Week 1 quiz
Which of the following are often identified as the three main goals of security? (Select three.)
> Integrity
-] Confidentiality
Policies
| Non-repudiation
| Employees
—>[] Availability
Assets
A large multinational corporation has recently experienced a significant data breach. The breach was detected by an external cybersecurity firm, and the
corporation's IT department was unable to prevent or detect the breach in its early stages.
The CEO wants to ensure that such a breach does not happen again and is considering several options to enhance the company's security posture.
Which of the following options would be the MOST effective in preventing and detecting future data breaches?
_) Increasing the budget for the IT department to purchase more advanced security software.
— () Implementing a dedicated Computer Incident Response Team (CIRT). .
() Conducting regular cybersecurity training for all employees.
@® Hiring an external cybersecurity firm to conduct regular penetration testing.
A user copies files from her desktop computer to a USB flash device and puts the device into her pocket.
Which of the following security risks is MOST pressing?
— () Confidentiality
() Non-repudiation
) Availability
@® Integrity
You are the Chief Information Security Officer (CISO) at a tech company. Your company is facing issues with silos between the development and operations
teams, leading to inefficiencies and security vulnerabilities.
Which approach should you adopt to encourage collaboration and integrate security considerations at every stage of software development and
deployment?
(O Implementing a new security policy
@ Outsourcing security to a third-party vendor
— () Adopting a Development and Operations (DevOps) approach
Establishing a Security Operations Center (SOC)
, oo
Your computer system is a participant in an asymmetric cryptography system. You've created a message to send to another user. Before transmission, you
hash the message and encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending
it to the other user.
In this example, which protection does the hashing activity provide?
- () Integrity
@ Confidentiality
() Non-repudiation
() Availability
Which of the following is a method of implementing security controls?
— @ Managerial controls
() Sales controls
() Marketing controls
) Financial controls
b0
Which of the following security challenges refers to the rapid and broad spread of an attack, often affecting a large number of computers in a relatively
short amount of time?
@ Proliferation of attack software
Sophisticated attacks
= () Attack scale and velocity
(0 Data encryption
You are the Chief Information Security Officer (CISO) at a large corporation. Your company is expanding rapidly and the complexity of managing security
across different business functions is increasing.
You need a dedicated team to monitor and protect critical information assets across the organization.
Which of the following would be the MOST effective solution?
@ Outsourcing security to a third-party vendor
— (0 Establishing a Security Operations Center (SOC)
() Hiring more IT staff
() Implementing a new security policy
6o
You are the head of the cybersecurity team at a large corporation. You notice an increase in network traffic that appears to be legitimate but is causing a
slowdown in your systems.
Upon further inspection, you find that the traffic patterns vary each time, making it difficult to distinguish from normal traffic.
What type of security challenge are you MOST likely facing?
— @ Sophisticated attack
Attack scale and velocity
() Proliferation of attack software
() Data breach
Which of the following are often identified as the three main goals of security? (Select three.)
> Integrity
-] Confidentiality
Policies
| Non-repudiation
| Employees
—>[] Availability
Assets
A large multinational corporation has recently experienced a significant data breach. The breach was detected by an external cybersecurity firm, and the
corporation's IT department was unable to prevent or detect the breach in its early stages.
The CEO wants to ensure that such a breach does not happen again and is considering several options to enhance the company's security posture.
Which of the following options would be the MOST effective in preventing and detecting future data breaches?
_) Increasing the budget for the IT department to purchase more advanced security software.
— () Implementing a dedicated Computer Incident Response Team (CIRT). .
() Conducting regular cybersecurity training for all employees.
@® Hiring an external cybersecurity firm to conduct regular penetration testing.
A user copies files from her desktop computer to a USB flash device and puts the device into her pocket.
Which of the following security risks is MOST pressing?
— () Confidentiality
() Non-repudiation
) Availability
@® Integrity
You are the Chief Information Security Officer (CISO) at a tech company. Your company is facing issues with silos between the development and operations
teams, leading to inefficiencies and security vulnerabilities.
Which approach should you adopt to encourage collaboration and integrate security considerations at every stage of software development and
deployment?
(O Implementing a new security policy
@ Outsourcing security to a third-party vendor
— () Adopting a Development and Operations (DevOps) approach
Establishing a Security Operations Center (SOC)
, oo
Your computer system is a participant in an asymmetric cryptography system. You've created a message to send to another user. Before transmission, you
hash the message and encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending
it to the other user.
In this example, which protection does the hashing activity provide?
- () Integrity
@ Confidentiality
() Non-repudiation
() Availability
Which of the following is a method of implementing security controls?
— @ Managerial controls
() Sales controls
() Marketing controls
) Financial controls
b0
Which of the following security challenges refers to the rapid and broad spread of an attack, often affecting a large number of computers in a relatively
short amount of time?
@ Proliferation of attack software
Sophisticated attacks
= () Attack scale and velocity
(0 Data encryption
You are the Chief Information Security Officer (CISO) at a large corporation. Your company is expanding rapidly and the complexity of managing security
across different business functions is increasing.
You need a dedicated team to monitor and protect critical information assets across the organization.
Which of the following would be the MOST effective solution?
@ Outsourcing security to a third-party vendor
— (0 Establishing a Security Operations Center (SOC)
() Hiring more IT staff
() Implementing a new security policy
6o
You are the head of the cybersecurity team at a large corporation. You notice an increase in network traffic that appears to be legitimate but is causing a
slowdown in your systems.
Upon further inspection, you find that the traffic patterns vary each time, making it difficult to distinguish from normal traffic.
What type of security challenge are you MOST likely facing?
— @ Sophisticated attack
Attack scale and velocity
() Proliferation of attack software
() Data breach
