Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Course 001 - Foundations of Cybersecurity > Module 3-01 Challenge > Flashcards

Module 3-01 Challenge Flashcards

1
Q

What are some of the primary purposes of security frameworks? Select four answers.

  • Securing financial information
  • Safeguarding specific individuals
  • Aligning security with business goals
  • Identifying security weaknesses
  • Protecting PII data
A
  • Securing financial information
  • Aligning security with business goals
  • Identifying security weaknesses
  • Protecting PII data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following are core components of security frameworks? Select four answers.

  • Implementing security processes
  • Establishing regulatory compliance measures
  • Monitoring personally identifiable information
  • Setting guidelines to achieve security goals
  • Monitoring and communicating results
  • Identifying and documenting security goals
A
  • Implementing security processes
  • Setting guidelines to achieve security goals
  • Monitoring and communicating results
  • Identifying and documenting security goals
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A security professional implements encryption and multi-factor authentication (MFA) to better protect customers’ private data. This is an example of using _____.

  • organizational upgrades
  • security teams
  • networking regulations
  • security controls
A

security controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You are helping your security team consider risk when setting up a new software system. Using the CIA triad, you focus on confidentiality, integrity, and what else?

  • Applications
  • Availability
  • Accuracy
  • Activity
A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

_____ are items perceived as having value to an organization.

  • Lifecycles
  • Alerts
  • Incidents
  • Assets
A

Assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following statements accurately describe the NIST CSF? Select all that apply.

  • Security teams use it as a baseline to manage risk.
  • It is only effective at managing long-term risk.
  • Its purpose is to help manage cybersecurity risk.
  • It consists of standards, guidelines, and best practices.
  • It is a voluntary framework.
A
  • Security teams use it as a baseline to manage risk.
  • Its purpose is to help manage cybersecurity risk.
  • It consists of standards, guidelines, and best practices.
  • It is a voluntary framework.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Some of the most dangerous threat actors are _____ because they often know where to find sensitive information, can access it, and may have malicious intent.

  • dissatisfied customers
  • past vendors
  • senior partners
  • disgruntled employees
A

disgruntled employees

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A security professional is updating software on a coworker’s computer and happens to see a very interesting email about another employee. The security professional chooses to follow company guidelines with regards to privacy protections and does not share the information with coworkers. Which concept does this scenario describe?

  • Preserving evidence
  • Security ethics
  • Security controls
  • Business email compromise
A

Security ethics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which ethical principle describes safeguarding personal information from unauthorized use?

  • Non-bias
  • Honesty
  • Incident investigation
  • Privacy protection
A

Privacy protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which ethical principle describes the rules that are recognized by a community and enforced by a governing entity?

  • Laws
  • Restrictions
  • Guidelines
  • Protections
A

Laws

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are some of the primary purposes of security frameworks? Select three answers.

  • Protecting PII data
  • Identifying security weaknesses
  • Managing organizational risks
  • Safeguarding specific individuals
A
  • Protecting PII data
  • Identifying security weaknesses
  • Managing organizational risks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A security professional has been tasked with implementing strict password policies on workstations to reduce the risk of password theft. This is an example of _____.

  • hardware changes
  • security teams
  • networking regulations
  • security controls
A

security controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A key aspect of the CIA triad is ensuring that only _____ can access specific assets.

  • business competitors
  • social media sites
  • authorized users
  • internet providers
A

authorized users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A security professional working at a bank is running late for a meeting. They consider saving time by leaving files on their desk that contain client account numbers. However, after thinking about company guidelines with regards to compliance, the security professional takes the time to properly store the files. Which concept does this scenario describe?

  • Security ethics
  • Preserving evidence
  • Security controls
  • Public finance
A
  • Security ethics
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The ethical principle of _____ involves safeguarding a company database that contains sensitive information about employees.

  • unrestricted access
  • non-bias
  • privacy protection
  • honesty
A

privacy protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You are a security professional working for a state motor vehicle agency that stores drivers’ national identification numbers and banking information. Which ethical principle involves adhering to rules that are intended to protect these types of data?

  • Restrictions
  • Investigations
  • Guidelines
  • Laws
A

Laws

17
Q

For what reasons might disgruntled employees be some of the most dangerous threat actors? Select two answers.

  • They have advanced technical skills.
  • They are less productive than other employees.
  • They know where to find sensitive information.
  • They have access to sensitive information.
A
  • They know where to find sensitive information.
  • They have access to sensitive information.
18
Q

A security professional overhears two employees discussing an exciting new product that has not been announced to the public. The security professional chooses to follow company guidelines with regards to confidentiality and does not share the information about the new product with friends. Which concept does this scenario describe?

  • Data encryption
  • Preserving evidence
  • Security ethics
  • Security controls
A

Security ethics

Course 001 - Foundations of Cybersecurity (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions