Cybersecurity Fundamentals (Section 1,5 And 6)
Cyber security is the practice of ensuring the integrity, confidentiality, and availability of information. It helps prevent dangerous accidents like hard drive failures or power outages, and from attacks by adversaries. If you are planning to get the certificate from Nexus on cyber security the quiz below will help with your revision of section 1,5 and 6.
- 1.Three common controls used to protect the availability of information are:
- A.
A. Redundancy, backups and access controls.
- B.
B. Encryption, file permissions and access controls.
- C.
C. Access controls, logging and digital signatures.
- D.
D. Hashes, logging and backups.
- 2.2. Select all that apply. Governance has several goals, including:
- A.
A. Providing strategic direction.
- B.
B. Ensuring that objectives are achieved.
- C.
C. Verifying that organizational resources are being used appropriately.
- D.
D. Directing and monitoring security activities.
- E.
E. Ascertaining whether risk is being managed properly.
- 3.Choose three. According to the NIST framework, which of the following are considered key functions necessary for the protection of digital assets?
- A.
Encrypt
- B.
Protect
- C.
Investigate
- D.
Recover
- E.
Identify
- 4.Which of the following is the best definition for cybersecurity?
- A.
A. The process by which an organization manages cybersecurity risk to an acceptable level
- B.
B. The protection of information from unauthorized access or disclosure
- C.
C. The protection of paper documents, digital and intellectual property, and verbal or visual communications
- D.
D. Protecting information assets by addressing threats to information that is processed, stored or transported by interworked information systems
- 5.Which of the following cybersecurity roles is charged with the duty of managing incidents and remediation?
- A.
A. Board of directors
- B.
B. Executive committee
- C.
C. Cybersecurity management
- D.
D. Cybersecurity practitioners
- 6.Which element of an incident response plan involves obtaining and preserving evidence?
- A.
Preparation
- B.
Identification
- C.
Containment
- D.
Eradication
- 7.Select three. The chain of custody contains information regarding:
- A.
A. Disaster recovery objectives, resources and personnel.
- B.
B. Who had access to the evidence, in chronological order.
- C.
C. Labor, union and privacy regulations.
- D.
D. Proof that the analysis is based on copies identical to the original evidence.
- E.
E. The procedures followed in working with the evidence.
- 8.. NIST defines a(n) as a “violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.”
- A.
Disaster
- B.
Event
- C.
Threat
- D.
Incident
- 9.Select all that apply. A business impact analysis (BIA) should identify:
- A.
A. The circumstances under which a disaster should be declared.
- B.
B. The estimated probability of the identified threats actually occurring.
- C.
C. The efficiency and effectiveness of existing risk mitigation controls.
- D.
D. A list of potential vulnerabilities, dangers and/or threats.
- E.
E. Which types of data backups (full, incremental and differential) will be used.
- 10.____________________ is defined as “a model for enabling convenient, on-demand network access to a shared pool of configurable resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management or service provider interaction.”
- A.
A. Software as a Service (SaaS)
- B.
B. Cloud computing
- C.
C. Big data
- D.
D. Platform as a Service (PaaS)
- 11.Select all that apply. Which of the following statements about advanced persistent threats (APTs) are true?
- A.
A. APTs typically originate from sources such as organized crime groups, activists or governments.
- B.
B. APTs use obfuscation techniques that help them remain undiscovered for months or even years.
- C.
C. APTs are often long-term, multi-phase projects with a focus on reconnaissance.
- D.
D. The APT attack cycle begins with target penetration and collection of sensitive information.
- E.
E. Although they are often associated with APTs, intelligence agencies are rarely the perpetrators of APT attacks.
- 12.Smart devices, BYOD strategies and freely available applications and services are all examples of:
- A.
A. The reorientation of technologies and services designed around the individual end user.
- B.
B. The primacy of external threats to business enterprises in today’s threat landscape.
- C.
C. The stubborn persistence of traditional communication methods.
- D.
D. The application layer’s susceptibility to APTs and zero-day exploits.
- 13.Choose three. Which types of risk are typically associated with mobile devices?
- A.
A. Organizational risk
- B.
B. Compliance risk
- C.
C. Technical risk
- D.
D. Physical risk
- E.
E. Transactional risk
- 14.Which three elements of the current threat landscape have provided increased levels of access and connectivity, and therefore increased opportunities for cybercrime?
- A.
A. Text messaging, Bluetooth technology and SIM cards
- B.
B. Web applications, botnets and primary malware
- C.
C. Financial gains, intellectual property and politics
- D.
D. Cloud computing, social media and mobile computing
Questions: 25 | Attempts: 13555 | Last updated: Jun 17, 2020
-
Sample QuestionWhich of the following attacks requires acarrier file to self-replicate?
Questions: 36 | Attempts: 12409 | Last updated: Aug 6, 2020
-
Sample QuestionWhich one of the following describes spam?
Questions: 50 | Attempts: 8131 | Last updated: Jan 11, 2021
-
Sample QuestionThree common controls used to protect the availability of information are:
Back to top