Presented by Peter Fortunato BNNs Risk and Business Advisory Team - - PowerPoint PPT Presentation

Presented by Peter Fortunato

 BNN’s Risk and Business Advisory Team

• Peter Fortunato; CISM, CISA, CISSP

https://www.verizonenterprise.com/resources/reports/ rp_DBIR_2018_Report_execsummary_en_xg.pdf

 Comptia

• Security+

 ISACA

• CISA – Certified Information Security Auditor
• CISM – Certified Information Security Manager
• CRISC – Certified in Risk and Information Systems

Control

https://www.verizonenterprise.com/resources/reports/ rp_DBIR_2018_Report_execsummary_en_xg.pdf

 (ISC)2

• SSCP – Systems Security Certified Practitioner
• CISSP – Certified Information Systems Security

Professional

A A system a administrator is co configuring a g acc ccounts

• n a

a new ewly es established s ser

• erver. Wh

Which ch o

• f the

e follow

• llowin

ing ch char aract cteristic ics B BEST T dif ifferentia iates servic ice ac accou counts f from oth rom other ty types of

• f ac

accou counts?

• A. They can often be restricted in privilege.
• B. ​They are meant for non-person entities.
• C. ​They require special permissions to OS files and

folders.

• D. They remain disabled in operations.
• E. They do not allow passwords to be set.

Whic ich of

• f th

the follow

• llowin

ing if if used w wou

• uld

ld BEST T reduce the he num number o

• f suc

uccessful p phi hishing attacks ks?

• A. Two-factor authentication

B. Application layer firewall

• C. Mantraps
• D. User training

Prot

• tection
• n of Inform
• rmation
• n Assets

Informa mation S Systems ems Operations ns, Maint ntena nance and Service M Managemen ment Informat ation S n Syst stems Acqui quisition, n, Dev evelopme ment a and I Impleme mentation Gove vernanc nance a and d Managemen ment of IT The Proce

• cess o
• f Auditi

iting Informa mation S Systems ems

Which of

• f th

the follow

• llowin

ing p prog rograms w wou

• uld

ld a a sou

• und in

infor

• rmatio

ion s secu curit ity p policy

• licy M

MOST lik T likely include de t to handl dle s suspe pected d in intr trusio ions?

• A. Response
• B. Correction
• C. Detection
• D. Monitoring

Wh When en r rev eviewing t the I e IT T strategi gic p c planning process, a an n IS a aud uditor sho should e ens nsure t tha hat t the he plan:

• A. incorporates state of the art technology.
• B. addresses the required operational controls.
• C. articulates the IT mission and vision.
• D. specifies project management practices.

Information Security Governance Information Risk Management Information Security Program Development and Management Information Security Incident Management

All ll ris risk man management a activ ctivit itie ies a are re P PRIMARILY Y desig igned to to re reduce imp impact cts to to:

• A. a level defined by the security manager.
• B. an acceptable level based on organizational risk

tolerance.

• C. a minimum level consistent with regulatory

requirements.

• D. the minimum level possible.

A mis missio ion-critica cal s system h has as b bee een i iden entified as h havi ving a an administrative ve s sys ystem a account with ith a attri ttributes th that p t pre revent t lock lockin ing a and c change

• f
• f priv

rivile ileges a and n name ame. Which would be e the e BE BEST ST approach ch to prevent successful b brute f forcing o g of the e ac acco count?

• A. Prevent the system from being accessed remotely
• B. Create a strong random password
• C. Ask for a vendor patch
• D. Track usage of the account by audit trails

Whic ich of

• f th

the follow

• llowin

ing is is MOST b benefici cial to l to th the imp improv

• veme

ment of t of an ente terprise’s ris risk managem emen ent proc rocess?

• A. Key risk indicators (KRIs)
• B. External benchmarking
• C. The latest risk assessment
• D. A maturity model

Whic ich of

• f th

the follow

• llowin

ing f facto ctors s should b be analyzed t to hel elp m man anage gement s sel elect a an appr propr priate r risk r respo ponse?

