Exam 2

Question 1

What is CP ?

Answer 1

CP is “contingency planning” it is the overall “what - if” plan that will be used to restore operations with minimal cost and disruption.

Question 2

What Is IRP

Answer 2

IRP - “ Incident Response Plan” is the immediate response that is activated after an incident occurs.

Question 3

What is DRP

Answer 3

DRP- “Disaster Recovery Plan” is used to restore operations at the primary site after a disaster.

Question 4

What is BCP

Answer 4

“Business Contingency Plan” Re-establishes critical functions at an alternate site. runs along Side the DRP.

Question 5

BIA

Answer 5

BIA - “ Business Impact Anaylsis” is an Assessment of the impact that various adverse events can have on the organization. The BIA assumes that these controls have failed.

Question 6

The 3 steps of IRP

Answer 6

1. Detection
2. Reaction
3. Recovery

Question 7

How the IRP relates to NIST

Answer 7

The IRP aligns with the NIST Cybersecurity Framework
1. Detect Cyber Events.
2. Respond to cyber events.
3. Recover - tactical recovery phase.

Question 8

Cold sites

Answer 8

A cold site is a secondary location with low cost slow recovery.
it is measured in weeks.

Question 9

Warm Sites

Answer 9

This also a secondary location but is partially equipped with equipment and connection at location.
It is measured in days/hours.

Question 10

Hot site

Answer 10

This is a fully equipped secondary location, with equipment and connection at location. It is active before fallout and is measured in hours, minutes.

Question 11

Pro’s and con’s for using cloud for DPR

Question 12

4 ways to test CP( Contingency Plans)

Answer 12

1. Desk check / table top exercise
2. Structured walk-through ( tell workshop story)
3. Simulation ( think VMs)
4. Full interruption ( Pros and Cons)

Question 13

Iteration/CPI

Answer 13

Iteration results in improvement.
“Continuous Process Improvement” - A formal implementation of iteration mythology

Question 14

Laws Vs Ethics

Answer 14

Laws - Enforceable rules that mandate or prohibit Behavior.
Ethics - Principles that regulate socially acceptable behavior.
THE DIFFERENCE IS “ENFORCEABILITY”

Question 15

Liability vs Restitution

Answer 15

Liability - This the legal obligation of an entity extending beyond criminal or contract law, may include restitution.
Restitution - The legal obligation to compensate an injured party for wrongs committed.

Question 16

Due Care vs Due Diligence

Answer 16

Due Care- the legal standard to have a prudent org act legally and ethically and know the consequences of actions.
Due Diligence- The legal standard to have a prudent org maintain the standard of due care .

Question 17

Jurisdiction vs long arm

Answer 17

Jurisdiction- courts right to hear a case if the wrong was committed in its territory.
Long Arm - application of the law to those residing outside a court’s normal jurisdiction.
The difference is whether it’s inside or outside of jurisdiction.

Question 18

Policy vs Law

Answer 18

Policies: specify acceptable and unacceptable employee behavior in the workplace.
Policy functions as organizational laws
THE DIFFERENCE BETWEEEN POLICY AND LAW IS IGNORANCE OF A POLICY IS AN ACCEPTABLE DEFENSE.

Question 19

5 criteria for policy enforcement

Answer 19

1. Dissemination( distribution)
2. Review(reading)
   3.Comprehension(Understanding)
3. Compliance(Agreement)
4. Uniform Enforcement
   All these criteria must be met before an employee can be penalized (legally).

Question 20

Computer Crime Laws

Answer 20

1. CFAA- Computer Fraud and Abuse Act of 1986 - this is the pioneer of many computer - related federal and enforcement laws.
2. NIIP - National Information Infrastructure Protection Act of 1996 - modified the CFAA law.
3. USA Patriot Act of 2001- used in order to combat terrorism- related activities.
4. USA Patriot improvement and Reauthorization Act of 2006 - made 14 of 16 expanded powers of the department of homeland security and the FBI in investigating terrorist.
5. USA FREEDOM ACT - functions the same as the USA patriot Act as it expired in 2015.

Question 21

What is Privacy

Answer 21

individuals rights to protect themselves and personal info from unauthorized access.
It is Important because it is the #1 ethical issue.

Question 22

HIPAA

Answer 22

Health Insurance Portability and Accountability Act of 1996 - Protects your health insurance or general health information.

Question 23

What is GLBA ?

Answer 23

Gramm-leach Bliley Act of 1999 also know as the financial services moderation act protects our financial information

Question 24

What is the SOX

Answer 24

Sarbanes Oxley Act of 2002 protects financial reporting.

Question 25

PCI DSS

Answer 25

Payment Card Industry Data Security Standards - standard that payment processing organizations must comply. ITS NOT A LAW.

