Module 1 - 01-1

Question 1

Define Cybersecurity (or security)

Answer 1

The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation

Question 2

Cybersecurity is the practice of ensuring ___ . (3)

Answer 2

Confidentiality, Integrity, and Availability of Information are ensured through the effective practice of security. This involves protecting networks, devices, people, and data from unauthorized access or criminal exploitation.

Question 3

What are the Benefits of Security (5)?

Answer 3

• Protects against External and Internal Threats
• Meets Regulatory Compliance (laws or guidelines)
• Maintains and Improve Business Productivity
• Reduce Expenses
• Maintains Brand Trust

Question 4

Define Threat

Answer 4

Any circumstance or event that can negatively impact assets

Question 5

Define External Threat

Answer 5

Someone outside of the organization trying to gain access to private information, networks or devices

Question 6

Define Internal Threat

Answer 6

A current or former employee, external vendor, or trusted partner who poses a security risk

Question 7

What are Common Job Titles for Security positions (6)?

Answer 7

• Security analyst or specialist
• Cybersecurity analyst or specialist
• Security operation center or SOC analyst
• Information security analyst

Question 8

What are Security Analysts responsible for?

Answer 8

Security analysts are responsible for monitoring and protecting information and systems.

Question 9

What are Three primary responsibilities of a security analyst?

Answer 9

Protecting computer and network systems
Install prevention software
Conducting periodic security audits

Question 10

Define Security Audit

Answer 10

A review of an organization’s security records, activities, and other related documents

Question 11

Define Compliance

Answer 11

The process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.

Question 12

Define Security Framework

Answer 12

Guidelines used for building plans to help mitigate risks and threats to data and privacy

Question 13

Define Security controls

Answer 13

Safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.

Question 14

Define Security Posture

Answer 14

An organization’s ability to manage its defense of critical assets and data and react to change.

A strong security posture leads to lower risk for the organization.

Question 15

Define Threat Actor
(or malicious attacker)

Answer 15

Any person or group who presents a security risk.
This risk can relate to computers, applications, networks, and data.

Question 16

Define Network Security

Answer 16

The practice of keeping an organization’s network infrastructure secure from unauthorized access.
This includes data, services, systems, and devices that are stored in an organization’s network.

Question 17

Define Cloud Security

Answer 17

The process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users.

Question 18

Define Programming

Answer 18

A process that can be used to create a specific set of instructions for a computer to execute tasks.

Question 19

What are examples of programming tasks (3)?

Answer 19

• Automation of repetitive tasks (e.g., searching a list of malicious domains)
• Reviewing web traffic
• Alerting suspicious activity

Question 20

What are the primary responsibilities of an entry-level security analyst (3)?

Answer 20

• Monitor systems
• Protect information
• Search for weaknesses

Question 21

Cybersecurity is the practice of ensuring _____ by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.

• customer trust, increased revenue, and advancement
• confidentiality, integrity, and availability of information
• continuity, infrastructure, and attainment of business goals
• compliance, instructions, and accuracy

Answer 21

confidentiality, integrity, and availability of information

Question 22

What are the primary responsibilities of an entry-level security analyst? Select three answers.

• Monitor systems
• Protect information
• Search for weaknesses
• Create compliance laws

Answer 22

• Monitor systems
• Protect information
• Search for weaknesses

The primary responsibilities of an entry-level security analyst are as follows: Monitor systems, protect information, and search for weaknesses.

Question 23

Performing _____ enables security professionals to review an organization’s security records, activities, and related documents.

• security audits
• ethical hacking
• penetration tests
• software developments

Answer 23

security audits

Question 24

In what ways do security teams bring value to an organization? Select two answers.

• Achieving regulatory compliance
• Increasing operational expenses
• Reducing business productivity
• Protecting against external and internal threats

Answer 24

Achieving regulatory compliance
Protecting against external and internal threats

Achieving regulatory compliance and protecting against external and internal threats are ways that security teams bring value to an organization.