Module 4: Protecting the Organization Quiz Answers

Introduction to Cybersecurity Module 4: Protecting the Organization Quiz Answers

1. What is the correct definition of risk management?

The process of transferring risks that cannot be eliminated or mitigated
The process of identifying and assessing risk to determine the severity of threats
The process of accepting risks that cannot be eliminated, mitigated or transferred
The process of identifying and assessing risk to reduce the impact of threats and vulnerabilities

Explanation: Risk management is the formal process of continuously identifying and assessing risk in an effort to reduce the impact of threats and vulnerabilities.

2. Which of the following tools can be used to provide a list of open ports on network devices?

Ping
Tracert
Nmap
Whois

3. Which of the following tools can perform real-time traffic and port analysis, and can also detect port scans, fingerprinting and buffer overflow attacks?

NetFlow
SIEM
Nmap
Snort

4. ‘Today, there are single security appliances that will solve all the network security needs of an organization.’
Is this statement true or false?

True
False

Explanation: There is no single security appliance or piece of technology that will solve all the network security needs in an organization.

5. What name is given to a device that controls or filters traffic going in or out of the network?

Router
VPN
Firewall
IPS

Explanation: A firewall is designed to control or filter which communications are allowed in and which are allowed out of a device or network.

6. What tool can identify malicious traffic by comparing packet contents to known attack signatures?

IDS
Zenmap
Nmap
NetFlow

Explanation: An email message is transmitted in plain text and can be read by anyone who has access to the data while it is en route to a destination. Patient records include confidential or sensitive information that should be transmitted in a secure manner.

7. What protocol is used to collect information about traffic traversing a network?

HTTPS
NetFlow
Telnet
NAT

Explanation: NetFlow technology is used to gather information about data flowing through a network, including who and what devices are in the network, and when and how users and devices access the network.

8. Behavior-based analysis involves using baseline information to detect what?

Risk
Anomalies
Backdoors
Vulnerabilities

9. What is the last stage of a pen test?

Scanning
Analysis and reporting
Gathering target information
Maintaining access

Explanation: The pen tester will provide feedback via a report that recommends updates to products, policies and training to improve an organization’s security.

10. ‘With careful planning and consideration, some risks can be completely eliminated.’
Is this statement true or false?

True
False

11. What is a security playbook?

A collection of security alerts, logs and historical data from the network
A collection of repeatable queries or reports that outline a standardized process for incident detection and response
A step-by-step guide on how to carry out IT-related procedures

12. What is the main aim of a Cyber Security Incident Response Team (CSIRT)?

To help client organizations improve their incident management capabilities
To help ensure organization, system and data preservation by performing investigations into computer security incidents
To enforce access to network resources by creating role-based control policies
To provide guidance on the implementation of safeguards and personnel training

13. How do Cisco ISE and TrustSec work?

They stop sensitive data from being stolen or escaping a network
They enforce access to network resources by creating role-based access control policies
They block network traffic based on a positive rule or signature match

14. The risk management process consists of four steps. Can you put these in the right order?