Introduction to Cybersecurity Module 4: Protecting the Organization Quiz Answers
1. What is the correct definition of risk management?
- The process of transferring risks that cannot be eliminated or mitigated
- The process of identifying and assessing risk to determine the severity of threats
- The process of accepting risks that cannot be eliminated, mitigated or transferred
- The process of identifying and assessing risk to reduce the impact of threats and vulnerabilities
2. Which of the following tools can be used to provide a list of open ports on network devices?
- Ping
- Tracert
- Nmap
- Whois
3. Which of the following tools can perform real-time traffic and port analysis, and can also detect port scans, fingerprinting and buffer overflow attacks?
- NetFlow
- SIEM
- Nmap
- Snort
4. ‘Today, there are single security appliances that will solve all the network security needs of an organization.’
Is this statement true or false?
- True
- False
5. What name is given to a device that controls or filters traffic going in or out of the network?
- Router
- VPN
- Firewall
- IPS
6. What tool can identify malicious traffic by comparing packet contents to known attack signatures?
- IDS
- Zenmap
- Nmap
- NetFlow
7. What protocol is used to collect information about traffic traversing a network?
- HTTPS
- NetFlow
- Telnet
- NAT
8. Behavior-based analysis involves using baseline information to detect what?
- Risk
- Anomalies
- Backdoors
- Vulnerabilities
9. What is the last stage of a pen test?
- Scanning
- Analysis and reporting
- Gathering target information
- Maintaining access
10. ‘With careful planning and consideration, some risks can be completely eliminated.’
Is this statement true or false?
- True
- False
11. What is a security playbook?
- A collection of security alerts, logs and historical data from the network
- A collection of repeatable queries or reports that outline a standardized process for incident detection and response
- A step-by-step guide on how to carry out IT-related procedures
12. What is the main aim of a Cyber Security Incident Response Team (CSIRT)?
- To help client organizations improve their incident management capabilities
- To help ensure organization, system and data preservation by performing investigations into computer security incidents
- To enforce access to network resources by creating role-based control policies
- To provide guidance on the implementation of safeguards and personnel training
13. How do Cisco ISE and TrustSec work?
- They stop sensitive data from being stolen or escaping a network
- They enforce access to network resources by creating role-based access control policies
- They block network traffic based on a positive rule or signature match
14. The risk management process consists of four steps. Can you put these in the right order?
- Frame the risk
- Assess the risk
- Respond to the risk
- Monitor the risk
what is the last stage of the Cyber Kill Chain framewrok
They added a new question and this is the order to the answer:
The risk management process consists of four steps. Can you put these in the right order?
Thank you so much
How do Cisco ISE and TrustSec work?
They enforce access to network resources by creating role-based access control policies
They stop sensitive data from being stolen or escaping a network
They block network traffic based on a positive rule or signature match
The correct answer is – They enforce access to network resurces by creating role-based access control policies.