FedVTE Enterprise Cybersecurity Operations question with
answers
The acronym VPN stands for: - -Virtual Private Network
-Executives are responsible for managing and overseeing enterprise risk management. - -True
-The internal audit department is investigating a possible accounting breach. One of the auditors is sent
to interview the following employees: Employee A works in the accounts receivable office and is in
charge of entering data into the finance system; Employee B works in the accounts payable office and is
in charge of approving purchase orders; Employee C is the manager of the finance department,
supervises Employee A and Employee B, and can perform the functions of both Employee A and
Employee B. Which of the following should the auditor suggest be done to avoid future security
breaches? - -The manager should only be able to review the data and approve purchase orders.
-An electrical utility has employed a consultant to perform a controls assessment of the personnel
system, backend business operations, and the SCADA system used in their facility. Which of the
following correctly states the risk management options that the consultant should use during the
assessment? - -Avoid, transfer, mitigate, and accept.
-The acronym SOA stands for: - -Statement of Applicability
-Which of the following are steps in the risk management process? - -All of the Above
-Cybersecurity should be involved throughout the entire system development life cycle. - -True
-A Physical Security Manager is ready to replace 30 analog surveillance cameras with IP cameras with
built in web management. There are several security guard desks on different networks that must be
able to view the cameras without unauthorized people viewing the video as well. The selected IP camera
vendor does not have the ability to authenticate users at the camera level. Which of the following
should be used to BEST secure this environment? - -Create an IP camera network and deploy a proxy to
authenticate users prior to accessing the cameras.
answers
The acronym VPN stands for: - -Virtual Private Network
-Executives are responsible for managing and overseeing enterprise risk management. - -True
-The internal audit department is investigating a possible accounting breach. One of the auditors is sent
to interview the following employees: Employee A works in the accounts receivable office and is in
charge of entering data into the finance system; Employee B works in the accounts payable office and is
in charge of approving purchase orders; Employee C is the manager of the finance department,
supervises Employee A and Employee B, and can perform the functions of both Employee A and
Employee B. Which of the following should the auditor suggest be done to avoid future security
breaches? - -The manager should only be able to review the data and approve purchase orders.
-An electrical utility has employed a consultant to perform a controls assessment of the personnel
system, backend business operations, and the SCADA system used in their facility. Which of the
following correctly states the risk management options that the consultant should use during the
assessment? - -Avoid, transfer, mitigate, and accept.
-The acronym SOA stands for: - -Statement of Applicability
-Which of the following are steps in the risk management process? - -All of the Above
-Cybersecurity should be involved throughout the entire system development life cycle. - -True
-A Physical Security Manager is ready to replace 30 analog surveillance cameras with IP cameras with
built in web management. There are several security guard desks on different networks that must be
able to view the cameras without unauthorized people viewing the video as well. The selected IP camera
vendor does not have the ability to authenticate users at the camera level. Which of the following
should be used to BEST secure this environment? - -Create an IP camera network and deploy a proxy to
authenticate users prior to accessing the cameras.
