SoCI (as it pertains to the Australian law concerned with cybersecurity) stands for:

Security of Critical Infrastructure

Statement of Comprehensive Income

Security of Critical Identities

Standard Optimum Control Integral

Which of the following can be considered mission-critical assets:

Cryptographic information, network topology, cost structure and price calculations, sales pipeline

Information or details relating directly to an individual, such as employees, customers or citizens

Proprietary algorithms, logistics arrangements, formulas, board papers

Customer profile database (containing pii), tax records, competitor analysis, non-competition agreements

What could be considered as an example of a potential security implication for the creation stage of the information lifecycle?

Photocopying board meeting notes discussing divestiture plans, e.g., to read on the train

A business user incorrectly updating the pricing points for a differentiating product

Information about a non-competition agreement stored on a personal tablet for offline reference

Misaddressing an email containing details of yet-to-be-announced redundancy plans

Leaving the recipe for a foodstuff that defines the brand of an organisation on the hard drive of a laptop sent for destruction

What are possible outcomes of a risk that has been identified and analysed in a risk management process?

Acceptance, avoidance, mitigation, transfer

Acceptance, avoidance, mitigation, transfer, residual

Acceptance, elimination, reduction, transfer

Acceptance, avoidance, elimination, mitigation, transfer

To what audience should communication about new information risks be sent?

Security steering committee and executive management

What is usually the primary objective of risk management?

Fewer and less severe security incidents

You have implemented a web gateway that blocks access to a social networking site. How would you categorise this type of security control?

It is a technical type of control and acts as a preventive measure

It is an administrative type of control and acts as a deterrent measure

It is an administrative type of control and acts as a preventive measure

It is a technical type of control and acts as a deterrent measure

How do you achieve layered security?

By providing a diversity of types of controls and sourcing controls from a number of different vendors

By considering the CIA triad when implementing controls

By considering the defence in depth when implementing controls

If a security control is described as administrative and compensating, what can you determine about its nature and function?

That the control is enforced by a procedure or policy that shapes the way people act and that the control mitigates its impact in some way

That the control is enforced by a technical system and that the control prevents an attack

That the control is enforced by a procedure or policy that shapes the way people act and that the control mitigates its likelihood in some way

That the control is enforced by a technical system and that the control delays an attack

Which of the following metrics is the best example of a leading indicator?

Percentage of critical servers being patched within Service Level Agreements (SLAs)

Average time to mitigate security incidents

Increase in the number of attacks blocked by the Intrusion Prevention System (IPS)

Increase in the number of attacks blocked by the firewall

The purpose of control self-assessments is to:

Reinforce accountability for control effectiveness

Transfer risk to control owners

Reduce workload in internal audit

ISYS3439 - Cyber GRC

University

•

26 Qs

Similar activities

On my block

1st Grade - Professional Development

•

21 Qs

untitled

6th Grade - University

•

22 Qs

Fiber Optic Assignment Quiz

University

•

22 Qs

Political Parties, Interest Groups, & Mass Media

9th Grade - University

•

23 Qs

Endocrine Exam 3-Khan

University

•

22 Qs

star wars

5th Grade - Professional Development

•

21 Qs

LIS126 Prelim Exam

University

•

21 Qs

Call of duty quiz

4th Grade - University

•

21 Qs

ISYS3439 - Cyber GRC

Quiz

•

Other

•

University

•

Practice Problem

•

Hard

Nebs P

Used 10+ times

FREE Resource

26 questions

Show all answers

MULTIPLE CHOICE QUESTION

20 sec • 5 pts

The CIA triad is a prominent information security model defining which three central aspects of information security?

Confidentiality, integrity, and accountability

Classification, integrity, and accountability

Confidentiality, identity, and accessibility

Confidentiality, integrity, and availability

MULTIPLE CHOICE QUESTION

20 sec • 5 pts

Which of vulnerability, threat, and risk would be assessed by likelihood and impact?

Vulnerability

Threat

Risk

All 3

MULTIPLE CHOICE QUESTION

20 sec • 5 pts

What are the 5 major stages of the NIST CSF?

Identify, Protect, Detect, Respond, Recover

Identify, Prevent, Detect, Respond, Recover

Identify, Protect, Deflect, Respond, Recover

Identify, Protect, Detect, Respond, Return

MULTIPLE CHOICE QUESTION

45 sec • 5 pts

Control diversity means:

That the layers of controls should combine different classes of technical and administrative controls with the range of control types

That the layers of controls should combine different classes of technical and physical controls with the range of control types

That the layers of controls should combine different classes of physical and administrative controls with the range of control types

That the layers of controls should combine different classes of technical, administrative and physical controls with the range of control types

MULTIPLE CHOICE QUESTION

45 sec • 5 pts

Choose the option that best describes the concept of least privilege:

For a critical business function to be secure, it may be necessary to ensure that no one person can perform that function

A basic principle of security stating that something should be allocated the minimum necessary rights, privileges, or information to perform its role

Enforcing a security role by separating it from the network or access by the rest of the network

Screening new employees through background checks, ensuring employees are set up with the correct privileges when they join or change job roles, and ensuring that privileges are revoked if the employee is fired or retires

MULTIPLE CHOICE QUESTION

45 sec • 5 pts

A security policy:

Defines the scope of security needed by the organisation and discusses the assets that require protection and the extent to which security solutions should go to provide the necessary protection

Is a set sequence of necessary activities that performs a specific security task or function

Provides practical guidance on how an organisation can protect their systems and data from cyber threats

Defines a minimum level of security that every system throughout the organisation must meet

MULTIPLE SELECT QUESTION

20 sec • 5 pts

Which of the following is free? (Multiple answers may apply)

ISO 27001

NIST CSF

COBIT

ITIL

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

By signing up, you agree to our Terms of Service & Privacy Policy

Already have an account?

Similar Resources on Wayground

30 questions

Amendments

Quiz

•

KG - University

30 questions

FIL.12

Quiz

•

University

22 questions

untitled

Quiz

•

6th Grade - University

22 questions

Examén GE día Uno

Quiz

•

University

23 questions

Quiz on ICT as a Platform for Change

Quiz

•

11th Grade - University

21 questions

REVIEW VERB BE - FRESHMEN YEAR

Quiz

•

10th Grade - Professi...

21 questions

Sistema Endócrino

Quiz

•

University

21 questions

ESAP QUIZ #2

Quiz

•

University

Popular Resources on Wayground

10 questions

Honoring the Significance of Veterans Day

Interactive video

•

6th - 10th Grade

9 questions

FOREST Community of Caring

Lesson

•

1st - 5th Grade

10 questions

Exploring Veterans Day: Facts and Celebrations for Kids

Interactive video

•

6th - 10th Grade

19 questions

Veterans Day

Quiz

•

5th Grade

14 questions

General Technology Use Quiz

Quiz

•

8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

15 questions

Circuits, Light Energy, and Forces

Quiz

•

5th Grade

19 questions

Thanksgiving Trivia

Quiz

•

6th Grade

Discover more resources for Other

20 questions

Definite and Indefinite Articles in Spanish (Avancemos)

Quiz

•

8th Grade - University

7 questions

Force and Motion

Interactive video

•

4th Grade - University

9 questions

Principles of the United States Constitution

Interactive video

•

University

18 questions

Realidades 2 2A reflexivos

Quiz

•

7th Grade - University

10 questions

Dichotomous Key

Quiz

•

KG - University

25 questions

Integer Operations

Quiz

•

KG - University

7 questions

What Is Narrative Writing?

Interactive video

•

4th Grade - University

20 questions

SER vs ESTAR

Quiz

•

7th Grade - University

ISYS3439 - Cyber GRC

26 questions

The CIA triad is a prominent information security model defining which three central aspects of information security?

Which of vulnerability, threat, and risk would be assessed by likelihood and impact?

What are the 5 major stages of the NIST CSF?

Control diversity means:

Choose the option that best describes the concept of least privilege:

A security policy:

Which of the following is free? (Multiple answers may apply)

SoCI (as it pertains to the Australian law concerned with cybersecurity) stands for:

Which of the following can be considered mission-critical assets:

Which of the following threat actors is typically not considered adversarial?

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other