1A and 1B: Comparing Security Roles and
Security Controls
**Information Security (Infosec)** - refers to the safeguarding of data resources against unauthorized
access, attacks, theft, or damage.
**What is the CIA Triad?** - consists of Confidentiality, Integrity, and Availability.
**What is Confidentiality? (CIA Triad)** - represents the essential security objective of maintaining the
privacy of information and communications, ensuring they are shielded from unauthorized access. This
means that specific information should only be accessible to designated individuals.
**What is Integrity? (CIA Triad)** - signifies the primary security aim of ensuring that organizational
information remains accurate, error-free, and free from unauthorized alterations. This entails that data is
stored and transmitted as intended, with modifications permitted only by authorized entities.
**What is Availability? (CIA Triad)** - denotes the core security goal of guaranteeing that computer
systems function continuously, allowing authorized users to access the data they require. In essence,
information should be readily available to those who have permission to view or modify it.
**Non-repudiation** - refers to the assurance that an individual cannot deny their actions, such as
creating, altering, or transmitting a resource.
**What are the 5 Functions of Security as Developed by NIST?** - include Identify, Protect, Detect,
Respond, and Recover.
**Describe Identify from the 5 Functions of Security Developed by NIST** - involves creating secure
policies and capabilities, assessing risks, threats, and vulnerabilities, and recommending security controls
to address them.
**Describe Protect from the 5 Functions of Security Developed by NIST** - entails the procurement,
development, installation, operation, and decommissioning of IT hardware and software assets, with
security integrated at every phase of the operational lifecycle.
**Describe Detect from the 5 Functions of Security Developed by NIST** - involves continuous, proactive
monitoring to verify that security controls are effective and capable of defending against emerging
threats.
**Describe Respond from the 5 Functions of Security Developed by NIST** - encompasses the
identification, analysis, containment, and elimination of data security threats.
**Describe Recover from the 5 Functions of Security Developed by NIST** - focuses on implementing
cybersecurity resilience to restore systems and data when other controls fail to prevent attacks.
, **What is an SOC (Security Operations Center)?** - a facility where security professionals oversee and
safeguard critical information assets across various business functions, including finance, operations, and
sales.
**What is DevSecOps?** - an approach that merges software development, security operations, and
systems operations, emphasizing that security must be a fundamental consideration throughout the
software development and deployment lifecycle.
**What is DevOps?** - a practice that integrates software development with systems operations,
promoting collaboration between these two disciplines.
**What is a CIRT/CSIRT/CERT? What do they do?** - these terms refer to dedicated teams for cyber
incident response, providing a centralized point of contact for reporting security incidents.
**Which security-related term pertains to data integrity?** - Modification.
**A company engages an external firm annually to audit its network security. What type of security
control does this audit exemplify?** - Managerial.
**Which organization has a cybersecurity framework (CSF) that focuses solely on IT security, as opposed
to IT service delivery?** - National Institute of Standards and Technology (NIST).
**Following a poorly managed security breach, a company revises its security policy to enhance its
incident response plan. Which type of security control does this update represent?** - Corrective.
**An engineer aims to implement security measures based on the five functions of the NIST
Cybersecurity Framework. What should the engineer emphasize when documenting the "detect"
function?** - Ongoing proactive monitoring.
**The _____ mandates that federal agencies establish security policies for computer systems handling
confidential information.** - Computer Security Act.
**After attending a conference on cybersecurity frameworks, the IT department head schedules a
meeting with staff to discuss deploying security controls. Which ideas align with industry definitions?
(Select all that apply.)** - Implement a technical control to enforce network access policies; schedule
quarterly security awareness workshops to prevent social engineering attacks; deploy agents to file
servers for continuous backups to cloud storage as a corrective measure against malware.
**The National Institute of Standards and Technology (NIST) outlines a framework categorizing security
functions. Which description corresponds to the "respond" function?** - Identify, analyze, and eradicate
threats.
