Latest Update | Graded A+
1. What is the primary purpose of Business Impact Analysis (BIA)?
To create marketing strategies for business growth.
To identify and evaluate the potential effects of disruptions to
business operations.
To analyze financial statements for investment decisions.
To assess employee performance and productivity.
2. Describe the role of threat modeling in enhancing application security.
Threat modeling is used to create marketing strategies for
applications.
Threat modeling focuses solely on user experience design.
Threat modeling helps developers understand vulnerabilities and
implement appropriate security measures.
Threat modeling is irrelevant to application security.
3. What are the three primary cloud service models?
Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and
Software as a Service (SaaS)
Platform as a Service (PaaS), Network as a Service (NaaS), and
Software as a Service (SaaS)
Infrastructure as a Service (IaaS), Database as a Service (DBaaS), and
Software as a Service (SaaS)
Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and
Network as a Service (NaaS)
,4. If a company discovers a zero-day vulnerability in its software, what
immediate action should it take to mitigate potential risks?
Ignore the vulnerability until a patch is released.
Stop all operations until the vulnerability is fixed.
Implement temporary security measures and inform stakeholders
while working on a patch.
Publicly disclose the vulnerability to all users immediately.
5. _____ is a way of temporarily converting data into an unreadable form in order
to protect that data from being viewed by unauthorized individuals.
Authentication
Decryption
Authorization
Encryption
6. What are the key stages of the data lifecycle?
Creation, storage, usage, sharing, archiving, and destruction.
Creation, processing, analysis, reporting, and deletion.
Creation, storage, sharing, and deletion.
Collection, storage, analysis, sharing, and disposal.
7. Describe the main purpose of FERPA in relation to student education
records.
FERPA requires schools to disclose all student records to the public.
FERPA protects the privacy of student education records and grants
rights to parents that transfer to students at age 18.
, FERPA only applies to students in higher education institutions.
FERPA allows schools to share student records with any third party
without consent.
8. Describe how web application security vulnerabilities can impact the SaaS
service model.
Web application security vulnerabilities only affect the performance
of the application.
Web application security vulnerabilities can be completely mitigated
by using encryption.
Web application security vulnerabilities can lead to unauthorized
access, data breaches, and loss of customer trust.
Web application security vulnerabilities are irrelevant in the SaaS
model.
9. Describe how Business Impact Analysis (BIA) contributes to effective risk
management in organizations.
BIA contributes to effective risk management by providing insights
that guide resource allocation and recovery strategies.
BIA focuses solely on financial risks without considering operational
impacts.
BIA is a tool for developing new product lines.
BIA is used to assess employee performance and productivity.
10. Describe how encryption methods contribute to data security.
Encryption methods are used to increase data storage capacity.
Encryption methods secure data by converting it into a coded
format that only authorized parties can read.
, Encryption methods are primarily for data backup purposes.
Encryption methods allow all users to access data freely.
11. What is the primary goal of a defense-in-depth strategy in cybersecurity?
To create a single layer of security defenses
To eliminate all security vulnerabilities
To provide multiple layers of security to mitigate risks
To rely solely on encryption for protection
12. What does the term 'data at rest' refer to?
Data that is transmitted over a network.
Inactive data stored physically in any digital form.
Data that is deleted from storage.
Data that is actively being processed.
13. Describe how personnel threats can impact the IaaS service model.
Personnel threats are mitigated by encryption methods in the IaaS
model.
Personnel threats can lead to unauthorized access and misuse of
resources in the IaaS model.
Personnel threats are irrelevant to the IaaS model as it is fully
automated.
Personnel threats only affect physical data centers, not cloud
services.