SANS MGT514 EXAM QUESTIONS &
ANSWERS 100% CORRECT!
Strategic planning (1:8) - ANSWERSdeep analysis and understanding of the state of
business and the threats faced by the organization
Value to the organization (1:8) - ANSWERSdevelop your objectives based on the
organization's vision and mission, stake holder risk appetite and opportunities
Driving engagement (1:8) - ANSWERSexecute on the plan by navigating the internal
values and culture, developing a business case to get support and funding, and
promoting your activities
Organizational Transformation (1:8) - ANSWERSas a leader you must strive to lead,
motivate, and inspire your team members and colleagues to accomplish their goals of
the overall strategic planning process
Security planning - Need (1:11) - ANSWERSrequires an understanding of not only
security threats and capabilities but also a deep understanding of the business
environment & organizational goals.
Verizon Data Breach Investigations Report (1:14) - ANSWERSShows the percentages
of breaches per threat action, i.e. Hacking, malware, social engineering
Understanding the business (1:29) - ANSWERS1. Understand where you've been
2.Understand business Strategy
3.Understand macro factors that affect business 4.understand and develop relationships
with key stakeholders
Business Model (1:41) - ANSWERS1. describes how you operate 2. generate revenue
and make profit 3. deliver value at a reasonable cost
Vertical Business Model (1:45) - ANSWERScombines multiple steps in a value chain
into one organization e.g. development -> distro
Horizontal Business model (1:45) - ANSWERSfocus on one area of the value chain e.g.
Product development
PFF -Porter's Five Forces (1:47) - ANSWERSDeveloped by Micheal E Porter in 1979
who was an authority on competitive strategy and economic development. Method used
to develop business strategy by understanding where power lies in a business situation
,PFF - Power of Customers (1:47) - ANSWERSImpact Customers have on your
business. Force Driven by the # of customers you have, their importance to your
business, and cost of switching them from you to another company
PFF - Substitute Products (1:48) - ANSWERSThe ability for your customer to find
substitute products or an easier way to do what you do
PFF - Power Of Suppliers (1:48) - ANSWERShow easy is it for suppliers to influence
and drive up your prices. Uniqueness of their products, their strength/control of you
PFF - Threats of new entrants (1:48) - ANSWERShow easy is it for people to join the
market and can they become a threat and compete with your company
PFF - Competitive Rivalry (1:48) - ANSWERSLook at the competition and their
capabilities. If no one can do what you do, e.g. products/services, you will have
tremendous strength
Strategic objectives (1:56) - ANSWERS-Based on understanding the business model,
strategy and competitive forces
-Very high level and often vague
Strategy Maps (1:56) - ANSWERS- Links high-level strategic objectives to specific
projects, initiatives
-Shows how to turn strategy into tangible outcomes
-highlights gaps in strategy implementation
-helps communicate strategy to entire organization
PEST Analysis (1:65) - ANSWERSManagement tool to identify external forces that
impact a particular market, industry, or country.
PEST Analysis - Why (1:66) - ANSWERSHelps you understand macro trends of
external environment in which your company operates, and it provides an
understanding of risks associated with market growth or decline and your company's
position and potential direction
PEST - P - Political (1:65,69,71) - ANSWERSGovernment regulations and legal factors
that affect the business environment and trade market, and they will likely trickle down
impact on your company
PEST - E - Economic (1:65,74) - ANSWERSThe overall health of the economy and how
these factors influence companies, organizations, and their decisions.
PEST - S - Social (1:65,78) - ANSWERSLooks at cultural aspects of the market and
how they affect the demand for a company's products and/or services; customer needs
and determine what incents them to make purchases
,PEST - T - Technological (1:65,81) - ANSWERSHow technology can either positively or
negatively impact a business and the products and/or services they provide. i.e.
technology advancements, life cycle of technologies, technology innovation
SMS - stakeholder management strategy(1:91) - ANSWERSTechnology deployment
could impact not only security, but also the enterprise. All stakeholders and impact need
to be identified and managed
SMS - Stakeholder(1:95) - ANSWERSPeople or groups with a vested interest in the
success of your strategy and who will affect of be affected by your team's work.
