COURSE 2 – CYBERSECURITY ROLES, PROCESSES & OPERATING SYSTEM SECURITY
Module 1: People Process & Technology
IBM CYBERSECURITY ANALYST PROFESSIONAL CERTIFICATE
Complete Coursera Study Guide
INTRODUCTION – People Process & Technology
This module provides an overview of a standard Security organization, exploring the service management framework and its implications for addressing and responding to cybersecurity threats within an organization. Additionally, it covers research into ITIL standard processes.
Learning Objectives
- Describe each phase of the ITIL lifecycle
- Define information technology infrastructure library (ITIL)
- Summarize continual process improvement
- Discuss typical process performance metrics
- Explain what makes a process successful
- Describe standard process roles
- Define process in the context of business management and describe its attributes
- Define security operation center (SOC)
- Discuss typical roles in an information security department
- Explain the purpose of frameworks, baselines, and best practices in cybersecurity
- Define IT security
WELCOME TO PEOPLE, PROCESS AND OPERATING SYSTEM FUNDAMENTALS FOR CYBERSECURITY
1. In the video Welcome to People, Process and Operating System Fundamentals for Cybersecurity, Alex mentions especially needing which two (2) technical skills and which two (2) soft skills?
- Networking and Programming
- Effective Communications and Critical Thinking (CORRECT)
- Teamwork and Public Speaking
- Leadership and Organization
- Firewalls and Antivirus (CORRECT)
- System administration and Scripting
Partially correct! These were the 2 soft skills mentioned as especially important.
Partially correct! These were the 2 technical skills mentioned as especially important.
2. The statement: “The protection of computer systems from theft or damage to the hardware, software or information on them, as well as from disruption or misdirection of the services they provide.” Is a good definition for what?
- IT Security (CORRECT)
- The CIA Triad.
- The Open Web Application Security Project (OWASP) Framework.
- The Information Technology Infrastructure Library (ITIL) framework.
- The Business Process Management Framework.
Correct! this is one good definition of IT Security.
FRAMEWORKS, POLICIES AND ROLES
1. When looking at security standards and compliance, which three (3) are characteristics of best practices, baselines and frameworks?
- They are used to improved controls, methodologies and governance for the IT department. (CORRECT)
- They enforce government, industry or client regulations.
- They are rules to follow for a specific industry.
- They help translate the business needs into technical or operational needs. (CORRECT)
- They seek to improve performance, controls and metrics. (CORRECT)
Partially correct! This is what best practices, frameworks and baselines are for.
2. Which three (3) of these roles would likely exist in an Information Security organization?
- Product Development Manager
- Regional Sales Executive
- Vulnerability Assessor (CORRECT)
- Director of Human Resources
- CISO, Chief Information Security Officer (CORRECT)
- Information Security Architect (CORRECT)
Partially correct! This is a role often found in an information security organization.
BUSINESS PROCESS MANAGEMENT AND IT INFRASTRUCTURE LIBRARY BASICS
1. In the video Introduction to Process, which three (3) items were called out as critical to the success of a Security Operations Center (SOC)?
- People (CORRECT)
- Tools (CORRECT)
- Process (CORRECT)
- Bandwidth
- Faraday Cages
- Uninterruptible Power Supplies for all critical systems.
Partially correct! Yes, this was one of the three mentioned.
2. Process performance metrics typically measure items in which four (4) categories?
- Rework (CORRECT)
- Cost (CORRECT)
- Injuries
- Quality (defect rate) (CORRECT)
- Backlog of pending orders
- Cycle time (CORRECT)
- Parts Inventory on hand
Partially correct! Yes, this was one of the four categories.
3. Service Portfolio Management, Financial Management, Demand Management and Business Relationship Management belong to which ITIL Service Lifecycle Phase?
- Service Operations
- Service Transition
- Service Improvement
- Service Strategy (CORRECT)
- Service Design
Correct! This is the ITIL Lifecycle Phase for the items listed.
4. Log, Assign, Track, Categorize, Prioritize, Resolve and Close are all steps in which ITIL process?
- Event Management
- Change Management
- Incident Management (CORRECT)
- Problem Management
Correct! These tasks do belong to Incident Management.
5. What critical item is noted when discussing process roles?
- Separation of duties is critical (CORRECT)
- Approver should be the requestor
- Approver should be the supplier
Correct, the approver should not be the requestor
PEOPLE, PROCESS AND TECHNOLOGY
1. The process in ITIL where changes are released to an IT environment is called what?
- Release Management (CORRECT)
- Incident Management
- Problem Management
- Change Management
2. Which service management process has the responsibility of understanding the root cause of a problem?
- Problem Management (CORRECT)
- Incident Management
- Change Management
- Configuration Management
3. In the video What is IT Security, Elio Sanabria Echeverria put forth a definition that included which factors?
- The protection of computer hardware.
- The protection of computer software.
- The protection of data.
- The disruption or misdirection of services provided by your systems.
- All of the above. (CORRECT)
4. This description belongs to which information security role? “This position is in charge of testing the effectiveness of computer information systems, including the security of the systems and reports their findings.”
- Information Security Auditor (CORRECT)
- Information Security Architect
- Information Security Analyst
- Chief Information Security Officer
5. Which of these statements most accurately conveys what was stated in the video Introduction to Process?
- Solid and well documented security processes are making the role of the security analyst increasingly obsolete.
- As volumes of security alerts and false positives grow, more burden is placed upon Security Analysts & Incident Response teams. (CORRECT)
- As security monitoring and analysis tools advance and incorporate artificial intelligence, Information Security organizations are challenged to find new work for underutilized security analysts.
6. Event Management, Incident Management, and Problem Management belong to which ITIL Service Lifecycle Phase?
- Service Operations (CORRECT)
- Service Improvement
- Service Design
- Service Transition
- Service Strategy
7. Maintaining Information Security Policy (ISP) and specific security policies that address each aspect of strategy, objectives and regulations is the part of which ITIL process?
- Information Security Management (CORRECT)
- Problem Management
- Service Level Management
- Change Management
CONCLUSION – People Process & Technology
In conclusion, this module offers a comprehensive understanding of a typical Security organization, delving into the service management framework’s impact on cybersecurity defense and response strategies. By exploring ITIL standard processes, learners gain valuable insights into optimizing security measures and mitigating cyber threats effectively.
Subscribe to our site
Get new content delivered directly to your inbox.
Quiztudy Top Courses
Popular in Coursera
- Google Advanced Data Analytics
- Google Cybersecurity Professional Certificate
- Meta Marketing Analytics Professional Certificate
- Google Digital Marketing & E-commerce Professional Certificate
- Google UX Design Professional Certificate
- Meta Social Media Marketing Professional Certificate
- Google Project Management Professional Certificate
- Meta Front-End Developer Professional Certificate
Liking our content? Then, don’t forget to ad us to your BOOKMARKS so you can find us easily!
