Uncategorized

Cybersecurity and Its Ten Domains Quiz

Cybersecurity and Its Ten Domains Quiz Answer. In this post you will get Quiz & Assignment Answer Of Cybersecurity and Its Ten Domains

 

Cybersecurity and Its Ten Domains Quiz

Offered By ”University System of Georgia”

Enroll Now

Week- 1

Test Your Existing Knowledge

1.
Question 1
1.
A computer network is ____________.

1 point

  • an interconnected computers or devices.
  • a superhuman
  • a TV show
  • all of the above

2.
Question 2
A reason why cyber vulnerabilities will probably
never go away is:

1 point

  • they are a result of the freedom and ease of communicating online.
  • they are protected by Martians
  • no one likes to fix problems
  • all of the above

3.
Question 3
Which of the following exploit cyber
vulnerabilities?

1 point

  • Governments
  • Criminals
  • Hacktivists
  • All of the above

4.
Question 4
Hacking can be defined as creative
problem solving taking advantage of the properties of things in unexpected
ways. Based on this definition, which of the following is not a hack.

1 point

  • Stealing an unlocked bicycle
  • Using a bicycle to power a computer
  • Building a working bicycle out of discarded umbrellas
  • None of the above

5.
Question 5
Which of the following is a method of ensuring
that your information is kept confidential?

1 point

  • Give away your password to everyone
  • Encryption
  • Watch more TV shows
  • None of the above

6.
Question 6
How can you tell if a website encrypts its
traffic?

1 point

  • Look for the lock symbol in a URL
  • Google it
  • All websites encrypt their traffic
  • None of the above

7.
Question 7
What can you trust to be secure 100 percent of
the time?

1 point

  • Text/SMS messages
  • Emails
  • Mobile apps
  • None of the above

8.
Question 8
If you receive an email in which the person is
asking for your username and password, what should you do?

1 point

  • Report it as a phishing/scam
  • Reply to it and provide your username and password
  • Ask for money
  • None of the above

9.
Question 9
Which of the following is true about
cybersecurity?

1 point

  • It is a problem faced by everyone due to the highly connected world we are in.
  • It is a problem only for the rich
  • It is not a problem at all.
  • None of the above

10.
Question 10
This course covers ______ domains of
cybersecurity.

1 point

  • 9
  • 7
  • 8
  • 10

 

 

Week- 2

Peer-graded Assignment: Discussion — Role of Cyber Security

 

Download

Introduction to Security, Access Control, and Software Development Security Quiz

1.
Question 1
Information security can best be defined as:

1 point

Stopping hackers from getting data

Restricting access to authorized users only

Encrypting data so that it can only authorized users can read it

Collection of technologies, standards polices and management practices that are applied to information to keep it secure

2.
Question 2
Without information, businesses could still function.

1 point

True

False

3.
Question 3
Valuing and protecting information are crucial tasks for organizations.

1 point

True

False

4.
Question 4
The implementation of Information security management is the same for all organizations.

1 point

True

False

5.
Question 5
Access control is the process of trying to determine a user’s identity.

1 point

True

False

6.
Question 6
Access controls can be defined as:

1 point

Having the ability to do something with a computer resource.

Proving a user’s identity.

Having the permission to use a resource.

7.
Question 7
Authorization can be defined as:

1 point

Having the ability to do something with a resource.

Having permission to use a resource.

Proving a user’s identity.

8.
Question 8
Authentication can be defined as:

1 point

Having permission to use a resource.

Having the ability to do something with a resource.

Proving a user’s identity.

9.
Question 9
Accountability can be defined as:

1 point

Having permission to use a resource.

Firing a user who does the wrong thing.

Tracking a user’s actions while in a system.

10.
Question 10
Confidentiality can be defined as:

1 point

Ensuring that information is not disclosed to unauthorized users.

Ensuring that information is accessible.

Ensuring that information has not been improperly modified or destroyed.