SMS - Phase 1(1:98,99) - ANSWERSIdentifying stakeholders - hold a meeting with your
team of managers and staff to brainstorm who key stakeholders might be
SIPOC - Stakeholder ID Tool - ANSWERSSIPOC (Suppliers, Inputs, Processes,
Outputs, & Customers)
SIPOC - Suppliers (1:102,112) - ANSWERSThose people/groups who provide inputs
SIPOC - Inputs (1:102,111) - ANSWERSkey requirements needed for the process to
work. Should represent information/materials the suppliers provide to you.
SIPOC - Processes (1:102,106) - ANSWERSdefined series of activities;
SIPOC - Outputs (1:102,108) - ANSWERStangible results of the process steps.
SIPOC - Customers (1:102,110) - ANSWERSrecipients/users of the outputs produced
at every step in the process.
SMS - Phase 2 (1:114) - ANSWERSUnderstanding Stakeholder motivation
SMS - Phase 2 - Step 1 (1:114) - ANSWERSUnderstand stakeholders - meeting with
them will help you better understand what motivates them, what they want/need from
you, what interests they have in your work.
SMS - Phase 2 - Step 2 (1:114) - ANSWERSMapping Power and Interest - three levels
of power veto, vote, voice; Three levels of interest - High, medium, low
SMS - Phase 2 - Step 3 (1:114) - ANSWERSPrioritize Stakeholders - High
power/interested people, high power/less interested people, Low power/interested
people, Low power/less interested people
SMS - Phase 3 (1:120) - ANSWERSManage relationships is critical to the success of
every project in every organization, so developing a relationship plan can help you
manage your relationships
, How to develop an understanding of threats (1:129) - ANSWERSUnderstand threat
actors - think like your adversaries and understand their motivations, business assets -
identify critical business assets, Analyzing threats - Understanding adversary TTP's will
help build defense
VERIS (1:132) - ANSWERSVocabulary for Event Recording and Incident Sharing -
defines a schema and set of metrics to describe security incidents in a structured and
repeatable manner.
VERIS Community Database(1:132) - ANSWERSFree repository of publicly reported
security incidents
Verizon DBIR (1:132) - ANSWERSVerizon Data Breach Investigations Report -
standard way to analyze incidents; mapped and recoded incidents from other
frameworks
VERIS Threat Actors (1:133) - ANSWERSExternal - threats from sources outside the
organization; Internal - threats from within organization; Partner - third party business
relationships
NotPetya (1:156) - ANSWERSVariant of Petya ransomware; encrypted Master Boot
Record (MBR); not intended to collect ransom; most expensive cyber attack in history
causing $10 billion in damages
NotPetya - Attack Tools (1:161) - ANSWERSEternalBlue - takes advantage of
unpatched windows Server Message Block (SMB) that allows remote code execution;
MimiKatz - automates collection of secrets on Windows including passwords,
certificates, LanMAN hashes; NTLM hashes, Kerberos tickets.
NotPetya - Impact on Maersk (1:164) - ANSWERS20% reduction in global shipping
equaling $300 million loss; Central booking down; Software at shipping terminals; IT
infrastructure - 45K PC's, 4k servers, 150 domain controllers had to be rebuilt.
Organizaged Crime (1:169-179) - ANSWERSTarget suffered largest retail attack in US
history. After conducting recon, intruders attacked a trusted vendor using a
Fazio mechanical services (1:173) - ANSWERSIdentified as a Target vendor and
exploited via phishing email to an Fazio employee
Citadel malware (1:173) - ANSWERSpassword stealing bot program that is a derivative
of Zeus. Attackers were able to harvest credentials Fazio used to access Targets billing
system
Target Attack - Internal Access (1:174) - ANSWERSAttackers were able to access
billing system and due to lack of network segmentation, they were able to infiltrate POS
system and install BlackPOS on sale terminals.
