Cybersec precourse assessment
law - ✔✔The city of Grampon wants to ensure that all of its citizens are protected from malware, so
the city council creates a rule that anyone caught creating and launching malware within the city limits
will receive a fine and go to jail. What kind of rule is this? (D1, L1.4.1
%
risk tolerance - ✔✔Phrenal is selling a used laptop in an online auction. Phrenal has estimated the
value of the laptop to be $100, but has seen other laptops of similar type and quality sell for both
more and less than that amount. Phrenal hopes that the laptop will sell for $100 or more, but is
prepared to take less for it if nobody bids that amount. This is an example of ___________. (D1,
L1.2.2)
0
Explain the style and format of the questions, but no detail - ✔✔Zarma is an (ISC)² member and a
security analyst for Triffid Corporation. One of Zarma's colleagues is interested in getting an (ISC)2
certification and asks Zarma what the test questions are like. What should Zarma do? (D1, L1.5.1)
A laptop with sensitive data on it - ✔✔Of the following, which would probably not be considered a
0
threat? (D1, L1.2.1)
D)
disclose the relationship, but recommend the vendor/product - ✔✔Hoshi is an (ISC)2 member who
1
works for the Triffid Corporation as a data manager. Triffid needs a new firewall solution, and Hoshi is
asked to recommend a product for Triffid to acquire and implement. Hoshi's cousin works for a firewall
vendor; that vendor happens to make the best firewall available. What should Hoshi do? (D1, L1.5.1)
Procedure - ✔✔A vendor sells a particular operating system (OS). In order to deploy the OS
securely on different platforms, the vendor publishes several sets of instructions on how to install it,
depending on which platform the customer is using. This is an example of a ________. (D1, L1.4.2)
Pay the parking ticket - ✔✔Siobhan is an (ISC)² member who works for Triffid Corporation as a
security analyst. Yesterday, Siobhan got a parking ticket while shopping after work. What should
Siobhan do? (D1, L1.5.1)
Standard - ✔✔(ISC)² publishes a Common Body of Knowledge (CBK) that IT security practitioners
should be familiar with; this is recognized throughout the industry as a set of material that is useful for
practitioners to refer to. Certifications can be issued for demonstrating expertise in this Common Body
of Knowledge. What kind of document is the Common Body of Knowledge? (D1, L1.4.1)
Policy, standard - ✔✔The senior leadership of Triffid Corporation decides that the best way to
minimize liability for the company is to demonstrate the company's commitment to adopting best
, practices recognized throughout the industry. Triffid management issues a document that explains
that Triffid will follow the best practices published by SANS, an industry body that addresses
computer and information security.
The Triffid document is a ______, and the SANS documents are ________. (D1, L1.4.2)
Anyone - ✔✔Within the organization, who can identify risk? (D1, L1.2.2)
%
The file that contains passwords used to authenticate users - ✔✔For which of the following assets is
integrity probably the most important security aspect? (D1, L1.1.1
The General Data Protection Regulation - ✔✔The European Union (EU) law that grants legal
protections to individual human privacy. (D1, L1.1.1)
0
Physical - ✔✔Druna is a security practitioner tasked with ensuring that laptops are not stolen from
the organization's offices. Which sort of security control would probably be best for this purpose? (D1,
L1.3.1)
0
Physical - ✔✔A bollard is a post set securely in the ground in order to prevent a vehicle from
entering an area or driving past a certain point. Bollards are an example of ______ controls. (D1,
L1.3.1)
1
Inform (ISC)² - ✔✔Glen is an (ISC)² member. Glen receives an email from a company offering a set
of answers for an (ISC)² certification exam. What should Glen do? (D1, L1.5.1)
Administrative - ✔✔Triffid Corporation has a policy that all employees must receive security
awareness instruction before using email; the company wants to make employees aware of potential
phishing attempts that the employees might receive via email. What kind of control is this instruction?
(D1, L1.3.1)
A photograph of your face - ✔✔Which of the following is an example of a "something you are"
authentication factor? (D1, L1.1.1)
Law, procedure - ✔✔Grampon municipal code requires that all companies that operate within city
limits will have a set of processes to ensure employees are safe while working with hazardous
materials. Triffid Corporation creates a checklist of activities employees must follow while working
with hazardous materials inside Grampon city limits. The municipal code is a ______, and the Triffid
checklist is a ________. (D1, L1.4.2
Administrative - ✔✔Preenka works at an airport. There are red lines painted on the ground next to
the runway; Preenka has been instructed that nobody can step or drive across a red line unless they
law - ✔✔The city of Grampon wants to ensure that all of its citizens are protected from malware, so
the city council creates a rule that anyone caught creating and launching malware within the city limits
will receive a fine and go to jail. What kind of rule is this? (D1, L1.4.1
%
risk tolerance - ✔✔Phrenal is selling a used laptop in an online auction. Phrenal has estimated the
value of the laptop to be $100, but has seen other laptops of similar type and quality sell for both
more and less than that amount. Phrenal hopes that the laptop will sell for $100 or more, but is
prepared to take less for it if nobody bids that amount. This is an example of ___________. (D1,
L1.2.2)
0
Explain the style and format of the questions, but no detail - ✔✔Zarma is an (ISC)² member and a
security analyst for Triffid Corporation. One of Zarma's colleagues is interested in getting an (ISC)2
certification and asks Zarma what the test questions are like. What should Zarma do? (D1, L1.5.1)
A laptop with sensitive data on it - ✔✔Of the following, which would probably not be considered a
0
threat? (D1, L1.2.1)
D)
disclose the relationship, but recommend the vendor/product - ✔✔Hoshi is an (ISC)2 member who
1
works for the Triffid Corporation as a data manager. Triffid needs a new firewall solution, and Hoshi is
asked to recommend a product for Triffid to acquire and implement. Hoshi's cousin works for a firewall
vendor; that vendor happens to make the best firewall available. What should Hoshi do? (D1, L1.5.1)
Procedure - ✔✔A vendor sells a particular operating system (OS). In order to deploy the OS
securely on different platforms, the vendor publishes several sets of instructions on how to install it,
depending on which platform the customer is using. This is an example of a ________. (D1, L1.4.2)
Pay the parking ticket - ✔✔Siobhan is an (ISC)² member who works for Triffid Corporation as a
security analyst. Yesterday, Siobhan got a parking ticket while shopping after work. What should
Siobhan do? (D1, L1.5.1)
Standard - ✔✔(ISC)² publishes a Common Body of Knowledge (CBK) that IT security practitioners
should be familiar with; this is recognized throughout the industry as a set of material that is useful for
practitioners to refer to. Certifications can be issued for demonstrating expertise in this Common Body
of Knowledge. What kind of document is the Common Body of Knowledge? (D1, L1.4.1)
Policy, standard - ✔✔The senior leadership of Triffid Corporation decides that the best way to
minimize liability for the company is to demonstrate the company's commitment to adopting best
, practices recognized throughout the industry. Triffid management issues a document that explains
that Triffid will follow the best practices published by SANS, an industry body that addresses
computer and information security.
The Triffid document is a ______, and the SANS documents are ________. (D1, L1.4.2)
Anyone - ✔✔Within the organization, who can identify risk? (D1, L1.2.2)
%
The file that contains passwords used to authenticate users - ✔✔For which of the following assets is
integrity probably the most important security aspect? (D1, L1.1.1
The General Data Protection Regulation - ✔✔The European Union (EU) law that grants legal
protections to individual human privacy. (D1, L1.1.1)
0
Physical - ✔✔Druna is a security practitioner tasked with ensuring that laptops are not stolen from
the organization's offices. Which sort of security control would probably be best for this purpose? (D1,
L1.3.1)
0
Physical - ✔✔A bollard is a post set securely in the ground in order to prevent a vehicle from
entering an area or driving past a certain point. Bollards are an example of ______ controls. (D1,
L1.3.1)
1
Inform (ISC)² - ✔✔Glen is an (ISC)² member. Glen receives an email from a company offering a set
of answers for an (ISC)² certification exam. What should Glen do? (D1, L1.5.1)
Administrative - ✔✔Triffid Corporation has a policy that all employees must receive security
awareness instruction before using email; the company wants to make employees aware of potential
phishing attempts that the employees might receive via email. What kind of control is this instruction?
(D1, L1.3.1)
A photograph of your face - ✔✔Which of the following is an example of a "something you are"
authentication factor? (D1, L1.1.1)
Law, procedure - ✔✔Grampon municipal code requires that all companies that operate within city
limits will have a set of processes to ensure employees are safe while working with hazardous
materials. Triffid Corporation creates a checklist of activities employees must follow while working
with hazardous materials inside Grampon city limits. The municipal code is a ______, and the Triffid
checklist is a ________. (D1, L1.4.2
Administrative - ✔✔Preenka works at an airport. There are red lines painted on the ground next to
the runway; Preenka has been instructed that nobody can step or drive across a red line unless they
