ISACA Cyber Security Fundamentals -
Intro to Cyber Security Objectives
Questions with Accurate Answers
_____________ key systems use pairs of unidirectional complementary keys that
only encrypt or decrypt. correct answer asymmetric
______________ key systems use single secret bidirectional keys that encrypt and
decrypt. correct answer symmetric
- Mitigation
- Analysis
- Communications
are activities associated with correct answer RESPONDING to attacks on digital
assets
-Access Control
Awareness / Training
-Data Security
-Info Protection, Processes and Procedures
are activities associated with........ correct answer PROTECTING digital assets
-Anomalies and Events
-Security Continuous Monitoring
-Detection Processes
,are activities associated with................ correct answer DETECTING attacks on
digital assets
-Asset management
-Business environment
-Governance
-Risk assessment
-Risk Management
are activities associated with......... correct answer IDENTIFYING digital assets
-Recovery Planning
-Communications
-Continuous Improvements
are activities associated with....... correct answer RECOVERING from attacks on
digital assets
5 key functions for protection of digital assets correct answer 1. Identify,
2. Protect,
3. Detect,
4. Respond,
5. Recover
A business impact anaysis (BIA) provides the basis for which of the following:
Service delivery objectives
Maximum tolerable outages
,RPO
RTO correct answer all
A collection of threats is generally referred to as an:
- cyberwarefare
- advanced persistent threat (APT)
- Hacktivism
- Threat environment correct answer - Threat environment
A dynamic packet filtering firewall that tracks the IP address of each packet to
provide controls over the flow of IP traffic. Efficient but complex. correct answer
Stateful inspection firewall
A firewall that has two or more network interfaces, each connected to a different
network. Blocks and filters network traffic. correct answer A dual homed firewall.
A key limitation of anti malware is that it:
is not generally effective for known threats
-is not scalable as internet usage grows
-is complex to administer
-is generally not effective for malicious code yet to be identified correct answer -
is generally not effective for malicious code yet to be identified
A major incident which has grown out of control and increased in severity is
called:
Crisis
, Emergency
Incident
Event correct answer Crisis
A packet filtering router and bastion host together makes what kind of firewall
correct answer Screened host firewall.
A screening router that examines the header of every packet of data traveling
between the internet and the network. The router can then prevent certain
packets from being sent. correct answer Packet filtering firewall
A stateful inspection firewall is also known as:
DMZ
dual homed firewall
screened host firewall
dynamic packet filtering correct answer dynamic packet filtering
A weakness in the design, implementation, operation or internal control of a
process that could expose the system to adverse threats is called:
Risk
Asset
Threat
Vulnerability correct answer Vulnerability
A well defined boundary between the orgainzation and the outside world (even if
virtual) correct answer Security Perimeter
Intro to Cyber Security Objectives
Questions with Accurate Answers
_____________ key systems use pairs of unidirectional complementary keys that
only encrypt or decrypt. correct answer asymmetric
______________ key systems use single secret bidirectional keys that encrypt and
decrypt. correct answer symmetric
- Mitigation
- Analysis
- Communications
are activities associated with correct answer RESPONDING to attacks on digital
assets
-Access Control
Awareness / Training
-Data Security
-Info Protection, Processes and Procedures
are activities associated with........ correct answer PROTECTING digital assets
-Anomalies and Events
-Security Continuous Monitoring
-Detection Processes
,are activities associated with................ correct answer DETECTING attacks on
digital assets
-Asset management
-Business environment
-Governance
-Risk assessment
-Risk Management
are activities associated with......... correct answer IDENTIFYING digital assets
-Recovery Planning
-Communications
-Continuous Improvements
are activities associated with....... correct answer RECOVERING from attacks on
digital assets
5 key functions for protection of digital assets correct answer 1. Identify,
2. Protect,
3. Detect,
4. Respond,
5. Recover
A business impact anaysis (BIA) provides the basis for which of the following:
Service delivery objectives
Maximum tolerable outages
,RPO
RTO correct answer all
A collection of threats is generally referred to as an:
- cyberwarefare
- advanced persistent threat (APT)
- Hacktivism
- Threat environment correct answer - Threat environment
A dynamic packet filtering firewall that tracks the IP address of each packet to
provide controls over the flow of IP traffic. Efficient but complex. correct answer
Stateful inspection firewall
A firewall that has two or more network interfaces, each connected to a different
network. Blocks and filters network traffic. correct answer A dual homed firewall.
A key limitation of anti malware is that it:
is not generally effective for known threats
-is not scalable as internet usage grows
-is complex to administer
-is generally not effective for malicious code yet to be identified correct answer -
is generally not effective for malicious code yet to be identified
A major incident which has grown out of control and increased in severity is
called:
Crisis
, Emergency
Incident
Event correct answer Crisis
A packet filtering router and bastion host together makes what kind of firewall
correct answer Screened host firewall.
A screening router that examines the header of every packet of data traveling
between the internet and the network. The router can then prevent certain
packets from being sent. correct answer Packet filtering firewall
A stateful inspection firewall is also known as:
DMZ
dual homed firewall
screened host firewall
dynamic packet filtering correct answer dynamic packet filtering
A weakness in the design, implementation, operation or internal control of a
process that could expose the system to adverse threats is called:
Risk
Asset
Threat
Vulnerability correct answer Vulnerability
A well defined boundary between the orgainzation and the outside world (even if
virtual) correct answer Security Perimeter