ANSWERS 100% CORRECT!
Strategic planning (1:8) - ANSWERSdeep analysis and understanding of the state of
business and the threats faced by the organization
Value to the organization (1:8) - ANSWERSdevelop your objectives based on the
organization's vision and mission, stake holder risk appetite and opportunities
Driving engagement (1:8) - ANSWERSexecute on the plan by navigating the internal
values and culture, developing a business case to get support and funding, and
promoting your activities
Organizational Transformation (1:8) - ANSWERSas a leader you must strive to lead,
motivate, and inspire your team members and colleagues to accomplish their goals of
the overall strategic planning process
Security planning - Need (1:11) - ANSWERSrequires an understanding of not only
security threats and capabilities but also a deep understanding of the business
environment & organizational goals.
Verizon Data Breach Investigations Report (1:14) - ANSWERSShows the percentages
of breaches per threat action, i.e. Hacking, malware, social engineering
Understanding the business (1:29) - ANSWERS1. Understand where you've been
2.Understand business Strategy
3.Understand macro factors that affect business 4.understand and develop relationships
with key stakeholders
Business Model (1:41) - ANSWERS1. describes how you operate 2. generate revenue
and make profit 3. deliver value at a reasonable cost
Vertical Business Model (1:45) - ANSWERScombines multiple steps in a value chain
into one organization e.g. development -> distro
Horizontal Business model (1:45) - ANSWERSfocus on one area of the value chain e.g.
Product development
PFF -Porter's Five Forces (1:47) - ANSWERSDeveloped by Micheal E Porter in 1979
who was an authority on competitive strategy and economic development. Method used
to develop business strategy by understanding where power lies in a business situation
,PFF - Power of Customers (1:47) - ANSWERSImpact Customers have on your
business. Force Driven by the # of customers you have, their importance to your
business, and cost of switching them from you to another company
PFF - Substitute Products (1:48) - ANSWERSThe ability for your customer to find
substitute products or an easier way to do what you do
PFF - Power Of Suppliers (1:48) - ANSWERShow easy is it for suppliers to influence
and drive up your prices. Uniqueness of their products, their strength/control of you
PFF - Threats of new entrants (1:48) - ANSWERShow easy is it for people to join the
market and can they become a threat and compete with your company
PFF - Competitive Rivalry (1:48) - ANSWERSLook at the competition and their
capabilities. If no one can do what you do, e.g. products/services, you will have
tremendous strength
Strategic objectives (1:56) - ANSWERS-Based on understanding the business model,
strategy and competitive forces
-Very high level and often vague
Strategy Maps (1:56) - ANSWERS- Links high-level strategic objectives to specific
projects, initiatives
-Shows how to turn strategy into tangible outcomes
-highlights gaps in strategy implementation
-helps communicate strategy to entire organization
PEST Analysis (1:65) - ANSWERSManagement tool to identify external forces that
impact a particular market, industry, or country.
PEST Analysis - Why (1:66) - ANSWERSHelps you understand macro trends of
external environment in which your company operates, and it provides an
understanding of risks associated with market growth or decline and your company's
position and potential direction
PEST - P - Political (1:65,69,71) - ANSWERSGovernment regulations and legal factors
that affect the business environment and trade market, and they will likely trickle down
impact on your company
PEST - E - Economic (1:65,74) - ANSWERSThe overall health of the economy and how
these factors influence companies, organizations, and their decisions.
PEST - S - Social (1:65,78) - ANSWERSLooks at cultural aspects of the market and
how they affect the demand for a company's products and/or services; customer needs
and determine what incents them to make purchases
,PEST - T - Technological (1:65,81) - ANSWERSHow technology can either positively or
negatively impact a business and the products and/or services they provide. i.e.
technology advancements, life cycle of technologies, technology innovation
SMS - stakeholder management strategy(1:91) - ANSWERSTechnology deployment
could impact not only security, but also the enterprise. All stakeholders and impact need
to be identified and managed
SMS - Stakeholder(1:95) - ANSWERSPeople or groups with a vested interest in the
success of your strategy and who will affect of be affected by your team's work.
