Test 1 Flashcards
In the TCP/IP model, packets are the Protocol Data Units (PDUs) of which layer?
Internetworks
a secure computer system architecture for enforcing the separation of duties and the integrity of high-value transactions?
Clark-Wilson model
As the IT Security Manager of a large financial institution, Aamir is working on implementing a new security system to protect against cyber attacks. He has the option of choosing between four different solutions. Which of the following options would be the most effective in preventing cyber-attacks?
Employing a full-time, dedicated cybersecurity team
We are in a court where the evidence must be “the majority of the proof.” Which type of law does that relate to?
Civil law
As the Chief Information Security Officer, you are responsible for conducting regular risk assessments to identify potential vulnerabilities in the company’s systems. What is a quantitative measure used in risk assessments to determine the potential impact of a security breach on an organization’s assets?
Asset Value (AV)
When we are building a new server, if we want fault tolerance, which of these would we NOT use?
Single disks
(Fault tolerance is a system’s ability to continue operating normally even if it experiences failures or malfunctions)
In order to ensure the safety of ThorTeaches.com’s sensitive data, it is crucial to identify any potential vulnerabilities or threats in the system. Which of the following is a method of identifying potential vulnerabilities and threats in a system?
Security audit
What is the MOST important factor when implementing a security strategy for a new network?
Regular security audits
What is the main difference between access control and identity and access management?
Access control is a subset of identity and access management, while identity and access management is a broader concept.
What can we use digital signatures to provide?
Confidentiality, Integrity, Authentication
What is the MOST important factor to consider when conducting digital forensics?
The integrity of the evidence
As an IT Security professional, you are expected to perform due care. What does this mean?
You are expected to take reasonable steps to protect your organization’s data and assets from unauthorized access or harm.
When assessing the accuracy of security control, which of the following indicators is the PRIMARY consideration?
The LOWEST number of false negatives
What is the MOST common type of storage media used in WORM (Write Once, Read Many) systems?
Optical disc
What type of authentication is used when a user’s password is hashed and compared to the stored hash value?
Single-factor authentication
What is the process of identifying and analyzing the weaknesses of a system?
Threat modeling
When would we deploy honeypots?
To collect information about potential attackers.
Which of the following is the LOWEST layer of the OSI (Open Systems Interconnection) reference model?
Physical layer
Which of the following is the HIGHEST layer in the TCP/IP model?
Application
Your team has been tasked with evaluating the company’s current cybersecurity measures and identifying areas for improvement. What is the primary factor that determines the value of an asset in terms of its impact on an organization’s cyber security?
The asset’s potential to cause harm to the organization
definition of MAO (Maximum Acceptable Outage)
The longest period of time that a system or service can be offline without causing significant damage to the organization.
How do Identity and Access Management (IAM) and Encryption of Data at Rest (EDR) differ in terms of cloud security?
IAM ensures that only authorized users have access to data, while EDR ensures that data is encrypted when stored on cloud servers.
Which of the following methods is the FIRST and LOWEST cost option for data destruction?
Overwriting
What is Mandatory Access Control (MAC) based on?
Sensitivity labels