11.
Question 11
Integrity can be defined as:

1 point

Ensuring that information is accessible.

Ensuring that information is not disclosed to unauthorized users.

Ensuring that information has not been improperly modified or destroyed.

12.
Question 12
Availability can be defined as:

1 point

Ensuring that information has not been improperly modified or destroyed.

Ensuring that information is not disclosed to unauthorized users.

Ensuring that information is accessible.

13.
Question 13
Access, authentication, and authorization all mean the same thing.

1 point

True

False

14.
Question 14
Software security principles should be applied throughout the software development lifecycle.

1 point

True

False

 

 

Week- 3

Business Continuity and Disaster Recovery Planning and Cryptography Quiz

 

1.
Question 1
Organizations should have plans in place to deal with disruptive events.

1 point

True

False

2.
Question 2
Business continuity plans and disaster recovery plans are the same thing.

1 point

True

False

3.
Question 3
Used to identify operational and financial impacts resulting from a disruption of business operations.

1 point

BP

BIA

SOP

CFP

4.
Question 4
According to FEMA, the four phases of emergency management are:

1 point

Mitigation, response, intervention, and planning.

Mitigation, preparedness, quick action, and response.

Mitigation, preparedness, response and recovery.

Mitigation, reaction, recovery, and response .

5.
Question 5
The act of setting up a plan to ensure the survival of an organization:

1 point

Business continuity planning

Incident response management

Onsite backup and storage recovery

Disaster recovery implementation

6.
Question 6
A hot site can be described as:

1 point

A building for housing processors that can be easily adapted for use.

A building already equipped with processing capability and other services.

An agreement for two organizations to back each other up.

7.
Question 7
A cold site can be described as:

1 point

A building for housing processors that can be easily adapted for use.

A building already equipped with processing capability and other services.

An agreement for two organizations to back each other up.

8.
Question 8
A reciprocal agreement can be described as:

1 point

A building for housing processors that can be easily adapted for use.

A building already equipped with processing capability and other services.

An agreement for two organizations to back each other up.

9.
Question 9
Contingency plans should never be tested, since they most likely won’t ever be used.

1 point

False

True

10.
Question 10
Contingency plans should be written and periodically updated.

1 point

False

True

11.
Question 11
Encryption is used to stop unauthorized people from reading information.

1 point

True

False

12.
Question 12
Cryptography relies on the use of an algorithm and access controls.

1 point

False

True

13.
Question 13
Cryptographic system in which both sender and receiver share a common key.

1 point

Asymmetric

Symmetric

14.
Question 14
Cryptographic system in which a pair of keys is used, one made public and one kept private.

1 point

Symmetric

Asymmetric

15.
Question 15
Which cryptographic system is faster, in relative terms?

1 point

Symmetric

Asymmetric

16.
Question 16
Type of cryptographic system that combines symmetric and asymmetric features:

1 point

DES

Hybrid

Desperate

DSS

17.
Question 17
Used to determine if a message has been changed:

1 point

Asymmetric cryptography

Hybrid cryptographic system

Message digest

Symmetric cryptography

18.
Question 18
Prevents an individual from claiming he/she did not send a message:

1 point

Symmetric cryptography

Asymmetric crytography

Message digest

Electronic signature

 

 

Week- 4

Information Security Governance and Risk Management & Legal, Regulations, Investigations, and Compliance Quiz

 

1.
Question 1
Process by which the value of an organization’s information assets are assessed and protected:

1 point

Information security management

Vulnerability assessment

Business impact analysis

Cryptography

2.
Question 2
Building an information security management system is done by:

1 point

Systematic assessment of systems, technology and media used.

Appraisal of the costs of security breaches.

Development and deployment of countermeasures to threats.

None of the above

All of the above

3.
Question 3
A “one size fits all” approach to information security management is the best course of action for all businesses.

1 point

False

True

4.
Question 4
The role of information security governance is to ensure that all technical controls are put into place, regardless of cost.