**Who holds the primary external responsibility for an organization’s security?** - Senior executives.
Security Controls
**Information Security (Infosec)** - refers to the safeguarding of data resources against unauthorized
access, attacks, theft, or damage.
**What is the CIA Triad?** - consists of Confidentiality, Integrity, and Availability.
**What is Confidentiality? (CIA Triad)** - represents the essential security objective of maintaining the
privacy of information and communications, ensuring they are shielded from unauthorized access. This
means that specific information should only be accessible to designated individuals.
**What is Integrity? (CIA Triad)** - signifies the primary security aim of ensuring that organizational
information remains accurate, error-free, and free from unauthorized alterations. This entails that data is
stored and transmitted as intended, with modifications permitted only by authorized entities.
**What is Availability? (CIA Triad)** - denotes the core security goal of guaranteeing that computer
systems function continuously, allowing authorized users to access the data they require. In essence,
information should be readily available to those who have permission to view or modify it.
**Non-repudiation** - refers to the assurance that an individual cannot deny their actions, such as
creating, altering, or transmitting a resource.
**What are the 5 Functions of Security as Developed by NIST?** - include Identify, Protect, Detect,
Respond, and Recover.
**Describe Identify from the 5 Functions of Security Developed by NIST** - involves creating secure
policies and capabilities, assessing risks, threats, and vulnerabilities, and recommending security controls
to address them.
**Describe Protect from the 5 Functions of Security Developed by NIST** - entails the procurement,
development, installation, operation, and decommissioning of IT hardware and software assets, with
security integrated at every phase of the operational lifecycle.
**Describe Detect from the 5 Functions of Security Developed by NIST** - involves continuous, proactive
monitoring to verify that security controls are effective and capable of defending against emerging
threats.
**Describe Respond from the 5 Functions of Security Developed by NIST** - encompasses the
identification, analysis, containment, and elimination of data security threats.
**Describe Recover from the 5 Functions of Security Developed by NIST** - focuses on implementing
cybersecurity resilience to restore systems and data when other controls fail to prevent attacks.
, **What is an SOC (Security Operations Center)?** - a facility where security professionals oversee and
safeguard critical information assets across various business functions, including finance, operations, and
sales.
**What is DevSecOps?** - an approach that merges software development, security operations, and
systems operations, emphasizing that security must be a fundamental consideration throughout the
software development and deployment lifecycle.
**What is DevOps?** - a practice that integrates software development with systems operations,
promoting collaboration between these two disciplines.
**What is a CIRT/CSIRT/CERT? What do they do?** - these terms refer to dedicated teams for cyber
incident response, providing a centralized point of contact for reporting security incidents.
**Which security-related term pertains to data integrity?** - Modification.
**A company engages an external firm annually to audit its network security. What type of security
control does this audit exemplify?** - Managerial.
**Which organization has a cybersecurity framework (CSF) that focuses solely on IT security, as opposed
to IT service delivery?** - National Institute of Standards and Technology (NIST).
**Following a poorly managed security breach, a company revises its security policy to enhance its
incident response plan. Which type of security control does this update represent?** - Corrective.
**An engineer aims to implement security measures based on the five functions of the NIST
Cybersecurity Framework. What should the engineer emphasize when documenting the "detect"
function?** - Ongoing proactive monitoring.
**The _____ mandates that federal agencies establish security policies for computer systems handling
confidential information.** - Computer Security Act.
**After attending a conference on cybersecurity frameworks, the IT department head schedules a
meeting with staff to discuss deploying security controls. Which ideas align with industry definitions?
(Select all that apply.)** - Implement a technical control to enforce network access policies; schedule
quarterly security awareness workshops to prevent social engineering attacks; deploy agents to file
servers for continuous backups to cloud storage as a corrective measure against malware.
**The National Institute of Standards and Technology (NIST) outlines a framework categorizing security
functions. Which description corresponds to the "respond" function?** - Identify, analyze, and eradicate
threats.
**Who holds the primary external responsibility for an organization’s security?** - Senior executives.
