BSC IT CYBER SECURITU SEMESTER 1 EXAM QUESTIONS
WITH CORRECT ANSWERS 2022/2023
What is Vulnerability in Cyber-Security?
a. A potential for violation of security that exists.
b. The property of a system or system resource ensuring that the actions of a system entity
may be traced uniquely to that entity.
c. Assurance that the sender of information is provided with proof of delivery.
d. A flaw or weakness in a system’s design, implementation, or operation and management.
The correct answer is: A flaw or weakness in a system’s design, implementation, or operation and
management.
is a U.S. federal agency that deals with measurement science, standards, and
technology related to the U.S.
a. CIS
b. CRSC
c. NIST
d. ISO
The correct answer is: NIST
Which of the following defines the task for Business managers?
a. Responsible for ensuring that critical business applications, processes, and local
environments are effectively managed and controlled.
b. Responsible for designing, planning, developing, deploying, and maintaining key business
applications.
c. Responsible for promoting or implementing an information security assurance program.
d. Responsible for developing policy and implementing sound information security governance.
The correct answer is: Responsible for ensuring that critical business applications, processes, and
local environments are effectively managed and controlled.
CIS stands for
a. Center for Intelligence Security.
b. Center for Information Security.
c. Center for Internet Security.
d. Center for International Security.
The correct answer is: Center for Internet Security.
Which of the following BEST describes Integrity?
a. The characteristics of making data available to all users
b. The characteristics of being genuine and being able to be verified and trusted.
c. None of the options mentioned
d. The characteristics that data has not been changed, destroyed, or lost in an unauthorized or
accidental manner.
The correct answer is: The characteristics that data has not been changed, destroyed, or lost in an
unauthorized or accidental manner.
Which of the following is NOT an NIST cybersecurity framework component?
,BSC IT CYBER SECURITU SEMESTER 1 EXAM QUESTIONS
WITH CORRECT ANSWERS 2022/2023
a. Profiles
b. Implementation tiers
c. Core
d. None of the options mentioned
The correct answer is: None of the options mentioned
Which of the following is NOT part of the fundamental principles that contribute to the successful
implementation of information security management system (ISMS)?
a. Active prevention and detection of information security incidents
b. Assignment of responsibility for information security
c. Awareness of the need for information security
d. Open Systems Interconnection (OSI) communications architecture
The correct answer is: Open Systems Interconnection (OSI) communications architecture
What is Cybersecurity?
a. It is data contained in an information system or a service provided by a system or a system
capability.
b. It is a collection of tools, policies, security concepts, security safeguards that are used to
protect the cyberspace environment, organization and user’s assets.
c. It consists of artifacts based on or dependent on computer and communications technology
the interconnections among these various elements.
d. It is a measure of the extent to which an entity is threatened by a potential circumstance or
event.
The correct answer is: It is a collection of tools, policies, security concepts, security safeguards that
are used to protect the cyberspace environment, organization and user’s assets.
The protection of networks and their services from unauthorized modification can be described as
a. Authenticity
b. Confidentiality
c. Information Security
d. Network security
The correct answer is: Network security
Authenticity can be defined as
a. the characteristics of a system or system resource ensuring that the actions of a system
entity may be traced uniquely to that entity.
b. the characteristics that data is not disclosed to system entities unless they have been
authorized to know the data.
c. the characteristics that data is genuine and being able to be verified and trusted.
d. the characteristics that data has not been changed, destroyed, or lost in an unauthorized or
accidental manner.
The correct answer is: the characteristics that data is genuine and being able to be verified and
trusted.
, BSC IT CYBER SECURITU SEMESTER 1 EXAM QUESTIONS
WITH CORRECT ANSWERS 2022/2023
is a set of documents published by ISACA, engaged in the development,
adoption, and use of globally accepted, industry-leading knowledge and practices for information
systems.
a. ITIL Foundation
b. Cobit 5
c. Cobit
d. All of the options mentioned
The correct answer is: Cobit
Security Policy can be defined as
a. Assuring that the security management function enables business continuity.
b. Deploying and managing the security controls to satisfy the defined security requirements.
c. Set of rules and practices that specify or regulate how a system or organization provides
security services to protect sensitive and critical system resources.
d. Approaches for managing and controlling the cybersecurity function(s).
The correct answer is: Set of rules and practices that specify or regulate how a system or
organization provides security services to protect sensitive and critical system resources.
is a standard of the PCI Security Standards Council that provides guidance for
maintaining payment security
a. PCI DSS
b. DSS
c. PCI
d. CDE
The correct answer is: PCI DSS
is the MOST important set of standards for Cyber-Security?
a. PCI Data Security Standard.
b. ISO 27000.
c. ISO 27002.
d. Basel II 1998.
The correct answer is: ISO 27000.
COBIT is a set of documents published by .
a. ICA.
b. CIS.
c. ISACA.
d. ISO.
The correct answer is: ISACA.
Risk can be defined as
a. artifacts based on or dependent on computer and communications technology the
interconnections among these various elements.