1 point

False

True

5.
Question 5
Information security is viewed as a business support function.

1 point

True

False

6.
Question 6
Comparing tangible vs. intangible costs in projects is easy to do.

1 point

True

False

7.
Question 7
Organizations should have written security policies for employees.

1 point

True

False

8.
Question 8
Security policies should not be reviewed by corporate counsel before implementation.

1 point

False

True

9.
Question 9
Security policy distribution is a simple process.

1 point

False

True

10.
Question 10
For a security policy to be valid, employees must:

1 point

Ignore it if it interferes with job duties.

Be told where to find a copy of it.

Receive, read, understand, and agree to follow it.

Follow it only if they agree with it.

11.
Question 11
NIST and ISO have published standards for use by information security professionals.

1 point

False

True

12.
Question 12
ITIL is a standard that is not in wide use today.

1 point

True

False

13.
Question 13
Type of law where the victim is viewed as society itself:

1 point

Administrative

Criminal

Civil

14.
Question 14
Type of law where the victim is viewed as an individual, group, or organization:

1 point

Criminal

Civil

Administrative

15.
Question 15
Type of law enacted by government agencies:

1 point

Criminal

Civil

Administrative

16.
Question 16
Protects records and information maintained by U.S. government agencies:

1 point

Federal Privacy Act of 1974

HIPAA

PCI-DSS

GLBA

17.
Question 17
Guards protected health information from unauthorized use or disclosure:

1 point

Federal Privacy Act of 1974

PCI-DSS

HIPAA

GLBA

18.
Question 18
Ensures better protection of credit card holder data.

1 point

HIPAA

Federal Privacy Act of 1974

GLBA

PCI-DSS

19.
Question 19
Requires financial institutions to protect the confidentiality and integrity of consumer financial information:

1 point

HIPAA

Federal Privacy Act of 1974

PCI-DSS

GLBA

 

 

 

Week- 5

Operations Security & Physical and Environmental Security Quiz

 

1.
Question 1
The operations security team handles system maintenance tasks.

1 point

True

False

2.
Question 2
The operations security team is responsible for developing security policies and implementing them.

1 point

False

True

3.
Question 3
The operations security team should have a continuity of operations plan.

1 point

False

True

4.
Question 4
The act of assigning tasks to different personnel.

1 point

Need to know

Clean desk policy

Information sharing

Separation of duties

5.
Question 5
Separation of duties prevents one person from having total control of security measures.

1 point

True

False

6.
Question 6
Audit and monitoring functions allow for the identification of security events.

1 point

False

True

7.
Question 7
Examples of threats to the physical environment include:

1 point

Sabotage

Emergencies

Service interruptions

All of the above

8.
Question 8
Consideration of things like locks and security guards fall outside the physical environment domain.

1 point

True

False

9.
Question 9
Process used to protect unclassified information that can be used by an adversary.

1 point

Network security

Data security

Physical security

Operations security

10.
Question 10
Information that can be obtained freely, without breaking the law.

1 point

Open source

Private source

Back channel

Closed source

11.
Question 11
Anyone who can harm people, resources or a mission.

1 point

Ally

Evil

Teammate

Adversary

12.
Question 12
Which is not a step in the operations security process?

1 point

Analyze enemy intentions

Analyze threats

Identify critical information

Analyze vulnerabilities

13.
Question 13
Measures taken to protect systems, buildings, and infrastructure from threats in their physical environment.

