ICT Module 12 2024/2025 Exam
Questions and Answers 100%
Guaranteed Success | Already Rated A+
CYBERSECURITY CONCERNS FOR 2022 - 2023 - 🧠ANSWER ✔✔Costly data
breaches and growing privacy concerns
Advanced Persistent Threats
Sophisticated Ransomware
Exploiting AI by Hackers
IoT based events will expand beyond DDoS
Attacks exploiting supply chains
CYBER HARM EXERCISE - 🧠ANSWER ✔✔WHO and WHAT can be harmed such as
individuals, groups, entities.
TAXONOMY OF HARM categorizing it into psychological, physical, or economic.
STAKEHOLDERS and their different priorities and perceptions of harm
MEASURING harm and categorizing into categories such as severe, medium,
low, direct, indirect, etc
MANDATES or who acts upon different types of harm
Page 1 of 22
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER:
619652435. TERMS OF USE. PRIVACY STATEMENT. ALL RIGHTS RESERVED
,CYBER RISK MODELS - 🧠ANSWER ✔✔CISA: Cybersecurity & Infrastructure
Security Agency [cisa.gov]
Mitre ATT&K Framework
ENISA Threat Landscape Report
ISO 27005
Cyber Attack Model and Impact Assessment Component (CAMIAC)
VaRiC -Value at Risk in Cyber Space (WEF)
False alarms - 🧠ANSWER ✔✔• Apparent compromises are not real compromises
• Also called false positives
• Handled by the on-duty staff
• Waste time and may dull vigilance
Different organizations will react accordingly - depending on several factors: -
🧠ANSWER ✔✔• Type of Business
• Data lost
• Time to recover
COOP Exercises - 🧠ANSWER ✔✔• Business rehearse major incidents with
"continuity of operations" (COOP) exercises.
Page 2 of 22
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER:
619652435. TERMS OF USE. PRIVACY STATEMENT. ALL RIGHTS RESERVED
, • In these instances, employees report to an offsite location, as determined by
their employer to attempt to function as a working team, and to attempt to
keep operations functioning.
• Speed of recovery is key here.
• Speedy response can prevent further damage.
• Accuracy of recovery matters as much as speed.
• Take your time quickly!
COOP - 🧠ANSWER ✔✔• Need a policy dictating a process in place for incidents
of varying levels of severity.
• All levels of employees must be involved in exercises
• Complex scenario creation require planning and time
Detection, Analysis and Escalation - 🧠ANSWER ✔✔• Technology or people (or
both) detect an incident
• Need good IDS technology
• All employees must know their role and responsibility for reporting an
incident
Analysis - 🧠ANSWER ✔✔• Must be quick and comprehensive
• Verify incident
• Scope, who/what/where/how of the attack (why can come later!)
Page 3 of 22
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER:
619652435. TERMS OF USE. PRIVACY STATEMENT. ALL RIGHTS RESERVED
Questions and Answers 100%
Guaranteed Success | Already Rated A+
CYBERSECURITY CONCERNS FOR 2022 - 2023 - 🧠ANSWER ✔✔Costly data
breaches and growing privacy concerns
Advanced Persistent Threats
Sophisticated Ransomware
Exploiting AI by Hackers
IoT based events will expand beyond DDoS
Attacks exploiting supply chains
CYBER HARM EXERCISE - 🧠ANSWER ✔✔WHO and WHAT can be harmed such as
individuals, groups, entities.
TAXONOMY OF HARM categorizing it into psychological, physical, or economic.
STAKEHOLDERS and their different priorities and perceptions of harm
MEASURING harm and categorizing into categories such as severe, medium,
low, direct, indirect, etc
MANDATES or who acts upon different types of harm
Page 1 of 22
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER:
619652435. TERMS OF USE. PRIVACY STATEMENT. ALL RIGHTS RESERVED
,CYBER RISK MODELS - 🧠ANSWER ✔✔CISA: Cybersecurity & Infrastructure
Security Agency [cisa.gov]
Mitre ATT&K Framework
ENISA Threat Landscape Report
ISO 27005
Cyber Attack Model and Impact Assessment Component (CAMIAC)
VaRiC -Value at Risk in Cyber Space (WEF)
False alarms - 🧠ANSWER ✔✔• Apparent compromises are not real compromises
• Also called false positives
• Handled by the on-duty staff
• Waste time and may dull vigilance
Different organizations will react accordingly - depending on several factors: -
🧠ANSWER ✔✔• Type of Business
• Data lost
• Time to recover
COOP Exercises - 🧠ANSWER ✔✔• Business rehearse major incidents with
"continuity of operations" (COOP) exercises.
Page 2 of 22
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER:
619652435. TERMS OF USE. PRIVACY STATEMENT. ALL RIGHTS RESERVED
, • In these instances, employees report to an offsite location, as determined by
their employer to attempt to function as a working team, and to attempt to
keep operations functioning.
• Speed of recovery is key here.
• Speedy response can prevent further damage.
• Accuracy of recovery matters as much as speed.
• Take your time quickly!
COOP - 🧠ANSWER ✔✔• Need a policy dictating a process in place for incidents
of varying levels of severity.
• All levels of employees must be involved in exercises
• Complex scenario creation require planning and time
Detection, Analysis and Escalation - 🧠ANSWER ✔✔• Technology or people (or
both) detect an incident
• Need good IDS technology
• All employees must know their role and responsibility for reporting an
incident
Analysis - 🧠ANSWER ✔✔• Must be quick and comprehensive
• Verify incident
• Scope, who/what/where/how of the attack (why can come later!)
Page 3 of 22
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER:
619652435. TERMS OF USE. PRIVACY STATEMENT. ALL RIGHTS RESERVED
