CYBERSECURITY EXAM WITH VERIFIED QUESTIONS #3
What is cybersecurity - correct answer preventing the unauthorized access to data and information
systems.
What three goals does cybersecurity have - correct answer confidentiality, integrity, accessibility.
What is the confidentiality goal of cybersecurity - correct answer ensuring no one with authorized can
access information.
What is the integrity goal of cybersecurity - correct answer ensuring the data hasn't been manipulated
and is accurate.
What is the availability goal of cybersecurity - correct answer ensuring the systems are available to
the end users
What are the three main methods or controls that shape cybersecurity? - correct answer people,
process, technology
What is the role of people in cybersecurity - correct answer - giving people the skills and information
to implement an effective cybersecurity program
- training, awareness, building skills
What is process in cybersecurity - correct answer the policies and organizational procedures used to
implement and manage the cybersecurity program
What role does technology play in cybersecurity - correct answer the tools or controls used to
implement the cybersecurity lifecycle
What is the cybersecurity lifecycle - correct answer the components of cybersecurity according to nist
What are the List components of the cybersecurity lifecycle - correct answer identify, monitor,
protect, detect, respond, recover
What is the old model to approach cybersecurity - correct answer the perimeter model (hard shell,
soft inside)
Why is the perimeter model not fully effective in cybersecurity - correct answer - the perimeter is not
perfect and is only one layer
- you have to violate the perimeter all the time to share information between authorized users
- too many doors and windows
What is the identify function in the list model? - correct answer identify
All the best
,The identify function assists in developing an organizational understanding to managing cybersecurity
risk to systems, people, assets, data, and capabilities. Understanding the business context, the
resources
that support critical functions, and the related cybersecurity risks enables an organization to focus and
prioritize its efforts, consistent with its risk management strategy and business needs.
Examples of outcome categories within this function include:
Identifying physical and software assets within the organization to establish the basis of an
asset management program
Identifying the business environment the organization supports including the organization's
role in the supply chain, and the organizations place in the critical infrastructure sector
Identifying cybersecurity policies established within the organization to define the governance
program as well as identifying legal and regulatory requirements regarding the cybersecurity
capabilities of the organization
Identifying asset vulnerabilities, threats to internal and external organizational resources, and
risk response activities as a basis for the organizations risk assessment
Identifying a risk management strategy for the organization including establishing risk
tolerances
Identifying a supply chain risk management strategy including priorities, constraints, risk
tolerances, and assumptions used to support risk decisions associated with managing supply
chain risks
What is the protect function in the list model - correct answer the protect function outlines
appropriate safeguards to ensure delivery of critical infrastructure services. The protect
function supports the ability to limit or contain the impact of a potential cybersecurity event.
Examples of outcome categories within this function include:
All the best
, Protections for identity management and access control within the organization including
physical and remote access
Empowering staff within the organization through awareness and training including role based
and privileged user training
Establishing data security protection consistent with the organization's risk strategy to protect
the confidentiality, integrity, and availability of information
Implementing information protection processes and procedures to maintain and manage the
protections of information systems and assets
Protecting organizational resources through
Maintenance, including remote maintenance, activities
Managing protective technology to ensure the security and resilience of systems and assists are
consistent with organizational policies, procedures, and agreements
What is the detect function in the nist model? - correct answer detect: identifying the
occurrence of a cybersecurity event (an incursion or attempted incursion) in a timely manner
Details:
The detect function defines the appropriate activities to identify the occurrence of a
cybersecurity event. The detect function enables timely discovery of cybersecurity events.
Examples of outcome categories within this function include:
Ensuring anomalies and events are detected, and their potential impact is understood
All the best
, Implementing security continuous monitoring capabilities to monitor cybersecurity events and
verify the effectiveness of protective measures including network and physical activities
Maintaining detection processes to provide awareness of anomalous events
What is the respond function in the list model? - correct answer to take action regarding . Detected
cybersecurity incident to minimize impact
Details:
The respond function includes appropriate activities to take action regarding a detected cybersecurity
incident. The respond function supports the ability to contain the impact of a potential cybersecurity
incident.
Examples of outcome categories within this function include:
Ensuring response planning process are executed during and after an incident
Managing communications during and after an event with stakeholders, law enforcement,
external stakeholders as appropriate
Analysis is conducted to ensure effective response and support recovery activities including
forensic analysis, and determining the impact of incidents
Mitigation activities are performed to prevent expansion of an event and to resolve the incident
The organization implements improvements by incorporating lessons learned from current and
previous detection / response activities
What is the recover function in the list model - correct answer to maintain plans for resilience and to
restore services impaired during cybersecurity incidents
All the best
What is cybersecurity - correct answer preventing the unauthorized access to data and information
systems.
