Skip to main content
Workforce LibreTexts

4.5: Assessment

  • Page ID
    4353
  • \( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \) \( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)\(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\) \(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\)

    True/False

    Indicate whether the statement is true or false.

    ____ 1. NIST developed the Cybersecurity Framework as a mandatory set of standards to manage risks to critical infrastructure.

    ____ 2. Risk tolerance is the acceptable level of risk a company is willing to take.

     

    Multiple Choice

    Identify the choice that best completes the statement or answers the question.

    ____ 3. Which of the following is not considered a basic security service?

    a. Confidentiality c. Integrity
    b. Authentication d. Network Security

     

    ____ 4. All of the following are standards defined in the NERC CIP standards, except:

    a. Personnel and Training c. Authentication and Access Controls
    b. Sabotage Reporting d. Recovery Plans for Critical Cyber Assets

     

    ____ 5. Continuous Monitoring activities occur under which Framework Core activity?

    a. Identify c. Respond
    b. Detect d. Protect

     

    ____ 6. An impact analysis is a part of which step in the risk management process?

    a. Risk control c. Risk identification
    b. Risk assessment d. Risk mitigation

     

    ____ 7. Which risk handling method reduces the likelihood of the risk occurring to as low as zero?

    a. Mitigation c. Transference
    b. Avoidance d. Acceptance

     

    Multiple Response

    Select all the choices that apply.

    ____ 8. Which of the following are a part of the Framework Processes?

    a. Framework Profile c. Framework Implementation Tiers
    b. Framework Drivers d. Framework Core Functions

     

    Completion

    Complete each sentence.

    9. The Framework ________________ provide background on how an organization views cybersecurty risk and the processes that are in place to manage that risk.

    10. ____________________ is defined as the process of identifying vulnerabilities and taking carefully reasoned steps to ensure the confidentiality, integrity, and availabiliity of the information system.

     

     

     

     

    For the answers to these questions, email your name, the name of your college or other institution, and your position there toinfo@cyberwatchwest.org. CyberWatch West will email you a copy of the answer key.


    4.5: Assessment is shared under a CC BY license and was authored, remixed, and/or curated by LibreTexts.

    • Was this article helpful?