From the following list, select all the possible warning signs of social engineering attacks.

strange emails from known, trusted personal contacts and organizations

emails or web pages that request personal information in exchange for a free offer

emails or texts containing links to more information or a free download

phone calls from service providers that ask you to verify your account information

Which of the following threats to cybersecurity come from internal sources? More than one answer may be correct.

the leakage of sensitive information

an attack by an authorized user

a downloaded virus or other malware

a Distributed Denial of Service (DDOS) attack

What is the goal of the planning phase of the plan-protect-respond cycle?

Understand common threats that an organization may face and determine how vulnerable they are to such threats.

Provide employee education on data security threats.

Prove that their cloud infrastructure is not vulnerable to hackers.

Understand how to identify important data and create systems for backing this data up.

California’s SB-327 for IoT Security mandates that security features of Internet-ready devices must be ________. More than one answer may be correct.

appropriate to the intended use of the device

suitable for the type of data the device will contain and relay

constructed to protect the device and any data it stores

transferable from one device to another for any given user

What is the goal of the NIST Cybersecurity Framework Protect (PR) function?

to help protect an organization’s IT infrastructure from security breaches by offering guidelines on IT infrastructure protection

to help protect organizations from lawsuits spawned by data breaches by offering legal advice

to help protect consumers who buy and use devices that connect to the Internet by offering organizations best practice guidelines

to help protect organizations from insider trading by offering guidelines on employee ethics

Which of the following is the clearest definition of a computer virus?

Code-created malware that, when executed, damages programs and performance.

Malware that lives in the operating system and attacks system functionality.

One of a class of cybersecurity threats that compromise a user’s confidential information.

Surveillance software introduced through a seemingly innocuous link.

According to the CIA triad, in which of the following examples is an organization ensuring data integrity? More than one answer may be correct.

An organization has a formal policy for alerting the IT department when employees leave the company.

A corporation backs up all of its data to a cloud server every night.

A company deactivates the username and passwords of former employees in bulk on a monthly basis.

The pay scale documents that human resources uses to determine salary are made available to all employees.

Which of the following is a goal of confidentiality as defined by the CIA triad?

making sure the right people have access to secure information

classifying information as essential or unessential

determining who has access to essential data

preventing information from being readily available

Which threat to cybersecurity can only come from outside an organization?

unnoticed erasure or corruption of data

intentional attacks on systems and data

Which of the following statements describe Internet robots, or bots? More than one answer may be correct.

“Good bots” have useful functions and do not pose security risks.

Bots are used for both legitimate and malicious purposes.

Malicious bots can compromise a user’s control of the computer.

Malicious bots have decreased in number and scope in the past few years.

Cybersecurity

Quiz

•

Computers

•

University

•

Practice Problem

•

Hard

Malena Prinzing

Used 5+ times

FREE Resource

22 questions

Show all answers

MULTIPLE SELECT QUESTION

1 min • 1 pt

The deactivation of access to corporate systems and documents after an employee leaves a company is an example of which tool that ensures confidentiality? More than one answer may be correct.

access control

physical security

encryption

authentication

Answer explanation

Ensuring that former employees no longer have access to corporate materials is one way to maintain confidentiality. Access control ensures that the correct people will have access to confidential materials, while authentication validates a user to confirm that they should have access to such confidential materials.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Where are data in transit found?

in the cloud

on a cellular network

on a hard drive

on a smart appliance

Answer explanation

Data in transit is data that is moving between devices; therefore, data transmitted through a cellular network are considered data in transit.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which of the following is a goal of an information technology disaster recovery plan (IT DRP)?

prevent technology disruptions from occurring

conduct regular backups of data

outline specific recovery times for information technology to resume after an issue occurs

allow normal business operations to continue as soon as possible after an issue occurs

Answer explanation

The goal of an information technology disaster recovery plan (IT DRP) is to resume technological functions, not just general business functions, as soon as possible after an issue occurs. Outlining expected recovery times for IT to resume is one item that should be part of all IT DRPs.

