Cybersecurity Controls, Frameworks,
and Threat Key Concepts and
Practices with Complete Solutions
A biometric system with a high False Rejection Rate (FRR) would likely result in which
of the following? - ANSWER-Frequent failures for legitimate users to authenticate
successfully
A firewall is configured with the following rule: "Deny TCP traffic from any source to port
80 on the internal network." What is the likely purpose of this rule? - ANSWER-To block
incoming web traffic to internal servers
A group releases sensitive internal documents from a major corporation as a protest
against the corporation's labor practices. This attack is best characterized as: -
ANSWER-An act of hacktivism
A self-encrypting drive (SED) primarily offers protection against which type of risk? -
ANSWER-Unauthorized access to data if the physical drive is stolen
A sophisticated cyberattack targets a nation's power grid, causing widespread outages.
When investigated, the attack appears to originate from another nation-state known to
be a rival. However, the rival nation denies involvement. This scenario highlights the
concept of: - ANSWER-Plausible deniability
A threat actor is: - ANSWER-An individual or group that could carry out a security
breach
A threat actor secretly connects a device to a company's physical network, allowing
them to intercept sensitive data. This type of attack is best described as: - ANSWER-
On-path attack
A user receives a call from someone claiming to be from their bank, stating there's
suspicious activity on their account. The caller asks the user to confirm their security
details to "verify" their identity. This is most likely an example of: - ANSWER-
Impersonation and pretexting
According to the NIST Cybersecurity Framework, which function focuses on developing
security policies and evaluating risks? - ANSWER-Identify
Advanced Persistent Threats (APTs) are often associated with nation-state actors
because they: - ANSWER-Focus on long-term infiltration and strategic goals
and Threat Key Concepts and
Practices with Complete Solutions
A biometric system with a high False Rejection Rate (FRR) would likely result in which
of the following? - ANSWER-Frequent failures for legitimate users to authenticate
successfully
A firewall is configured with the following rule: "Deny TCP traffic from any source to port
80 on the internal network." What is the likely purpose of this rule? - ANSWER-To block
incoming web traffic to internal servers
A group releases sensitive internal documents from a major corporation as a protest
against the corporation's labor practices. This attack is best characterized as: -
ANSWER-An act of hacktivism
A self-encrypting drive (SED) primarily offers protection against which type of risk? -
ANSWER-Unauthorized access to data if the physical drive is stolen
A sophisticated cyberattack targets a nation's power grid, causing widespread outages.
When investigated, the attack appears to originate from another nation-state known to
be a rival. However, the rival nation denies involvement. This scenario highlights the
concept of: - ANSWER-Plausible deniability
A threat actor is: - ANSWER-An individual or group that could carry out a security
breach
A threat actor secretly connects a device to a company's physical network, allowing
them to intercept sensitive data. This type of attack is best described as: - ANSWER-
On-path attack
A user receives a call from someone claiming to be from their bank, stating there's
suspicious activity on their account. The caller asks the user to confirm their security
details to "verify" their identity. This is most likely an example of: - ANSWER-
Impersonation and pretexting
According to the NIST Cybersecurity Framework, which function focuses on developing
security policies and evaluating risks? - ANSWER-Identify
Advanced Persistent Threats (APTs) are often associated with nation-state actors
because they: - ANSWER-Focus on long-term infiltration and strategic goals
