inventory, Threats, Vulnerabilities, Risk Evaluation, Risk Treatment, Version History, and Executive Summary

Question 151

Risk Assessment Process

Answer 151

1. Prepare for Assessment 2. Conduct the Assessment 3. Communicate results 4. Maintain Assessment

Question 152

Vulnerability Assessment

Answer 152

Process of identifying, quantifying and prioritizing the security issues in a system or network.

Question 153

Issues to look for

Answer 153

Data Access vulnerabilities and Network Access vulnerabilities

Question 154

4 ways to address a risk

Answer 154

Eliminate the risk, Reduce the risk to an acceptable level, Transfer the risk to a third-party, and to Accept the risk

Question 155

Vulnerability Scan

Answer 155

Runs internal and external network vulnerability scans at least quarterly and after any significant change in the network

Question 156

Internal Vulnerability Scans

Answer 156

Perform quarterly internal scan and rescans as needed until all “high” risk vulnerabilities are resolved

Question 157

External Vulnerability

Answer 157

Performs rescans as needed until passing scans are achieved

Question 158

Wireless Assessment

Answer 158

Implement processes to test for the presence of wireless access points, and detect and identify all authorized and unauthorized wireless access points on a quarterly basis

Question 159

Penetration Testing main objective

Answer 159

To determine security weaknesses

Question 160

External Penetration Testing Goal

Answer 160

To gain unauthorized elevated access to an externally accessible system

Question 161

Web Application Penetration Testing

Answer 161

Gain anonymous access to authenticated sections of the application and to gain access to other client data within the application

Question 162

Penetration Testing goals

Answer 162

Determine whether and how a malicious user can gain unauthorized access to assets that affect the fundamental security of the system, files, and logs

Question 163

Internal Pen test

Answer 163

Perform penetration test at least annually and after any significant infrastructure or application upgrade or modification

Question 164

Exploitable Vulnerabilities

Answer 164

Found during penetration testing mush be reviewed and corrected

Question 165

Detect and Prevent Intrusions

Answer 165

Used to detect or prevent intrusions of the network

Question 166

Change-Detection Mechanism

Answer 166

To alert personnel to unauthorized modification of critical system files, configuration files, or content files

Question 167

Firewalls

Answer 167

Are devices that control computer traffic allowed between an entity’s networks and untrusted network as well as traffic into and out of more sensitive areas within an entity’s internal trusted networks

Question 168

DMZ

Answer 168

Demilitarized Zone

Question 169

Information Security Policies

Answer 169

Develop and secure approval from management, publish, and communicate and train all members of the workforce on an information security policy

Question 170

Review of the Policies for Information Security

Answer 170

Are it be reviewed and evaluated periodically and if changes occur within the facility that affects a particular approved policy statement

Question 171

Organization of Information Security

Answer 171

Information security roles and responsibilities, segregation of duties, contact with authorities and Contact with special interest groups, and Information security in project management

Question 172

Mobile device policy

Answer 172

Develop specific policies, plans, and procedures to address members of the workforce who use mobile devices

Question 173

Risk Assessment

Answer 173

Conduct an accurate and through the assessment of risk and vulnerabilities to the CIA of sensitive information, including PII

Question 174

Risk Management

Answer 174

Obtain timely information about technical vulnerabilities of information systems being used

Question 175

Risk Management definition

Answer 175

A timeline to react to notifications of potentially relevant technical vulnerabilities

Question 176

Breach notification

Answer 176

Establish a formal information security even reporting procedure

Question 177

Information Security Incident Management

Answer 177

Implement training that augments the certification or other qualifications of workforce members and use tools so as to strengthen the value of preserved evidence.

Question 178

ISO 27001 Requirement # 10

Answer 178

Cryptography

Question 179

Cryptography Objective

Answer 179

To ensure proper and effective use of cryptography to protect the CIA of Information

Question 180

ISO 27001 Requirement # 12.3

Answer 180

Cryptographic Controls

Question 181

Cryptographic Controls Objective

Answer 181

To protect the CIA of information by cryptographic means

Question 182

ISO 27001 Requirement #18.1.5

Answer 182

Regulation Cryptographic Controls

Question 183

Regulation Cryptographic Controls Objective

Answer 183

To avoid breaches of legal, statutory, regulatory, or contractual obligations related to information security and of any security requirements

Question 184

Protected stored Cardholder Data

Answer 184

Protection methods such as encryption, truncation, masking, and hashing are critical components of cardholder data protection

Question 185

Encrypt Transmission

Answer 185

Encrypt transmission of sensitive data across open, public networks

Question 186

NIST offers

Answer 186

Guidance for encryption data at rest and in transmit

Question 187

Encryption

Answer 187

Is the conversation of data into a form that cannot be read with the decryption key or password.

Question 188

Tow addressable IS related to encryptions?

Answer 188

Access and Control Standard & Transmission Security Standard

Question 189

Purpose of Encryption Policy

Answer 189

To implement a mechanism to encrypt sensitive information in transmit, storage, usage, or processing, whenever deemed appropriate

Question 190

Encryption Policy

Answer 190

Evaluate the need for and use of encryption to maintain the confidentiality and integrity of sensitive information being transmitted, stored, used, or processed