MULTIPLE SELECT QUESTION

1 min • 1 pt

Describe steps in cybersecurity risk analysis. More than one answer may be correct.

estimate potential losses

assign value to assets

estimate the likelihood of occurrence of threats

train employees on cybersecurity

Answer explanation

The first step in a risk analysis is identification and valuation of an organization’s information assets. The second step is to estimate potential costs and losses per security incident, which include costs of malware attacks, fees and penalties associated with data breaches, and lost revenue. It is important to understand the probability of each type of security threat.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

What does the identify (ID) function of the NIST Cybersecurity Framework focus on?

organizational implementation of an action plan in the event of a cybersecurity breach

organizational development of a plan of restoration in the event of a cybersecurity breach

organizational detection of cybersecurity events in a timely fashion

organizational understanding of how to manage cybersecurity risks

Answer explanation

The identify (ID) function aims to create an organizational awareness of associated risks in the context of their business and resources.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Why is a denial-of-service attack (DoS attack) a threat to data availability?

A DoS attack floods a system with incoming messages designed to trick an unsuspecting employee into granting unauthorized access to data

A DoS attack changes the data that is stored on the server, rendering it inaccurate

DoS attacks remove any encryptions that are placed around data, making them available without proper authentication

By flooding a system with incoming messages, a DoS attack forces the system to shut down, rendering it inaccessible to the users who legitimately have access to it

Answer explanation

In a DoS attack, a system is flooded with incoming messages. This creates a bandwidth problem for the system, forcing it to shut down, making the data inaccessible to those who legitimately have access to it.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which of the NIST Cybersecurity Framework functions investigates an organization’s cybersecurity management in the context of their business needs and resources?

recover (RC) function

detect (DE) function

identify (ID) function

protect (PR) function

Answer explanation

The ID function, the first of five in the framework, helps organizations better understand efforts needed to manage risks specific to their IT infrastructures.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

17 questions

Email Lớp 6

Quiz

•

6th Grade - University

20 questions

DreamWeaver CS6

Quiz

•

University

20 questions

Berpikir Komputasi - Assessment 1

Quiz

•

University

20 questions

Banco de Dados

Quiz

•

University - Professi...

20 questions

Uji Pengetahuan Jaringan Komputer

Quiz

•

9th Grade - University

19 questions

DSA Quest 1.0

Quiz

•

University

20 questions

Quiz #1 RStudio

Quiz

•

University

20 questions

C - Structures

Quiz

•

University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

20 questions

Figurative Language Review

Quiz

•

6th Grade

Discover more resources for Computers

30 questions

Quiz 1 Review

Quiz

•

University

Cybersecurity

22 questions

The deactivation of access to corporate systems and documents after an employee leaves a company is an example of which tool that ensures confidentiality? More than one answer may be correct.

Where are data in transit found?

Data in transit is data that is moving between devices; therefore, data transmitted through a cellular network are considered data in transit.

Which of the following is a goal of an information technology disaster recovery plan (IT DRP)?

The goal of an information technology disaster recovery plan (IT DRP) is to resume technological functions, not just general business functions, as soon as possible after an issue occurs. Outlining expected recovery times for IT to resume is one item that should be part of all IT DRPs.

Describe steps in cybersecurity risk analysis. More than one answer may be correct.

What does the identify (ID) function of the NIST Cybersecurity Framework focus on?

The identify (ID) function aims to create an organizational awareness of associated risks in the context of their business and resources.

Why is a denial-of-service attack (DoS attack) a threat to data availability?

In a DoS attack, a system is flooded with incoming messages. This creates a bandwidth problem for the system, forcing it to shut down, making the data inaccessible to those who legitimately have access to it.

Which of the NIST Cybersecurity Framework functions investigates an organization’s cybersecurity management in the context of their business needs and resources?

The ID function, the first of five in the framework, helps organizations better understand efforts needed to manage risks specific to their IT infrastructures.

Before a hacker can use a cybersecurity exploit, a specific system vulnerability must be identified.

A cybersecurity exploit is a tool designed to take advantage of a particular vulnerability or flaw in system security.

From the following list, select all the possible warning signs of social engineering attacks.

Criminals often impersonate others and offer free giveaways in emails, texts, or webpages to encourage people to give up personal information or click a malicious link.

Which of the following threats to cybersecurity come from internal sources? More than one answer may be correct.

Internal cybersecurity threats come from within the organization and include accidents, intentional attacks, or security breaches allowed by authorized users.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers