1
SEC530 Questions with Answers (100% Correct
Answers)
Where is the perimeter of a network? Answer: The host that
communicate with the least resistance.
Compliance is a critical subcomponent of: Answer: Security
CIST Cyber Security Framework (CSF) Core Functions Answer: Identify,
Protect, Detect. Respond and Recover
Executive Communicate: Answer: Mission priorities, avaliable resources,
and overall risk tolerances
Businesses/Process Communicate: Answer: Input into the risk
management process and collaborates with implementation
Implementation/Operations Communicate: Answer: Communicates
profile implementation profile
Do preventative controls fail? Answer: Yes, in the face of a persistent
adversary
Purple Teaming Answer: Red and Blue
© 2025 All rights reserved
, 2
Governance Answer: What is the overall stance on defending against
cybersecurity? Is the focus compliance or defending against APT's?
Operations Answer: How integrated is cybersecurity staff? Are proactive
controls in place or are they reactive?
Architecture and Engineering Answer: How well defined and integrated
with mission operations are the organizations security architecture? Are
capabilities focused on some or all of the CSF?
ATT&CK Answer: (Adversarial Tactics, Techniques, and Common
Knowledge) A knowledge base maintained by the MITRE Corporation
for listing and explaining specific adversary tactics, techniques, and
procedures.
Tool: Navigator Answer: Open source tool to visualize attacker tactics,
techniques, and procedures (TTP) to identify how your defenses are
doing against the ATT&CK matrix.
Tool: DETT&CT Answer: Open source tool that visualizes the
connections to ATT&CK
Pivot Answer: An attack from one system to another
© 2025 All rights reserved
SEC530 Questions with Answers (100% Correct
Answers)
Where is the perimeter of a network? Answer: The host that
communicate with the least resistance.
Compliance is a critical subcomponent of: Answer: Security
CIST Cyber Security Framework (CSF) Core Functions Answer: Identify,
Protect, Detect. Respond and Recover
Executive Communicate: Answer: Mission priorities, avaliable resources,
and overall risk tolerances
Businesses/Process Communicate: Answer: Input into the risk
management process and collaborates with implementation
Implementation/Operations Communicate: Answer: Communicates
profile implementation profile
Do preventative controls fail? Answer: Yes, in the face of a persistent
adversary
Purple Teaming Answer: Red and Blue
© 2025 All rights reserved
, 2
Governance Answer: What is the overall stance on defending against
cybersecurity? Is the focus compliance or defending against APT's?
Operations Answer: How integrated is cybersecurity staff? Are proactive
controls in place or are they reactive?
Architecture and Engineering Answer: How well defined and integrated
with mission operations are the organizations security architecture? Are
capabilities focused on some or all of the CSF?
ATT&CK Answer: (Adversarial Tactics, Techniques, and Common
Knowledge) A knowledge base maintained by the MITRE Corporation
for listing and explaining specific adversary tactics, techniques, and
procedures.
Tool: Navigator Answer: Open source tool to visualize attacker tactics,
techniques, and procedures (TTP) to identify how your defenses are
doing against the ATT&CK matrix.
Tool: DETT&CT Answer: Open source tool that visualizes the
connections to ATT&CK
Pivot Answer: An attack from one system to another
© 2025 All rights reserved
