dcom 258 final ACTUAL QUESTIONS
AND CORRECT ANSWERS
What is vulnerability management? - CORRECT ANSWERS
Vulnerability management involves identifying, evaluating, treating, and
reporting security vulnerabilities in IT systems, often through patching,
configuration hardening, or upgrades. It includes vulnerability scanning to
detect issues like open ports or outdated software.
What is a vulnerability scanner and its function in alerting and monitoring? -
CORRECT ANSWERS A vulnerability scanner monitors and reports
unmitigated vulnerabilities across hosts, highlighting patch or configuration
issues through consolidated results.
What is attestation in cybersecurity assessments? - CORRECT ANSWERS
Attestation is an independent verification of the effectiveness and
compliance of an organization’s security controls and practices.
What are the benefits of automation and scripting in security operations? -
CORRECT ANSWERS They improve efficiency, enforce policies,
reduce errors, enable automatic responses to threats, and provide audit trails.
What are snapshots and the different types? - CORRECT ANSWERS
Snapshots are system state captures used for data protection. Types include VM
snapshots, filesystem snapshots, and SAN snapshots.
What are Replication and Journaling? - CORRECT ANSWERS
Replication makes copies of data to different locations; journaling tracks data
changes for integrity and availability.
, Remedies for loss of data control in a BYOD scenario? - CORRECT
ANSWERS Use acceptable use policies, data classification labels, and
mobile device management (MDM) solutions.
What is DLP Quarantine? - CORRECT ANSWERS A remediation
method that denies access to a sensitive file, often by encrypting or moving it to
a restricted area.
What is privacy data? - CORRECT ANSWERS Information that
identifies or relates to an individual, such as names, medical records, or social
security numbers.
Difference between privacy and confidential data? - CORRECT ANSWERS
Privacy data pertains to individuals; confidential data can include
organizational secrets like trade secrets.
What is a data subject and their rights under GDPR/CCPA? - CORRECT
ANSWERS A person whose data is processed, with rights to access,
correct, and delete their personal data.
How is data classified for protection? - CORRECT ANSWERS By its
stateâ€"at rest, in motion, in useâ€"allowing tailored security measures.
What is Data Sovereignty? - CORRECT ANSWERS It restricts data
processing/storage to within a specific jurisdiction.
What are types of email threats? - CORRECT ANSWERS Viruses (via
attachments) and phishing (fraudulent messages for data theft).
AND CORRECT ANSWERS
What is vulnerability management? - CORRECT ANSWERS
Vulnerability management involves identifying, evaluating, treating, and
reporting security vulnerabilities in IT systems, often through patching,
configuration hardening, or upgrades. It includes vulnerability scanning to
detect issues like open ports or outdated software.
What is a vulnerability scanner and its function in alerting and monitoring? -
CORRECT ANSWERS A vulnerability scanner monitors and reports
unmitigated vulnerabilities across hosts, highlighting patch or configuration
issues through consolidated results.
What is attestation in cybersecurity assessments? - CORRECT ANSWERS
Attestation is an independent verification of the effectiveness and
compliance of an organization’s security controls and practices.
What are the benefits of automation and scripting in security operations? -
CORRECT ANSWERS They improve efficiency, enforce policies,
reduce errors, enable automatic responses to threats, and provide audit trails.
What are snapshots and the different types? - CORRECT ANSWERS
Snapshots are system state captures used for data protection. Types include VM
snapshots, filesystem snapshots, and SAN snapshots.
What are Replication and Journaling? - CORRECT ANSWERS
Replication makes copies of data to different locations; journaling tracks data
changes for integrity and availability.
, Remedies for loss of data control in a BYOD scenario? - CORRECT
ANSWERS Use acceptable use policies, data classification labels, and
mobile device management (MDM) solutions.
What is DLP Quarantine? - CORRECT ANSWERS A remediation
method that denies access to a sensitive file, often by encrypting or moving it to
a restricted area.
What is privacy data? - CORRECT ANSWERS Information that
identifies or relates to an individual, such as names, medical records, or social
security numbers.
Difference between privacy and confidential data? - CORRECT ANSWERS
Privacy data pertains to individuals; confidential data can include
organizational secrets like trade secrets.
What is a data subject and their rights under GDPR/CCPA? - CORRECT
ANSWERS A person whose data is processed, with rights to access,
correct, and delete their personal data.
How is data classified for protection? - CORRECT ANSWERS By its
stateâ€"at rest, in motion, in useâ€"allowing tailored security measures.
What is Data Sovereignty? - CORRECT ANSWERS It restricts data
processing/storage to within a specific jurisdiction.
What are types of email threats? - CORRECT ANSWERS Viruses (via
attachments) and phishing (fraudulent messages for data theft).
