Fundamentals of Information
Security Assessment Guide Exam
with Questions and Verified
Rationalized Answers
Information security - answersKeeping data, software, and hardware secure against
unauthorized access, use, disclosure, disruption, modification, or destruction.
Compliance - answersThe requirements that are set forth by laws and industry
regulations. Example : HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies
CIA - answersThe core model of all information security. Confidential, integrity and
availability
Confidential - answersAllowing only those authorized to access the data requested
integrity - answersKeeping data unaltered by accidental or malicious intent
Availability - answersThe ability to access data when needed
Parkerian hexad model - answersConfidentiality , integrity, availability,
possession/control, authenticity, utility
Possession/ control - answersRefers to the physical disposition of the media on which
the data is stored
authenticity - answersAllows us to talk about the proper attribution as to the owner or
creator of the data in question
Utility - answersHow useful the data is to us
Types of attacks - answers1- interception
2- interruption
3- modification
4- fabrication
Interception - answersAttacks allows unauthorized users to access our data,
applications, or environments. Are primarily an attack against confidentiality
Interruption - answersAttacks cause our assets to become unstable or unavailable for
our use, on a temporary or permanent basis. This attack affects availability but can also
attack integrity
,Modification - answersAttacks involve tampering with our asset. Such attacks might
primarily be considered an integrity attack, but could also be an availability attack.
Fabrication - answersAttacks involve generating data, processes, communications, or
other similar activities with a system. Attacks primarily affect integrity but can be
considered an availability attack.
Risk - answersThe likelihood that a threat will occur. There must be a threat and
vulnerability
Threat - answersAny event being man-made, natural or environmental that could
damage the assets
Vulnerabilities - answersWeakness that a threat event or the threat can take advantage
of
Impact - answerstaking into account the assets cost
Controls - answersThe ways we protect assets. Physical, technical/ logical, and
administrative
Physical controls - answersControls are physical items that protect assets. Think of
locks, doors, guards and fences
Technical/ logical controls - answersControls are devices and software that protect
assets. Think of firewalls, av, ids, and ips
Administrative controls - answersControls are the policies that organizations create for
governance. Ex: email policies
risk mamagement - answersA constant process as assets are purchased, used and
retired. The general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
5- mitigating risks
Identify assets - answersFirst and most important part or risk management. Identifying
and categorizing the assets we are protecting
Identify threats - answersOnce we have our critical assets we can identify the threats
that might effect them
, Assess Vulnerabilities - answersLook at potential threats. any given asset may have
thousand or millions of threats that could impact it, but only a small fraction of the
threats will be relevant
Assess risks - answersOnce we have identified the threats and vulnerabilities for a
given asset we can access the overall risk
Mitigating risks - answersPutting measures in place to help ensure that a given type of
threat is accounted for
Incident response - answersResponse to when risk management practices have failed
and have cause an inconvenience to a disastrous event
Incident response cycle - answers1 preparation
2- detection and analysis
3- containment
4- eradication
5- recovery
6- post incident activity
Preparation phase - answersThe preparation phase consists of all of the activities that
we can preform in advance of the incident itself in order to better enable us to handle it
Detection and analysis phase - answersWhere the action begins to happen. We will
detect the occurrence of an issue and decide whether or not it is actually an incident so
that we can respond
Containment phase - answersTaking steps to ensure that the situation does not cause
any more damage than it already has, or to at least lessen any ongoing harm.
Eradication phase - answersWe will attempt to remove the effects of the issue from our
environment
Recovery phase - answersRecover to a better state that we were prior to the incident or
perhaps prior to when the issue started if we did not detect it immediately
Post incident activity phase - answersWe attempt to determine specifically what
happened, why it happened, and what we can do to keep it from happening again.
Defense in depth - answersLayering of security controls is more effective and secure
than relying on a single control
Identity - answersWho or what we claim to be ( username)
Authentication - answersThe act of proving who or what we claim to be (password)
Security Assessment Guide Exam
with Questions and Verified
Rationalized Answers
Information security - answersKeeping data, software, and hardware secure against
unauthorized access, use, disclosure, disruption, modification, or destruction.
