Module 1-01 Challenge Flashcards
Module 1 Challenge
Cybersecurity aims to protect networks, devices, people, and data from _____ or criminal exploitation.
- changing business priorities
- poor financial management
- unauthorized access
- market shifts
unauthorized access
What occurs during a security audit?
- Prioritizing tasks, processes, and procedures
- Analyzing the efficiency of an organization’s internal network
- Ethical hacking of an organization’s internal network to identify vulnerabilities
- Review of an organization’s security records, activities, and other related documents
Review of an organization’s security records, activities, and other related documents
An employee receives an email that they believe to be legitimate. They click on a compromised link within the email. What type of internal threat does this scenario describe?
- Accidental
- Operational
- Abusive
- Intentional
Accidental
What is identity theft?
- Trying to gain access to an organization’s private networks
- A data breach that affects an entire organization
- Failing to maintain and secure user, customer, and vendor data
- Stealing personal information to commit fraud while impersonating a victim
Stealing personal information to commit fraud while impersonating a victim
What is regulatory compliance?
- Laws and guidelines that require implementation of security standards
- Expenses and fines associated with vulnerabilities
- Threats and risks from employees and external vendors
- Sites and services that require complex passwords to access
Laws and guidelines that require implementation of security standards
Which of the following proficiencies are examples of technical skills? Select two answers.
- Applying computer forensics
- Automating tasks with programming
- Prioritizing collaboration
- Communicating with employees
Applying computer forensics ;
Automating tasks with programming
Security information and event _____ (SIEM) tools enable security professionals to identify and analyze threats, risks, and vulnerabilities.
- maturity
- management
- monitoring
- mitigation
management
A security professional investigates an alert about an unknown user accessing a system within their organization. What is the purpose of computer forensics in this situation?
- Identify, analyze, and preserve criminal evidence
- Implement tools that help detect an incident
- Make upgrades to network security
- Establish new security frameworks, controls, and regulations for the business
Identify, analyze, and preserve criminal evidence
Which of the following statements accurately describe personally identifiable information (PII) and sensitive personally identifiable information (SPII)? Select all that apply.
- The theft of SPII is often more damaging than the theft of PII.
- An example of PII is someone’s email address.
- An example of SPII is someone’s last name.
- SPII is a type of PII that falls under stricter handling guidelines.
The theft of SPII is often more damaging than the theft of PII.
An example of PII is someone’s email address.
SPII is a type of PII that falls under stricter handling guidelines.
A security professional collaborates with information technology teams to deploy an application that helps identify risks and vulnerabilities. What does this scenario describe?
- Installing detection software
- Upgrading network capacity
- Conducting a security audit
- Ethical hacking
Installing detection software
An individual is in their first job as an entry-level security professional. They apply the problem-solving proficiencies that they learned in past roles to their current security career. What does this scenario describe?
- Taking on-the-job training
- Having expertise with a specific procedure
- Understanding business standards
- Using transferable skills
Using transferable skills
