Wgu C795- Cybersecurity Management II (Tactical)|166 Questions with 100% Correct Answers | Verified | Latest Update |

What is a vulnerability? - ️️a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source. What is a penetration test? - ️️a simulated cyber attack against your systems or company What are the typical steps for a vulnerability test? - ️️Identify asset classification list, identify vulnerabilities, test assets against vulnerabilities, and recommend solutions to either eliminate or mitigate vulnerabilities What is the first thing an organization should do before defining security requirements? - ️️To define security requirements, first an organization must define its risk appetite. What is defense in depth? - ️️defense-in-depth principle; it is by adding relevant layer of controls (e.g., access control, encryption, and monitoring) that the expected level of protection is achieved. What are COTS applications? - ️️Applications developed by vendors and installed on the organization's information systems. These applications are usually purchased outright by organizations with usage based on licensing agreements. What are SaaS applications? - ️️Applications developed by service providers or vendors and installed on the provider or vendor information system. Organizations typically have an on-demand or pay-per-usage metrics. What is the goal of a security test? - ️️Verify that a control is functioning properly.