• A. The impact on the control environment
• B. The likelihood of a given threat
• C. The costs and benefits of the controls
• D. The severity of the vulnerabilities

Cert rtif ific ication Ye Years rs

• f
• f

Exp. p. Exam C m Cos

• st

Pra ractic ice Questi tions

• ns

Book

• oks

Tota

• tal

Security+ 3 $330 $89 $50 $42 $420 SSCP 1 $330 $89 $45 $46 $464 CISSP 5 $650 $99 $70 $81 $819 CISA, CISM, CRISC 5 $575 - $760* $185 - $225* $105 - $135* $865 65 - $1,120 120

*ISACA Non-member price.

https://www.csoonline.com/article/3116884/security/top-cyber-security- certifications-who-theyre-for-what-they-cost-and-which-you-need.html

 Job Requirement  Desire for a Self-propelled Career  Personal Challenge / Satisfaction  Monetary Gain

 Knowledge of Subject Matter  Experience  Ethics

In my opinion, and by the standards of many employers, this is not

• true. The exams might not be as respected as other certification

leaders, but they are comprehensive and you must study hard to pass. CompTIA Security+ certification covers network security, cryptography, identity management, compliance, operation security, threats, and host security, among other topics.

https://www.globalknowledge.com/us-en/content/articles/top-paying-certifications

 According to the 2018 Report:

“IT IT W WILL ILL P PROB OBABLY B BE E YOU ON OU ONE E DAY”

“Most cybercriminals are motivated by cold, hard

• cash. If there’s some way they can make money out
• f you, they will.”

*Verizon 2018 Data Breach Investigation Report, 11th Edition

 For further information or questions feel free

to reach out to:

 Peter Fortunato, RBA Manager

• pfortunato@bnncpa.com
• (207) 791-7561



https://www.accenture.c .com/t2017 20170926T072837Z 0926T072837Z__w__/us-en/_ /_acnm nmedi dia/PDF DF- 61/Acce ccenture-2017 2017-Cost stCybe berCrimeStudy udy.pdf pdf



https: ps://www.veri rizon

• nenterp

rpri rise.com com/re resou

• urc

rces/re report

• rts/rp

rp_DBIR_2018_Report

• rt_execs

csum mary_en_ n_xg.pdf pdf



http://www.nom

• more
• reransom
• m.org
• rg/



https: ps://ur urlha haus us.abus buse.ch/ h/ho host/bl blue uesk sky-oz

• z.ru

ru



https://clou

• udblog
• gs.micro

crosof

• ft.com
• m/micros

crosof

• ftsecu

cure re/2014/12/30/before

• re-yo

you-ena nabl ble- thos

• se-macr

cros

• s/



http tps://www.nis ist. t.gov/blogs/ta takin ing-me measure/ea easy-ways ys-build ild-bet etter-pw pw0rd d



https: ps://www.washi shing ngtonp npost st.com/local/publ public-saf afety/ha hack-of

• f-balt

ltim imores-911 911- dispa spatch-system em-wa was-ra ransom

• mware

re-at attack-ci city-officials-say/201 2018/ 8/03/ 03/28/ 28/e273e 273ef36 36- 32a 32a3-11e 11e8-8abc abc-22a 22a366b 366b72f2d 72f2d_story.h .html?noredirect=on&utm_term=. =.bd822425a 822425af42 42



https://www.enga gadge get.com/2018/ 2018/04/ 04/23/ 23/atlanta-spe spends nds-over er-2-mill llio ion-ra ransom

• mware

re- recov covery ry/



https: ps://nv nvlpubs pubs.ni nist.gov/ v/ni nist stpubs/ pubs/SpecialPubl ublications ns/NIS IST.SP.800-61r 61r2.p 2.pdf