Time limit: 0
Quiz-summary
0 of 25 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
Information
Cyber Threat Management (CyberTM) Module 1 - 5 Group Test Online
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 25 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- Answered
- Review
-
Question 1 of 25
1. Question
1 pointsA company has had several incidents involving users downloading unauthorized software, using unauthorized websites, and using personal USB devices. The CIO wants to put in place a scheme to manage the user threats. What three things might be put in place to manage the threats? (Choose three.)Correct
Incorrect
Hint
Users may be unaware of their actions if not educated in the reasons why their actions can cause a problem with the computer. By implementing several technical and nontechnical practices, the threat can be reduced. -
Question 2 of 25
2. Question
1 pointsWhich threat is mitigated through user awareness training and tying security awareness to performance reviews?Correct
Incorrect
Hint
Cybersecurity domains provide a framework for evaluating and implementing controls to protect the assets of an organization. Each domain has various countermeasures available to manage threats. -
Question 3 of 25
3. Question
1 pointsWhat is the workforce framework category that includes highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence?Correct
Incorrect
Hint
The “Analyze” category of the workforce framework includes specialty areas responsible for highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness. -
Question 4 of 25
4. Question
1 pointsA breach occurs in a company that processes credit card information. Which industry specific law governs credit card data protection?Correct
Incorrect
Hint
The Payment Card Industry Data Security Standard (PCI DSS) governs how to protect credit card data as merchants and banks exchange transactions. -
Question 5 of 25
5. Question
1 pointsAs part of HR policy in a company, an individual may opt-out of having information shared with any third party other than the employer. Which law protects the privacy of personal shared information?Correct
Incorrect
Hint
The Gramm-Leach-Bliley Act (GLBA) includes privacy provisions for individuals and provides opt-out methods to restrict information sharing with third-party firms. -
Question 6 of 25
6. Question
1 pointsWhat type of network security test can detect and report changes made to network systems?Correct
Incorrect
Hint
Integrity checking is used to detect and report changes made to systems. Vulnerability scanning is used to find weaknesses and misconfigurations on network systems. Network scanning is used to discover available resources on the network. -
Question 7 of 25
7. Question
1 pointsA security professional is asked to perform an analysis of the current state of a company network. What tool would the security professional use to scan the network only for security risks?Correct
Incorrect
Hint
Vulnerability scanners are commonly used to scan for the following vulnerabilities: Use of default passwords or common passwords Missing patches Open ports Misconfiguration of operating systems and software Active IP addresses -
Question 8 of 25
8. Question
1 pointsWhat information does the SIEM network security management tool provide to network administrators?Correct
Incorrect
Hint
SIEM, which is a combination of Security Information Management and Security Event Management products, is used for forensic analysis and provides real-time reporting of security events. -
Question 9 of 25
9. Question
1 pointsWhat type of network security test uses simulated attacks to determine the feasibility of an attack as well as the possible consequences if the attack occurs?Correct
Incorrect
Hint
There are many tests that are used by security specialists to assess the status of a system. They include the following: – penetration testing to determine the feasibility of attacks – network scanning to scan for and identify open TCP ports – integrity checking to check for changes that have occurred in the system – vulnerability scanning to detect potential weaknesses in systems -
Question 10 of 25
10. Question
1 pointsWhat network testing tool would an administrator use to assess and validate system configurations against security policies and compliance standards?Correct
Incorrect
Hint
Tripwire – This tool assesses and validates IT configurations against internal policies, compliance standards, and security best practices. -
Question 11 of 25
11. Question
1 pointsWhich statement describes Trusted Automated Exchange of Indicator Information (TAXII)?Correct
Incorrect
Hint
Trusted Automated Exchange of Indicator Information (TAXII) is the specification for an application layer protocol that allows the communication of CTI over HTTPS. TAXII is designed to support Structured Threat Information Expression (STIX). -
Question 12 of 25
12. Question
1 pointsHow does AIS address a newly discovered threat?Correct
Incorrect
Hint
AIS responds to a new threat as soon as it is recognized by immediately sharing it with U.S. Federal Government and the private sector to help them protect their networks against that particular threat. -
Question 13 of 25
13. Question
1 pointsWhich organization defines unique CVE Identifiers for publicly known information-security vulnerabilities that make it easier to share data?Correct
Incorrect
Hint
The United States government sponsored the MITRE Corporation to create and maintain a catalog of known security threats called Common Vulnerabilities and Exposures (CVE). The CVE serves as a dictionary of common names (i.e., CVE Identifiers) for publicly known cybersecurity vulnerabilities. -
Question 14 of 25
14. Question
1 pointsIn addressing an identified risk, which strategy aims to decrease the risk by taking measures to reduce vulnerability?Correct
Incorrect
Hint