What three goals does cybersecurity have - correct answer confidentiality, integrity, accessibility.
What is the confidentiality goal of cybersecurity - correct answer ensuring no one with authorized can
access information.
What is the integrity goal of cybersecurity - correct answer ensuring the data hasn't been manipulated
and is accurate.
What is the availability goal of cybersecurity - correct answer ensuring the systems are available to
the end users
What are the three main methods or controls that shape cybersecurity? - correct answer people,
process, technology
What is the role of people in cybersecurity - correct answer - giving people the skills and information
to implement an effective cybersecurity program
- training, awareness, building skills
What is process in cybersecurity - correct answer the policies and organizational procedures used to
implement and manage the cybersecurity program
What role does technology play in cybersecurity - correct answer the tools or controls used to
implement the cybersecurity lifecycle
What is the cybersecurity lifecycle - correct answer the components of cybersecurity according to nist
What are the List components of the cybersecurity lifecycle - correct answer identify, monitor,
protect, detect, respond, recover
What is the old model to approach cybersecurity - correct answer the perimeter model (hard shell,
soft inside)
Why is the perimeter model not fully effective in cybersecurity - correct answer - the perimeter is not
perfect and is only one layer
- you have to violate the perimeter all the time to share information between authorized users
- too many doors and windows
What is the identify function in the list model? - correct answer identify
All the best
,The identify function assists in developing an organizational understanding to managing cybersecurity
risk to systems, people, assets, data, and capabilities. Understanding the business context, the
resources
that support critical functions, and the related cybersecurity risks enables an organization to focus and
prioritize its efforts, consistent with its risk management strategy and business needs.
Examples of outcome categories within this function include:
Identifying physical and software assets within the organization to establish the basis of an
asset management program
Identifying the business environment the organization supports including the organization's
role in the supply chain, and the organizations place in the critical infrastructure sector
Identifying cybersecurity policies established within the organization to define the governance
program as well as identifying legal and regulatory requirements regarding the cybersecurity
capabilities of the organization
Identifying asset vulnerabilities, threats to internal and external organizational resources, and
risk response activities as a basis for the organizations risk assessment
Identifying a risk management strategy for the organization including establishing risk
tolerances
Identifying a supply chain risk management strategy including priorities, constraints, risk
tolerances, and assumptions used to support risk decisions associated with managing supply
chain risks
What is the protect function in the list model - correct answer the protect function outlines
appropriate safeguards to ensure delivery of critical infrastructure services. The protect
function supports the ability to limit or contain the impact of a potential cybersecurity event.
Examples of outcome categories within this function include:
All the best
, Protections for identity management and access control within the organization including
physical and remote access
Empowering staff within the organization through awareness and training including role based
and privileged user training
Establishing data security protection consistent with the organization's risk strategy to protect
the confidentiality, integrity, and availability of information
Implementing information protection processes and procedures to maintain and manage the
protections of information systems and assets
Protecting organizational resources through
Maintenance, including remote maintenance, activities
Managing protective technology to ensure the security and resilience of systems and assists are
consistent with organizational policies, procedures, and agreements
What is the detect function in the nist model? - correct answer detect: identifying the
occurrence of a cybersecurity event (an incursion or attempted incursion) in a timely manner
Details:
The detect function defines the appropriate activities to identify the occurrence of a
cybersecurity event. The detect function enables timely discovery of cybersecurity events.
Examples of outcome categories within this function include:
Ensuring anomalies and events are detected, and their potential impact is understood
All the best
, Implementing security continuous monitoring capabilities to monitor cybersecurity events and
verify the effectiveness of protective measures including network and physical activities
Maintaining detection processes to provide awareness of anomalous events
What is the respond function in the list model? - correct answer to take action regarding . Detected
cybersecurity incident to minimize impact
Details:
The respond function includes appropriate activities to take action regarding a detected cybersecurity
incident. The respond function supports the ability to contain the impact of a potential cybersecurity
incident.
Examples of outcome categories within this function include:
Ensuring response planning process are executed during and after an incident
Managing communications during and after an event with stakeholders, law enforcement,
external stakeholders as appropriate
Analysis is conducted to ensure effective response and support recovery activities including
forensic analysis, and determining the impact of incidents
Mitigation activities are performed to prevent expansion of an event and to resolve the incident
The organization implements improvements by incorporating lessons learned from current and
previous detection / response activities
What is the recover function in the list model - correct answer to maintain plans for resilience and to
restore services impaired during cybersecurity incidents
All the best