Question 26

Aggregated information VS Information Aggregation

Answer 26

Aggregated Information - protects Privacy Information Aggregation - threatens privacy

Question 27

PII - Personally Identifiable Information

Answer 27

When the PII is stolen Identity theft is committed The Federal Trade Commission is who identity theft gets reported to.

Question 28

PHI- Personal Health Info

Question 29

How is cybercrime enforced

Answer 29

It is enforced through the Federal Bureau of Investigation (FBI)

Question 30

CIRCIA ( Cybersecurity Incident Reporting for Infrastructure Act)

Answer 30

Cybersecurity Incident - reported within 72 hrs Ransomware Incident - reported within 24 hrs

Question 31

Why is national Culture so important in security

Answer 31

It is so important because a nations culture shapes its ethics.

Question 32

White vs Black vs Gray hats

Answer 32

White hats - The good guys, they are ethical hackers Black hats- The bad guys, malicious hackers , not ethical Gray hats- The fall in the middle.

Question 33

Causes of unethical and illegal behavior

Answer 33

1. Ignorance ( people control) 2. accident (process control) 3. intent (technology control)

Question 34

What is Deterrence

Answer 34

Deterrence is the best method for preventing an illegal or unethical activity.

Question 35

Conditions for deterrence to be effective

Answer 35

1. Fear of Penalty 2. Probability of being apprehended 3. Propability of fear being applied

Question 36

How do employees learn about ethical behavior and security policies

Answer 36

The employees must be trained

Question 37

What is GDPR ? why is it important

Answer 37

GDPR is General Data Protection Regulation. it is important because it defines the PII

Question 38

The 2025 EU directive covers

Answer 38

Improving risk management. Specific incident reporting requirements Mandated resilience testing

Question 40

Access

Answer 40

This is how systems determine whether and how to admit a user into a trusted area of the organization.

Question 41

Identification

Answer 41

This when individuals seeking access to a resource provide something the system knows them by. Like ID, department codes.

Question 42

Authentication

Answer 42

This is the process of validating an individuals entity.

Question 43

Multi factor authentication

Answer 43

This are questions asked to ensure that the right individual gains access to the resource. 1. Something you have like a ID or token 2. Something you are like characteristics of the individual.

Question 44

Authorization

Answer 44

Matching an individual to a a list of information and corresponding access levels.

Question 45

Accountability

Answer 45

This ensures that all actions on a system can be connected to an authorized personnel.

Question 46

password vs passkeys

Answer 46

passwords are created by users, passkeys are created by automatically generated. passwords a vulnerable to phishing while passkeys resist them passwords are common, passkey use new technology that makes them less familiar.

Question 47

What is Firewall

Answer 47

This a device that is use to separate trusted networks from untrusted ones.

Question 48

Types of Firewall

Answer 48

1. Packet Filtering 2.Application Gateways 3.Mac Layer Firewalls 4. Hybrids

Question 49

Packet Filtering Firewalls

Answer 49

This examines the header information of data packets.

Question 50

Hybrid firewalls

Answer 50

This combine elements of other types of firewalls

Question 51

NGFW

Question 52

UTM

Answer 52

Unified Threat Management combines firewalls

Question 53

Screened Subnet Firewall with DMZ

Answer 53

This is the dominant architecture used today. Its is used to protect DMZ systems and internal networks.

Question 54

What is extranet

Answer 54

this extends limited internal access to trusted partners via DMZ

Question 55

How to go about selecting a new firewall

Answer 55

1. security needs 2. performance, cost and management features.

Question 56

What is H.A vs Load balancing

Answer 56

H.A (High Availability) = redundant fail over for reliability, load balancing = split traffic for performance.

Question 57

Perimeter Security

Answer 57

1.Castle perimeter 2. Fluid perimeter 3. Zero trust

Question 58

Fluid Perimeter

Answer 58

This is the total length of the surface pipe that is contact with the fluid inside e

Question 59

Rule of Thumb

Answer 59

1. DENY ALL 2.Allow by EXCEPTION

Question 60

Ingress and egress

Answer 60

Ingress-incoming data traffic egress- Outgoing data traffic

Question 61

VPN

Answer 61

Virtual Private Networks

Question 62

How to do VPNS

Answer 62

1. End - to - End transport on encrypted data. 2. Remote Access The most popular VPN encryption protocol is Open VPN

Question 63

What a VPN does

Answer 63

1. Encapsulation of incoming and outgoing data. 2. Encryption of incoming and outgoing data. 3.Authentication of remote computer

Question 64

Security Perimeter vs DMZ

Answer 64

Security Perimeter - a boundary between trusted and untrusted DMZ = Buffer Zone hosting public services .

Question 65

some typical authentication protocols

Answer 65

RADIUS Keberos TACACS+ LDAP