There are four potential strategies for responding to risks that have been identified: Risk avoidance – Stop performing the activities that create risk. Risk reduction – Decrease the risk by taking measures to reduce vulnerability. Risk sharing – Shift some of the risk to other parties. Risk retention – Accept the risk and its consequences. -
Question 15 of 25
15. Question
1 pointsWhich step in the Vulnerability Management Life Cycle determines a baseline risk profile to eliminate risks based on asset criticality, vulnerability threat, and asset classification?Correct
Incorrect
Hint
The steps in the Vulnerability Management Life Cycle include these:Discover – inventory all assets across the network and identify host details, including operating systems and open services, to identify vulnerabilities Prioritize assets – categorize assets into groups or business units, and assign a business value to asset groups based on their criticality to business operations Assess – determine a baseline risk profile to eliminate risks based on asset criticality, vulnerability threats, and asset classification Report – measure the level of business risk associated with assets according to security policies. Document a security plan, monitor suspicious activity, and describe known vulnerabilities. Remediate – prioritize according to business risk and fix vulnerabilities in order of risk Verify – verify that threats have been eliminated through follow-up audits -
Question 16 of 25
16. Question
1 pointsWhen establishing a network profile for an organization, which element describes the time between the establishment of a data flow and its termination?Correct
Incorrect
Hint
A network profile should include some important elements, such as the following: Total throughput – the amount of data passing from a given source to a given destination in a given period of time Session duration – the time between the establishment of a data flow and its termination Ports used – a list of TCP or UDP processes that are available to accept data Critical asset address space – the IP addresses or the logical location of essential systems or data -
Question 17 of 25
17. Question
1 pointsWhich security management plan specifies a component that involves tracking the location and configuration of networked devices and software across an enterprise?Correct
Incorrect
Hint
Asset management involves tracking the location and configuration of networked devices and software across an enterprise. -
Question 18 of 25
18. Question
1 pointsA security analyst is investigating a cyber attack that began by compromising one file system through a vulnerability in a custom software application. The attack now appears to be affecting additional file systems under the control of another security authority. Which CVSS v3.0 base exploitability metric score is increased by this attack characteristic?Correct
Incorrect
Hint
The scope metric is impacted by an exploited vulnerability that can affect resources beyond the authorized privileges of the vulnerable component or that are managed by a different security authority. -
Question 19 of 25
19. Question
1 pointsWhat are the steps in the vulnerability management life cycle?Correct
Incorrect
Hint
There are six steps in the vulnerability management life cycle: Discover Prioritize assets Assess Report Remediate Verify -
Question 20 of 25
20. Question
1 pointsWhy would an organization perform a quantitative risk analysis for network security threats?Correct
Incorrect
Hint
Quantitative risk analysis takes the top threats, assigns a cost value to each threat if it actually occurred, and orders the list from most expensive to least expensive. This priority list allows management to determine where to apply current resources to the threat or threats that would cost the most to the organization. The quantitative risk analysis is based on cost, but this should not be the only criterion applied when, for example, evaluating a system that provides or involves national security. -
Question 21 of 25
21. Question
1 pointsThe team is in the process of performing a risk analysis on the database services. The information collected includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the annual loss expectancy?Correct
Incorrect
Hint
A qualitative or quantitative risk analysis is used to identify and prioritize threats to the organization. -
Question 22 of 25
22. Question
1 pointsBased on the risk management process, what should the cybersecurity team do as the next step when a cybersecurity risk is identified?Correct
Incorrect
Hint
Risk management is a formal process that reduces the impact of threats and vulnerabilities. The process involves four general steps: – Frame the risk – Identify the threats throughout the organization that increase risk. – Assess the risk – Once a risk has been identified, it is assessed and analyzed to determine the severity that the threat poses. – Respond to the risk – Develop an action plan to reduce overall organization risk exposure. Management should rank and prioritize threats and a team determines how to respond to each threat. – Monitor the risk – Continuously review risk reductions due to elimination, mitigation and transfer actions. -
Question 23 of 25
23. Question
1 pointsIn which situation would a detective control be warranted?Correct
Incorrect
Hint
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies. -
Question 24 of 25
24. Question
1 pointsWhich risk mitigation strategies include outsourcing services and purchasing insurance?Correct
Incorrect
Hint
Risk mitigation lessens the exposure of an organization to threats and vulnerabilities by transferring, accepting, avoiding, or taking an action to reduce risk. -
Question 25 of 25
25. Question
1 pointsIn quantitative risk analysis, what term is used to represent the degree of destruction that would occur if an event took place?Correct
Incorrect
Hint
Of the formulas used in quantitative risk analysis, exposure factor is used to estimate the degree of destruction that could occur from an event such as flooding or data entry error.