Compliance - answersThe requirements that are set forth by laws and industry
regulations. Example : HIPPA/ HITECH- healthcare, PCI/DSS- payment card industry,
FISMA- federal government agencies
CIA - answersThe core model of all information security. Confidential, integrity and
availability
Confidential - answersAllowing only those authorized to access the data requested
integrity - answersKeeping data unaltered by accidental or malicious intent
Availability - answersThe ability to access data when needed
Parkerian hexad model - answersConfidentiality , integrity, availability,
possession/control, authenticity, utility
Possession/ control - answersRefers to the physical disposition of the media on which
the data is stored
authenticity - answersAllows us to talk about the proper attribution as to the owner or
creator of the data in question
Utility - answersHow useful the data is to us
Types of attacks - answers1- interception
2- interruption
3- modification
4- fabrication
Interception - answersAttacks allows unauthorized users to access our data,
applications, or environments. Are primarily an attack against confidentiality
Interruption - answersAttacks cause our assets to become unstable or unavailable for
our use, on a temporary or permanent basis. This attack affects availability but can also
attack integrity
,Modification - answersAttacks involve tampering with our asset. Such attacks might
primarily be considered an integrity attack, but could also be an availability attack.
Fabrication - answersAttacks involve generating data, processes, communications, or
other similar activities with a system. Attacks primarily affect integrity but can be
considered an availability attack.
Risk - answersThe likelihood that a threat will occur. There must be a threat and
vulnerability
Threat - answersAny event being man-made, natural or environmental that could
damage the assets
Vulnerabilities - answersWeakness that a threat event or the threat can take advantage
of
Impact - answerstaking into account the assets cost
Controls - answersThe ways we protect assets. Physical, technical/ logical, and
administrative
Physical controls - answersControls are physical items that protect assets. Think of
locks, doors, guards and fences
Technical/ logical controls - answersControls are devices and software that protect
assets. Think of firewalls, av, ids, and ips
Administrative controls - answersControls are the policies that organizations create for
governance. Ex: email policies
risk mamagement - answersA constant process as assets are purchased, used and
retired. The general steps are 1- identify assets
2- identify threats
3- assess vulnerabilities
4- assess risk
5- mitigating risks
Identify assets - answersFirst and most important part or risk management. Identifying
and categorizing the assets we are protecting
Identify threats - answersOnce we have our critical assets we can identify the threats
that might effect them
, Assess Vulnerabilities - answersLook at potential threats. any given asset may have
thousand or millions of threats that could impact it, but only a small fraction of the
threats will be relevant
Assess risks - answersOnce we have identified the threats and vulnerabilities for a
given asset we can access the overall risk
Mitigating risks - answersPutting measures in place to help ensure that a given type of
threat is accounted for
Incident response - answersResponse to when risk management practices have failed
and have cause an inconvenience to a disastrous event
Incident response cycle - answers1 preparation
2- detection and analysis
3- containment
4- eradication
5- recovery
6- post incident activity
Preparation phase - answersThe preparation phase consists of all of the activities that
we can preform in advance of the incident itself in order to better enable us to handle it
Detection and analysis phase - answersWhere the action begins to happen. We will
detect the occurrence of an issue and decide whether or not it is actually an incident so
that we can respond
Containment phase - answersTaking steps to ensure that the situation does not cause
any more damage than it already has, or to at least lessen any ongoing harm.
Eradication phase - answersWe will attempt to remove the effects of the issue from our
environment
Recovery phase - answersRecover to a better state that we were prior to the incident or
perhaps prior to when the issue started if we did not detect it immediately
Post incident activity phase - answersWe attempt to determine specifically what
happened, why it happened, and what we can do to keep it from happening again.
Defense in depth - answersLayering of security controls is more effective and secure
than relying on a single control
Identity - answersWho or what we claim to be ( username)
Authentication - answersThe act of proving who or what we claim to be (password)
