ISACA STUFF correctly solved latest 2022

ISACA STUFF correctly solved latest 2022NISt five function necessary for the protection of digital assets 1. identify 2. protect 3. detect 4. respond 5. recover confidentiality methods of control ways to protect this objective 1. access controls 2. file permissions 3. encryption integrity methods of control 1. access controls 2. logging 3. digital signature 4. hashes 5. backups 6. encryptions availability methods of control 1. redundancy of network, system, data 2. highly available system architectures 3. data replication 4. backups 5. access controls 6. well designed disaster recovery plan or business continuity plan confidentiality the protection of information from unauthorized disclosure integrity objective concerning: accuracy and completeness of information in accordance with the business value and expectations availability ability of access information and resources required by the business process role of board of directors group that is aware of organization's assets and critically ongoing operations. role of executive management sets the tone for cybersecurity management within the organization role of senior information security management 1. develop security strategy 2. overseeing programs and initiatives role of cybersecurity practitioners people who: design, implement, and manage process and technical controls and respond to events and incidents Governance program goals (4) 1. provide strategic direction 2. ensure that objectives are achieved 3. ascertain whether risk is being managed appropriately 4. verify that the organization's resources are being used responsibly inherent risk level or risk without taking into account the actions that management has taken or might take residual risk risk left after all safeguards are in place policies communicate required and prohibited activities and behaviors standard interpret policies in specific situations procedures provide details on how to comply with policies and standards guidelines provide general guidance on what to do in particular circumstances OSI layers 1. phsyical layer 2. data link layer 3. network layer 4. transport layer 5. session layer 6. presentation layer 7. application layer physical layer layer that manages signals among network systems data link layer layer that divides data into frames that can be transmitted by the physical layer network layer layer that translates network address and routes data from sender to receiver transport layer layer that ensures that data are transferred reliably in the correct sequence session layer layer that coordinates and manages user connections / keeps separate the data of different applications presentation layer layer that formats, encrypts, compresses data application layer layer that mediates between software applications and other layers of network services horizontal defense in depth controls are placed in various places in the path of access for an asset / concentric rings vertical defense in depth controls are placed at different system layers - hardware, operating system, application, database or user levels IP spoofing attackers fakes the ip address of a trusted host source routing specification defining a route to bypass firewall miniature fragment attack attacker fragments IP packets into smaller ones and pushes it through the firewall Common types of vulnerabilities (4) 1. technical 2. process 3. organizational 4. emergent technical errors errors in design, implementation, placement or configuration 1. coding errors 2. inadequate passwords 3. open network ports 4. lack of monitoring process error errors in operation 1. failure to monitor logs 2. failure to patch software organizational error errors in management, decision, planning or form ignorance 1. lack of policies 2. lack of awareness 3. failure to implement controls emergent vulnerabilities type of vulnerability: interactions between, or changes in, environments 1. cross-organizational failures 2. interoperability errors 3. implementing new technology penetration testing common phases (4) 1. planning 2. discovery 3. attack 4. reporting 5 functional areas of network management 1. fault management 2. configuration 3. accounting management 4. performance management 5. security management repeaters physical layer devices that extend the range of a network or connect two separate network segments together hubs physical layer devices that serve as the center of a star-topology network or a network conectrator layer 2 switches data link level devices that divide and interconnect network segments to reduce collision domains in ethernet-based networks routers devices that link separate network segments that remain logically separate and can function as independent networks Port numbers well known: 0-1023 registered: dynamic: 49152 OWASP top 10 1. injection 2. broken authentication and session management 3. cross-site scripting 4. insecure direct object references 5. security misconfiguration 6. sensitive data exposure 7. missing function level access control 8. cross-site request forgery 9. using components with known vulnerabilities 10. unvalidated redirects and forwards incident response phases (5) 1. preparation 2. detection and analysis 3. investigation 4. mitigation and recovery 5. post-incident analysis