Question 1

The target selection step of Internet vulnerability assessment involves using the external monitoring intelligence to configure a test engine (such as Nessus) for the tests to be performed.

Accepted Answer

False

Question 2

The internal monitoring domain is the component of the maintenance model that focuses on identifying, assessing, and managing the physical security of assets in an organization.

Accepted Answer

The internal monitoring domain is actually the component of the maintenance model that focuses on the detection and prevention of internal threats to an organization's assets and data, such as monitoring employee behavior, enforcing access controls, and detecting insider threats. The component that focuses on identifying, assessing, and managing the physical security of assets is typically referred to as the physical security domain.

Question 3

Documenting information system changes and assessing their potential impact on system security is an important and consequential part of digital forensics.

Accepted Answer

Documenting information system changes and assessing their potential impact on system security is a crucial aspect of information security management and change management, rather than digital forensics, which focuses on investigating and analyzing digital evidence after a security incident has occurred.

Question 4

US-CERT is generally viewed as the definitive authority for computer emergency response teams.

Accepted Answer

US-CERT (United States Computer Emergency Readiness Team) is a part of the Department of Homeland Security's National Cybersecurity and Communications Integration Center and is considered one of the leading authorities for computer emergency response teams in the United States.

Question 5

An effective information security governance program requires no ongoing review once it is well established.

Accepted Answer

Information security governance program should be reviewed periodically to ensure its effectiveness, relevance, and alignment with business objectives and security risks. As security risks and business requirements change, the program should undergo changes as well. Therefore, ongoing reviews are necessary for maintaining an effective information security governance program.

Question 6

Wireless vulnerability assessment begins with the planning, scheduling, and notification of all Internet connections, using software such as Wireshark.

Accepted Answer

Wireless vulnerability assessment involves more than just using Wireshark. It also includes identifying and scanning wireless access points, analyzing network traffic, and testing for common vulnerabilities such as default logins and weak encryption. Notification of Internet connections may also not be necessary in all cases.

Question 7

An intranet vulnerability scan starts with the scan of the organization's default Internet search engine.

Accepted Answer

An intranet vulnerability scan would start with the scan of the organization's internal network, not their default Internet search engine.

Question 8

External monitoring entails collecting intelligence from various data sources and then giving that intelligence context and meaning for use by decision makers within the organization.

Accepted Answer

External monitoring involves gathering information from sources outside the organization, such as news articles or social media, and then analyzing and interpreting that information to provide insights to decision makers within the organization.

Question 9

Over time, policies and procedures may become inadequate due to changes in the organization's mission and operational requirements, threats, or the environment.

Accepted Answer

As organizations and environments evolve, policies and procedures need to adapt to ensure they remain effective and relevant.

Question 10

Over time, external monitoring processes should capture information about the external environment in a format that can be referenced across the organization as threats emerge and for historical use.

Accepted Answer

This information is important for organizations to stay aware of any potential threats and adapt to changes in their external environment. By keeping this information in a standardized format, it can be easily accessed and utilized by various departments and stakeholders within the organization.

Question 11

A general guideline for performance of hard drives suggests that when the amount of data stored on a particular hard drive averages 95% of available capacity for a prolonged period, you should consider an upgrade for the drive.

Accepted Answer

The answer of A general guideline for performance of hard...

Question 12

Intelligence for external monitoring can come from a number of sources: vendors, CERT organizations, public network sources, and membership sites.

Accepted Answer

Intelligence for external monitoring can come from a variety of sources, including vendors, CERT organizations, public network sources, and membership sites.

Question 13

Documentation procedures are not required for configuration and change management processes.

Accepted Answer

Documentation procedures are essential to keep track of changes made in the configuration management process. It helps to maintain a record of what changes were made, who made them, and when they were made. Documentation also helps to ensure consistency in the configuration and change management processes.

Question 14

Inventory characteristics for hardware and software assets that record the manufacturer and versions are related to technical functionality, and should be highly accurate and updated each time there is a change.

Accepted Answer

Inventory of hardware and software assets that record manufacturer and version information are essential for technical functionality and should be updated each time there is a change to ensure accuracy.

Question 15

Digital forensics helps an organization understand what happened, and how, after an incident.

Accepted Answer

Digital forensics involves collecting, analyzing, and preserving digital evidence to determine what happened during an incident, and how it happened. It helps organizations identify the cause of a security breach, who was responsible, and what actions need to be taken to prevent future incidents.

Question 16

Remediation of vulnerabilities can be accomplished by accepting or transferring the risk, removing the threat, or repairing the vulnerability.

Accepted Answer

Remediation of vulnerabilities can be achieved by either accepting or transferring the risk, removing the threat if possible, or repairing the vulnerability if feasible.

Question 17

A management model such as ISO 27000 deals with methods to maintain systems.

Accepted Answer

ISO 27000 is specifically focused on information security management systems (ISMS), providing guidelines for keeping information assets secure, rather than maintaining general systems.

Question 18

All systems that are mission critical should be enrolled in platform security validation (PSV) measurement.

Accepted Answer

PSV measurement helps identify any security vulnerabilities in critical systems and ensures they meet industry security standards.

Question 19

If an organization deals successfully with change and has created procedures and systems that can be adjusted to the environment, the existing security improvement program will probably continue to work well.

Accepted Answer

If an organization can adjust to changes and adapt their procedures and systems accordingly, it shows that they have a proactive approach to security that can be maintained even as the environment changes. Therefore, their existing security improvement program will likely continue to be effective.

Question 20

The vulnerability database, like the risk, threat, and attack database, both stores and tracks information.

Accepted Answer

The vulnerability database stores and tracks information about known vulnerabilities in software, hardware, or systems. This information can be used to assess and manage associated risks and threats.

Quiz 12: Information Security Maintenance