WITH CORRECT ANSWERS 2022/2023
What is Vulnerability in Cyber-Security?
a. A potential for violation of security that exists.
b. The property of a system or system resource ensuring that the actions of a system entity
may be traced uniquely to that entity.
c. Assurance that the sender of information is provided with proof of delivery.
d. A flaw or weakness in a system’s design, implementation, or operation and management.
The correct answer is: A flaw or weakness in a system’s design, implementation, or operation and
management.
is a U.S. federal agency that deals with measurement science, standards, and
technology related to the U.S.
a. CIS
b. CRSC
c. NIST
d. ISO
The correct answer is: NIST
Which of the following defines the task for Business managers?
a. Responsible for ensuring that critical business applications, processes, and local
environments are effectively managed and controlled.
b. Responsible for designing, planning, developing, deploying, and maintaining key business
applications.
c. Responsible for promoting or implementing an information security assurance program.
d. Responsible for developing policy and implementing sound information security governance.
The correct answer is: Responsible for ensuring that critical business applications, processes, and
local environments are effectively managed and controlled.
CIS stands for
a. Center for Intelligence Security.
b. Center for Information Security.
c. Center for Internet Security.
d. Center for International Security.
The correct answer is: Center for Internet Security.
Which of the following BEST describes Integrity?
a. The characteristics of making data available to all users
b. The characteristics of being genuine and being able to be verified and trusted.
c. None of the options mentioned
d. The characteristics that data has not been changed, destroyed, or lost in an unauthorized or
accidental manner.
The correct answer is: The characteristics that data has not been changed, destroyed, or lost in an
unauthorized or accidental manner.
Which of the following is NOT an NIST cybersecurity framework component?
,BSC IT CYBER SECURITU SEMESTER 1 EXAM QUESTIONS
WITH CORRECT ANSWERS 2022/2023
a. Profiles
b. Implementation tiers
c. Core
d. None of the options mentioned
The correct answer is: None of the options mentioned
Which of the following is NOT part of the fundamental principles that contribute to the successful
implementation of information security management system (ISMS)?
a. Active prevention and detection of information security incidents
b. Assignment of responsibility for information security
c. Awareness of the need for information security
d. Open Systems Interconnection (OSI) communications architecture
The correct answer is: Open Systems Interconnection (OSI) communications architecture
What is Cybersecurity?
a. It is data contained in an information system or a service provided by a system or a system
capability.
b. It is a collection of tools, policies, security concepts, security safeguards that are used to
protect the cyberspace environment, organization and user’s assets.
c. It consists of artifacts based on or dependent on computer and communications technology
the interconnections among these various elements.
d. It is a measure of the extent to which an entity is threatened by a potential circumstance or
event.
The correct answer is: It is a collection of tools, policies, security concepts, security safeguards that
are used to protect the cyberspace environment, organization and user’s assets.
The protection of networks and their services from unauthorized modification can be described as
a. Authenticity
b. Confidentiality
c. Information Security
d. Network security
The correct answer is: Network security
Authenticity can be defined as
a. the characteristics of a system or system resource ensuring that the actions of a system
entity may be traced uniquely to that entity.
b. the characteristics that data is not disclosed to system entities unless they have been
authorized to know the data.
c. the characteristics that data is genuine and being able to be verified and trusted.
d. the characteristics that data has not been changed, destroyed, or lost in an unauthorized or
accidental manner.
The correct answer is: the characteristics that data is genuine and being able to be verified and
trusted.
, BSC IT CYBER SECURITU SEMESTER 1 EXAM QUESTIONS
WITH CORRECT ANSWERS 2022/2023
is a set of documents published by ISACA, engaged in the development,
adoption, and use of globally accepted, industry-leading knowledge and practices for information
systems.
a. ITIL Foundation
b. Cobit 5
c. Cobit
d. All of the options mentioned
The correct answer is: Cobit
Security Policy can be defined as
a. Assuring that the security management function enables business continuity.
b. Deploying and managing the security controls to satisfy the defined security requirements.
c. Set of rules and practices that specify or regulate how a system or organization provides
security services to protect sensitive and critical system resources.
d. Approaches for managing and controlling the cybersecurity function(s).
The correct answer is: Set of rules and practices that specify or regulate how a system or
organization provides security services to protect sensitive and critical system resources.
is a standard of the PCI Security Standards Council that provides guidance for
maintaining payment security
a. PCI DSS
b. DSS
c. PCI
d. CDE
The correct answer is: PCI DSS
is the MOST important set of standards for Cyber-Security?
a. PCI Data Security Standard.
b. ISO 27000.
c. ISO 27002.
d. Basel II 1998.
The correct answer is: ISO 27000.
COBIT is a set of documents published by .
a. ICA.
b. CIS.
c. ISACA.
d. ISO.
The correct answer is: ISACA.
Risk can be defined as
a. artifacts based on or dependent on computer and communications technology the
interconnections among these various elements.