1 point

Operations security

Client security

Physical and environmental security

Network security

14.
Question 14
Physical access controls do not need to address locations of system wiring.

1 point

False

True

15.
Question 15
Physical access controls restrict the entry and exit of personnel from an area.

1 point

True

False

16.
Question 16
What are the three routes possible for data interception, according to NIST?

1 point

Direct observation; reception interception; electromagnetic interception

Direct observation, rejected interception; psychometric interception

Direct observation; transmission interception; electromagnetic interception

Direct observation; transmission interception; psychometric interception

 

 

Week- 6

Security Architecture and Design & Telecommunications and Network Security Quiz

 

1.
Question 1
The OSI model has how many layers?

1 point

5

7

4

8

2.
Question 2
Which is not a layer in the OSI model?

1 point

Abstract

Application

Physical

Session

3.
Question 3
A component that leaves a system open to compromise

1 point

Vulnerability

Attack

Threat

None of the above

4.
Question 4
The potential for a violation of security

1 point

Threat

Vulnerability

Attack

None of the above

5.
Question 5
An attempted violation of a computing system or network

1 point

Attack

Threat

Vulnerability

None of the above

6.
Question 6
Organizations should carry out risk assessments to help find an acceptable balance between security and cost

1 point

True

False

7.
Question 7
The concept which holds that modification of data is allowed only by authorized users

1 point

Integrity

Confidentiality

Availability

None of the above

8.
Question 8
The concept which holds that data should only be accessed by those who have a legitimate right to do so

1 point

Confidentiality

Integrity

Availability

None of the above

9.
Question 9
The concept which holds that data should be useable by legitimate users, when they need to do so

1 point

Availability

Integrity

Confidentiality

None of the above

10.
Question 10
Type of attack described as the interception of messages without modification

1 point

Active

Passive

Sniffing

Shoulder surfing

11.
Question 11
Type of attack described as one in which an unauthorized change is attempted

1 point

Passive

Active

Shoulder surfing

Sniffing

12.
Question 12
Type of attack which involves the re-use of captured data at a later time

1 point

Masquerade

Denial of service

Message modification

Message replay

13.
Question 13
Type of attack which involves changing either packet header or payload contents

1 point

Message replay

Masquerade

Message modification

Denial of service

14.
Question 14
Type of attack which involves flooding a network or system with trafficQuestion text

1 point

Message modification

Masquerade

Denial of service

Message replay

15.
Question 15
Program that has hidden instructions to carry out malicious activity

1 point

Trojan

Virus

Worm

None of the above

16.
Question 16
Type of program that can replicate itself and create a high demand for services

1 point

Worm

Trojan

Virus

None of the above

17.
Question 17
Type of program that attaches itself to other programs in order to spread

1 point

Virus

Worm

Trojan

None of the above

18.
Question 18
Network routers have tables which may be vulnerable to attack

1 point

True

False

 

 

Course Certificate Final Exam

1.
Question 1
Information security can best be defined as:

1 point

Restricting
access to authorized users only

Stopping
hackers from getting data

Encrypting
data so that it can only authorized users can read it

Collection of technologies, standards polices and management practices that are applied to information to keep it secure

