5.7: Review Questions

Last updated
Save as PDF

Page ID: 45574

\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

\( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)

\( \newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\)

( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\)

\( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\)

\( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\)

\( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\)

\( \newcommand{\Span}{\mathrm{span}}\)

\( \newcommand{\id}{\mathrm{id}}\)

\( \newcommand{\Span}{\mathrm{span}}\)

\( \newcommand{\kernel}{\mathrm{null}\,}\)

\( \newcommand{\range}{\mathrm{range}\,}\)

\( \newcommand{\RealPart}{\mathrm{Re}}\)

\( \newcommand{\ImaginaryPart}{\mathrm{Im}}\)

\( \newcommand{\Argument}{\mathrm{Arg}}\)

\( \newcommand{\norm}[1]{\| #1 \|}\)

\( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\)

\( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\AA}{\unicode[.8,0]{x212B}}\)

\( \newcommand{\vectorA}[1]{\vec{#1}} % arrow\)

\( \newcommand{\vectorAt}[1]{\vec{\text{#1}}} % arrow\)

\( \newcommand{\vectorB}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

\( \newcommand{\vectorC}[1]{\textbf{#1}} \)

\( \newcommand{\vectorD}[1]{\overrightarrow{#1}} \)

\( \newcommand{\vectorDt}[1]{\overrightarrow{\text{#1}}} \)

\( \newcommand{\vectE}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash{\mathbf {#1}}}} \)

\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

\( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)

\(\newcommand{\avec}{\mathbf a}\) \(\newcommand{\bvec}{\mathbf b}\) \(\newcommand{\cvec}{\mathbf c}\) \(\newcommand{\dvec}{\mathbf d}\) \(\newcommand{\dtil}{\widetilde{\mathbf d}}\) \(\newcommand{\evec}{\mathbf e}\) \(\newcommand{\fvec}{\mathbf f}\) \(\newcommand{\nvec}{\mathbf n}\) \(\newcommand{\pvec}{\mathbf p}\) \(\newcommand{\qvec}{\mathbf q}\) \(\newcommand{\svec}{\mathbf s}\) \(\newcommand{\tvec}{\mathbf t}\) \(\newcommand{\uvec}{\mathbf u}\) \(\newcommand{\vvec}{\mathbf v}\) \(\newcommand{\wvec}{\mathbf w}\) \(\newcommand{\xvec}{\mathbf x}\) \(\newcommand{\yvec}{\mathbf y}\) \(\newcommand{\zvec}{\mathbf z}\) \(\newcommand{\rvec}{\mathbf r}\) \(\newcommand{\mvec}{\mathbf m}\) \(\newcommand{\zerovec}{\mathbf 0}\) \(\newcommand{\onevec}{\mathbf 1}\) \(\newcommand{\real}{\mathbb R}\) \(\newcommand{\twovec}[2]{\left[\begin{array}{r}#1 \\ #2 \end{array}\right]}\) \(\newcommand{\ctwovec}[2]{\left[\begin{array}{c}#1 \\ #2 \end{array}\right]}\) \(\newcommand{\threevec}[3]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \end{array}\right]}\) \(\newcommand{\cthreevec}[3]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \end{array}\right]}\) \(\newcommand{\fourvec}[4]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \\ #4 \end{array}\right]}\) \(\newcommand{\cfourvec}[4]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \\ #4 \end{array}\right]}\) \(\newcommand{\fivevec}[5]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \\ #4 \\ #5 \\ \end{array}\right]}\) \(\newcommand{\cfivevec}[5]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \\ #4 \\ #5 \\ \end{array}\right]}\) \(\newcommand{\mattwo}[4]{\left[\begin{array}{rr}#1 \amp #2 \\ #3 \amp #4 \\ \end{array}\right]}\) \(\newcommand{\laspan}[1]{\text{Span}\{#1\}}\) \(\newcommand{\bcal}{\cal B}\) \(\newcommand{\ccal}{\cal C}\) \(\newcommand{\scal}{\cal S}\) \(\newcommand{\wcal}{\cal W}\) \(\newcommand{\ecal}{\cal E}\) \(\newcommand{\coords}[2]{\left\{#1\right\}_{#2}}\) \(\newcommand{\gray}[1]{\color{gray}{#1}}\) \(\newcommand{\lgray}[1]{\color{lightgray}{#1}}\) \(\newcommand{\rank}{\operatorname{rank}}\) \(\newcommand{\row}{\text{Row}}\) \(\newcommand{\col}{\text{Col}}\) \(\renewcommand{\row}{\text{Row}}\) \(\newcommand{\nul}{\text{Nul}}\) \(\newcommand{\var}{\text{Var}}\) \(\newcommand{\corr}{\text{corr}}\) \(\newcommand{\len}[1]{\left|#1\right|}\) \(\newcommand{\bbar}{\overline{\bvec}}\) \(\newcommand{\bhat}{\widehat{\bvec}}\) \(\newcommand{\bperp}{\bvec^\perp}\) \(\newcommand{\xhat}{\widehat{\xvec}}\) \(\newcommand{\vhat}{\widehat{\vvec}}\) \(\newcommand{\uhat}{\widehat{\uvec}}\) \(\newcommand{\what}{\widehat{\wvec}}\) \(\newcommand{\Sighat}{\widehat{\Sigma}}\) \(\newcommand{\lt}{<}\) \(\newcommand{\gt}{>}\) \(\newcommand{\amp}{&}\) \(\definecolor{fillinmathshade}{gray}{0.9}\)