SMS - Phase 1(1:98,99) - ANSWERSIdentifying stakeholders - hold a meeting with your
team of managers and staff to brainstorm who key stakeholders might be
SIPOC - Stakeholder ID Tool - ANSWERSSIPOC (Suppliers, Inputs, Processes,
Outputs, & Customers)
SIPOC - Suppliers (1:102,112) - ANSWERSThose people/groups who provide inputs
SIPOC - Inputs (1:102,111) - ANSWERSkey requirements needed for the process to
work. Should represent information/materials the suppliers provide to you.
SIPOC - Processes (1:102,106) - ANSWERSdefined series of activities;
SIPOC - Outputs (1:102,108) - ANSWERStangible results of the process steps.
SIPOC - Customers (1:102,110) - ANSWERSrecipients/users of the outputs produced
at every step in the process.
SMS - Phase 2 (1:114) - ANSWERSUnderstanding Stakeholder motivation
SMS - Phase 2 - Step 1 (1:114) - ANSWERSUnderstand stakeholders - meeting with
them will help you better understand what motivates them, what they want/need from
you, what interests they have in your work.
SMS - Phase 2 - Step 2 (1:114) - ANSWERSMapping Power and Interest - three levels
of power veto, vote, voice; Three levels of interest - High, medium, low
SMS - Phase 2 - Step 3 (1:114) - ANSWERSPrioritize Stakeholders - High
power/interested people, high power/less interested people, Low power/interested
people, Low power/less interested people
SMS - Phase 3 (1:120) - ANSWERSManage relationships is critical to the success of
every project in every organization, so developing a relationship plan can help you
manage your relationships
, How to develop an understanding of threats (1:129) - ANSWERSUnderstand threat
actors - think like your adversaries and understand their motivations, business assets -
identify critical business assets, Analyzing threats - Understanding adversary TTP's will
help build defense
VERIS (1:132) - ANSWERSVocabulary for Event Recording and Incident Sharing -
defines a schema and set of metrics to describe security incidents in a structured and
repeatable manner.
VERIS Community Database(1:132) - ANSWERSFree repository of publicly reported
security incidents
Verizon DBIR (1:132) - ANSWERSVerizon Data Breach Investigations Report -
standard way to analyze incidents; mapped and recoded incidents from other
frameworks
VERIS Threat Actors (1:133) - ANSWERSExternal - threats from sources outside the
organization; Internal - threats from within organization; Partner - third party business
relationships
NotPetya (1:156) - ANSWERSVariant of Petya ransomware; encrypted Master Boot
Record (MBR); not intended to collect ransom; most expensive cyber attack in history
causing $10 billion in damages
NotPetya - Attack Tools (1:161) - ANSWERSEternalBlue - takes advantage of
unpatched windows Server Message Block (SMB) that allows remote code execution;
MimiKatz - automates collection of secrets on Windows including passwords,
certificates, LanMAN hashes; NTLM hashes, Kerberos tickets.
NotPetya - Impact on Maersk (1:164) - ANSWERS20% reduction in global shipping
equaling $300 million loss; Central booking down; Software at shipping terminals; IT
infrastructure - 45K PC's, 4k servers, 150 domain controllers had to be rebuilt.
Organizaged Crime (1:169-179) - ANSWERSTarget suffered largest retail attack in US
history. After conducting recon, intruders attacked a trusted vendor using a
Fazio mechanical services (1:173) - ANSWERSIdentified as a Target vendor and
exploited via phishing email to an Fazio employee
Citadel malware (1:173) - ANSWERSpassword stealing bot program that is a derivative
of Zeus. Attackers were able to harvest credentials Fazio used to access Targets billing
system
Target Attack - Internal Access (1:174) - ANSWERSAttackers were able to access
billing system and due to lack of network segmentation, they were able to infiltrate POS
system and install BlackPOS on sale terminals.
