ISYS3439 - Cyber GRC

ISYS3439 - Cyber GRC

University

26 Qs

quiz-placeholder

Similar activities

Financial Management - Unit:1

Financial Management - Unit:1

University

25 Qs

Chapter 1 Enterprise Information Systems

Chapter 1 Enterprise Information Systems

University

22 Qs

CBT Revision

CBT Revision

University

27 Qs

2p-BIS & OECD-Int.Org._2024

2p-BIS & OECD-Int.Org._2024

University

24 Qs

Marketing Management

Marketing Management

University

23 Qs

Final Exam ATS

Final Exam ATS

University

27 Qs

IT Audit and Control

IT Audit and Control

University

21 Qs

Risk Assessment - Risk Control [REVIEW]

Risk Assessment - Risk Control [REVIEW]

University

25 Qs

ISYS3439 - Cyber GRC

ISYS3439 - Cyber GRC

Assessment

Quiz

Other

University

Hard

Created by

Nebs P

Used 10+ times

FREE Resource

26 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

20 sec • 5 pts

The CIA triad is a prominent information security model defining which three central aspects of information security?

Confidentiality, integrity, and accountability

Classification, integrity, and accountability

Confidentiality, identity, and accessibility

Confidentiality, integrity, and availability

2.

MULTIPLE CHOICE QUESTION

20 sec • 5 pts

Which of vulnerability, threat, and risk would be assessed by likelihood and impact?

Vulnerability

Threat

Risk

All 3

3.

MULTIPLE CHOICE QUESTION

20 sec • 5 pts

What are the 5 major stages of the NIST CSF?

Identify, Protect, Detect, Respond, Recover

Identify, Prevent, Detect, Respond, Recover

Identify, Protect, Deflect, Respond, Recover

Identify, Protect, Detect, Respond, Return

4.

MULTIPLE CHOICE QUESTION

45 sec • 5 pts

Control diversity means:

That the layers of controls should combine different classes of technical and administrative controls with the range of control types

That the layers of controls should combine different classes of technical and physical controls with the range of control types

That the layers of controls should combine different classes of physical and administrative controls with the range of control types

That the layers of controls should combine different classes of technical, administrative and physical controls with the range of control types

5.

MULTIPLE CHOICE QUESTION

45 sec • 5 pts

Choose the option that best describes the concept of least privilege:

For a critical business function to be secure, it may be necessary to ensure that no one person can perform that function

A basic principle of security stating that something should be allocated the minimum necessary rights, privileges, or information to perform its role

Enforcing a security role by separating it from the network or access by the rest of the network

Screening new employees through background checks, ensuring employees are set up with the correct privileges when they join or change job roles, and ensuring that privileges are revoked if the employee is fired or retires

6.

MULTIPLE CHOICE QUESTION

45 sec • 5 pts

A security policy:

Defines the scope of security needed by the organisation and discusses the assets that require protection and the extent to which security solutions should go to provide the necessary protection

Is a set sequence of necessary activities that performs a specific security task or function

Provides practical guidance on how an organisation can protect their systems and data from cyber threats

Defines a minimum level of security that every system throughout the organisation must meet

7.

MULTIPLE SELECT QUESTION

20 sec • 5 pts

Which of the following is free? (Multiple answers may apply)

ISO 27001

NIST CSF

COBIT

ITIL

Create a free account and access millions of resources

Create resources
Host any resource
Get auto-graded reports
or continue with
Microsoft
Apple
Others
By signing up, you agree to our Terms of Service & Privacy Policy
Already have an account?