What principle primarily concerns protecting information from unauthorized access, modification, or deletion?

data encryption
information security
information privacy
user authentication

2 .

What type of attack manipulates the Domain Name System (DNS) to redirect a website’s traffic to a different IP address?

phishing
spoofing
man-in-the-middle
brute-force attack

What type of social engineering attack appears as a trustworthy entity in digital communication but steals user data, such as login credentials and financial information?

spoofing
hacking
identity theft
phishing

4 .

What authentication mechanism is the most secure?

username and password
two-factor authentication
multi factor authentication
biometric verification

What is the purpose of role-based access control (RBAC) in network security?

to monitor and filter outgoing internet traffic
to prevent data loss through email and web applications
to ensure users have access only to the resources necessary for their roles
to encrypt data transmissions over the network

6 .

Why are regular penetration tests important for maintaining organizational security?

They help in training IT staff on how to respond to media inquiries.
They allow for constant updating of the company website’s content.
They enable the identification and remediation of early vulnerabilities.
They are a regulatory requirement for all businesses.

What is the cyber safety significance of applying regular software updates and patches?

They maintain the software’s compatibility with new hardware.
They often add new features to the software.
They address identified security vulnerabilities to prevent exploits.
They are mainly for aesthetic improvements to the user interface.

8 .

How does ethical hacking differ from malicious hacking?

Ethical hacking is performed without the permission of the target entity.
Ethical hacking is intended to strengthen systems, not to harm them.
Ethical hacking does not require a deep understanding of IT systems.
There is no real difference; all hacking is considered unethical.

What is the purpose of antivirus software?

to increase the speed of the computer’s processor
to protect against known threats and analyze system behavior to detect new threats
to manage the organization’s email server
to offer technical support for software developers

10 .

What is the primary aim of a distributed denial-of-service (DDoS) attack?

modifying unauthorized data
disrupting the availability of a target’s network resources
gaining unauthorized access to secure data
causing physical damage to the network infrastructure

11.

What is a key process of an effective information security risk management (ISRM) strategy?

periodic security training
continuous monitoring
single-layer security
annual risk assessments

12 .

COBIT5 is an example of what type of ISRM resource?

a compliance framework
a risk management plan
a network security protocol
an incident response system

13.

What organization is well known for developing standards and frameworks like COBIT to support compliance with ISRM practices?

IEEE
ISO
ISACA
NIST

14 .

What is the first step in developing a comprehensive risk management plan?

identifying risks
implementing controls
assessing risks
establishing the context

15.

Why is continuous monitoring in an ISRM strategy important?

It allows for one-time setup of complete security controls.
It helps eliminate all cyber risks.
It ensures security measures are effective over time against evolving threats.
It provides a static security environment.

16 .

Why is it important to integrate continuous monitoring with other security processes?

to ensure compliance with COBIT5 only
to guarantee zero risk posture
to reduce the need for security training
to maintain a comprehensive approach to organizational security

17.

Who is responsible for implementing security measures to protect an organization’s data and ensuring that these measures are aligned with regulatory requirements?

security consultant
compliance analyst
security software developer
threat intelligence analyst

18 .

What role does continuous learning play in the field of cybersecurity?

to stay updated with the latest cybersecurity trends and technologies
to maintain a static skill set over time
to focus solely on traditional cybersecurity methods
to decrease the need for professional certifications

19.

In the context of cybersecurity, what does the term “digital trust” primarily refer to?

the encryption standards used in digital communications
the confidence stakeholders place in an organization’s ability to secure data and systems
the digital certificates used for website authentication
the trustworthiness of digital signatures

20 .

What is a significant cybersecurity challenge posed by the rise of cloud computing?

simplified IT infrastructure
decreased data storage needs
unique risks such as data breaches, unauthorized access, and compromised integrity of shared resources
reduced need for network security

21.

In which type of organization would a Certified Information Security Manager (CISM) certification be especially beneficial for career advancement?

tech start-ups
government agencies
financial institutions
nonprofit organizations

22 .

Which role is essential for creating strategies to protect against large-scale cyber threats and managing an organization’s overall cybersecurity posture?

network security administrator
chief information security officer (CISO)
IT support technician
cybersecurity legal advisor

Search

Text Color

Text Size

Margin Size

Font Type