Module 1: People Process & Technology

by
Contents hide
1 INTRODUCTION – People Process & Technology
2 WELCOME TO PEOPLE, PROCESS AND OPERATING SYSTEM FUNDAMENTALS FOR CYBERSECURITY
3 FRAMEWORKS, POLICIES AND ROLES
4 BUSINESS PROCESS MANAGEMENT AND IT INFRASTRUCTURE LIBRARY BASICS
5 PEOPLE, PROCESS AND TECHNOLOGY
6 CONCLUSION – People Process & Technology
Spread the love

INTRODUCTION – People Process & Technology

This module gives a general view of a usual security establishment, basically, the structure of service management and how service management induces effect concerning addressing and responding to cybersecurity threats within an organization. It has also looked into ITIL standard processes research.

Learning Objectives include the following:

  • Describe every stage of the ITIL lifecycle
  • Define Information Technology Infrastructure Library (ITIL)
  • Summarize continual process improvement
  • Discuss typical process performance metrics
  • Explain what makes for a process successful
  • Describe standard process roles
  • Define process in regard to business management and outline its attributes
  • Define Security Operations Center (SOC)
  • Discuss typical roles in an information security department
  • Explain the purpose of frameworks, baselines, and best practices concerning cybersecurity
  • Define IT Security

WELCOME TO PEOPLE, PROCESS AND OPERATING SYSTEM FUNDAMENTALS FOR CYBERSECURITY

1. In the video Welcome to People, Process and Operating System Fundamentals for Cybersecurity, Alex mentions especially needing which two (2) technical skills and which two (2) soft skills?

  • Networking and Programming
  • Effective Communications and Critical Thinking (CORRECT)
  • Teamwork and Public Speaking
  • Leadership and Organization
  • Firewalls and Antivirus (CORRECT)
  • System administration and Scripting

Partially correct! The two soft skills highlighted as paramount were these: communication and problem-solving.

Partially correct! The two technical skills specified as crucial were cybersecurity know-how and knowledge about compliance frameworks.

2. The statement: “The protection of computer systems from theft or damage to the hardware, software or information on them, as well as from disruption or misdirection of the services they provide.” Is a good definition for what?

  • IT Security (CORRECT)
  • The CIA Triad.
  • The Open Web Application Security Project (OWASP) Framework.
  • The Information Technology Infrastructure Library (ITIL) framework.
  • The Business Process Management Framework.

Correct! Absolutely! Kindly furnish me with the definition that you would want me to work on.

FRAMEWORKS, POLICIES AND ROLES

1. When looking at security standards and compliance, which three (3) are characteristics of best practices, baselines and frameworks?

  • They are used to improved controls, methodologies and governance for the IT department. (CORRECT)
  • They enforce government, industry or client regulations.
  • They are rules to follow for a specific industry.
  • They help translate the business needs into technical or operational needs. (CORRECT)
  • They seek to improve performance, controls and metrics. (CORRECT)

Partially correct! The high-quality practices, frameworks, and baselines have been created to provide clear guidance and standardization in facilitating implementing effective IT security practices.

2. Which three (3) of these roles would likely exist in an Information Security organization?

  • Product Development Manager
  • Regional Sales Executive
  • Vulnerability Assessor (CORRECT)
  • Director of Human Resources
  • CISO, Chief Information Security Officer (CORRECT)
  • Information Security Architect (CORRECT)

Partially correct! The position is commonly associated with an institution of information security.

BUSINESS PROCESS MANAGEMENT AND IT INFRASTRUCTURE LIBRARY BASICS

1. In the video Introduction to Process, which three (3) items were called out as critical to the success of a Security Operations Center (SOC)?

  • People (CORRECT)
  • Tools (CORRECT)
  • Process (CORRECT)
  • Bandwidth
  • Faraday Cages
  • Uninterruptible Power Supplies for all critical systems.

Partially correct! Yes, this was one of the three mentioned.

2. Process performance metrics typically measure items in which four (4) categories?

  • Rework (CORRECT)
  • Cost (CORRECT)
  • Injuries
  • Quality (defect rate) (CORRECT)
  • Backlog of pending orders
  • Cycle time (CORRECT)
  • Parts Inventory on hand

Partially correct! Yes, this was one of the four categories.

3. Service Portfolio Management, Financial Management, Demand Management and Business Relationship Management belong to which ITIL Service Lifecycle Phase?

  • Service Operations
  • Service Transition
  • Service Improvement
  • Service Strategy (CORRECT)
  • Service Design

Correct! This is the ITIL Lifecycle Phase for the items listed.

4. Log, Assign, Track, Categorize, Prioritize, Resolve and Close are all steps in which ITIL process?

  • Event Management
  • Change Management
  • Incident Management (CORRECT)
  • Problem Management

Correct! These tasks do belong to Incident Management.

5. What critical item is noted when discussing process roles?

  • Separation of duties is critical (CORRECT)
  • Approver should be the requestor
  • Approver should be the supplier

Correct, Approval should be accorded to different persons from the approval requesters.

PEOPLE, PROCESS AND TECHNOLOGY

1. The process in ITIL where changes are released to an IT environment is called what?

  • Release Management (CORRECT)
  • Incident Management
  • Problem Management
  • Change Management

2. Which service management process has the responsibility of understanding the root cause of a problem?

  • Problem Management (CORRECT)
  • Incident Management
  • Change Management
  • Configuration Management

3. In the video What is IT Security, Elio Sanabria Echeverria put forth a definition that included which factors?

  • The protection of computer hardware.
  • The protection of computer software.
  • The protection of data.
  • The disruption or misdirection of services provided by your systems.
  • All of the above. (CORRECT)

4. This description belongs to which information security role? “This position is in charge of testing the effectiveness of computer information systems, including the security of the systems and reports their findings.”

  • Information Security Auditor (CORRECT)
  • Information Security Architect
  • Information Security Analyst
  • Chief Information Security Officer

5. Which of these statements most accurately conveys what was stated in the video Introduction to Process?

  • Solid and well documented security processes are making the role of the security analyst increasingly obsolete.
  • As volumes of security alerts and false positives grow, more burden is placed upon Security Analysts & Incident Response teams. (CORRECT)
  • As security monitoring and analysis tools advance and incorporate artificial intelligence, Information Security organizations are challenged to find new work for underutilized security analysts.

6. Event Management, Incident Management, and Problem Management belong to which ITIL Service Lifecycle Phase? 

  • Service Operations (CORRECT)
  • Service Improvement
  • Service Design
  • Service Transition
  • Service Strategy

7. Maintaining Information Security Policy (ISP) and specific security policies that address each aspect of strategy, objectives and regulations is the part of which ITIL process?

  • Information Security Management (CORRECT)
  • Problem Management
  • Service Level Management
  • Change Management

CONCLUSION – People Process & Technology

This course really prepares learners to understand the functioning and structure of general security organizations particularly with respect to its impacts on defense and response strategies in service management in cybersecurity. On mapping out the processes standardized within ITIL, one can learn how effectively one can strengthen measures and mitigate damage from cyber threats.

Leave a Comment