2.
Question 2
Without
information, businesses could still function.

1 point

True

False

3.
Question 3
Valuing
and protecting information are crucial tasks for organizations.

1 point

True

False

4.
Question 4
The
implementation of Information security management is the same for all
organizations.

1 point

True

False

5.
Question 5
Access
control is the process of trying to determine a user’s identity.

1 point

True

False

6.
Question 6
Access controls
can be defined as:

1 point

Proving a user’s identity

Having the ability to do something with a computer resource

Having the permission to use a resource

7.
Question 7
Authorization
can be defined as

1 point

Having the ability to do something with a resource

Having permission to use a resource

Proving a user’s identity

8.
Question 8
Authentication
can be defined as

1 point

Having the ability to do something with a resource

Having permission to use a resource

Proving a user’s identity

9.
Question 9
Accountability can be defined as

1 point

Tracking a user’s actions while in a system

Having permission to use a resource

Firing a user who does the wrong thing

10.
Question 10
Confidentiality
can be defined as

1 point

Ensuring that information is accessible

Ensuring that information is not disclosed to unauthorized users

Ensuring that information has not been improperly modified or destroyed

11.
Question 11
Integrity
can be defined as

1 point

Ensuring
that information is not disclosed to unauthorized users

Ensuring
that information has not been improperly modified or destroyed

Ensuring
that information is accessible

12.
Question 12
Availability
can be defined as

1 point

Ensuring
that information is accessible

Ensuring
that information has not been improperly modified or destroyed

Ensuring
that information is not disclosed to unauthorized users

13.
Question 13
Access,
authentication, and authorization all mean the same thing

1 point

True

False

14.
Question 14
Software
security principles should be applied throughout the software development
lifecycle

1 point

True

False

15.
Question 15
Organizations
should have plans in place to deal with disruptive events

1 point

True

False

16.
Question 16
Business
continuity plans and disaster recovery plans are the same thing

1 point

True

False

17.
Question 17
Used to
identify operational and financial impacts resulting from a disruption of
business operations

1 point

BP

BIA

SOP

CFP

18.
Question 18
According
to FEMA, the four phases of emergency management are

1 point

Mitigation,
reaction, recovery, and response

Mitigation, preparedness, response and recovery

Mitigation, response, intervention, and planning

Mitigation,
preparedness, quick action, and response

19.
Question 19
The act
of setting up a plan to ensure the survival of an organization

1 point

Onsite
backup and storage recovery

Incident
response management

Disaster
recovery implementation

Business
continuity planning

20.
Question 20
A hot
site can be described as

1 point

An
agreement for two organizations to back each other up

A
building for housing processors that can be easily adapted for use

A
building already equipped with processing capability and other services

21.
Question 21
A cold
site can be described as

1 point

An
agreement for two organizations to back each other up

A
building already equipped with processing capability and other services

A
building for housing processors that can be easily adapted for use

22.
Question 22
A
reciprocal agreement can be described as

1 point

An
agreement for two organizations to back each other up

A
building already equipped with processing capability and other services

A
building for housing processors that can be easily adapted for use

23.
Question 23
Contingency
plans should never be tested, since they most likely won’t ever be used

1 point

True

False

24.
Question 24
Contingency
plans should be written and periodically updated

1 point

True

False

25.
Question 25
Encryption
is used to stop unauthorized people from reading information

1 point

True

False

26.
Question 26
Cryptographic
system in which both sender and receiver share a common key

1 point

 

Asymmetric

Symmetric

27.
Question 27
Which
cryptographic system is faster, in relative terms

1 point

Symmetric

Asymmetric

28.
Question 28
Confidentiality can be achieved through?

1 point

Encryption

Hashing

Plaintext communication

Firewalls

29.
Question 29
Type of
cryptographic system that combines symmetric and asymmetric features

1 point

DSS

Desperate

DES

Hybrid

30.
Question 30
Prevents
an individual from claiming he/she did not send a message

1 point

Symmetric cryptography

Asymmetric
cryptography

Message
digest

Electronic signature

31.
Question 31
Process
by which the value of an organization’s information assets are assessed and
protected

1 point

Information security management

Vulnerability
assessment

Business
impact analysis

Cryptography

32.
Question 32
Building
an information security management system is done by

1 point

Systematic
assessment of systems, technology and media used

Appraisal
of the costs of security breaches

Development
and deployment of countermeasures to threats

All of the above

33.
Question 33
A “one
size fits all” approach to information security management is the best course
of action for all businesses

1 point

True

False

34.
Question 34
The
role of information security governance is to ensure that all technical
controls are put into place, regardless of cost

1 point

True

False

35.
Question 35
Information
security is viewed as a business support function

1 point

True

False

36.
Question 36
Comparing
tangible vs. intangible costs in projects is easy to do

1 point

True

False

37.
Question 37
Security
policies should not be reviewed by corporate counsel before implementation

1 point

True

False

38.
Question 38
NIST
and ISO have published standards for use by information security professionals

1 point

True

False

39.
Question 39
Protects
records and information maintained by U.S. government agencies

1 point

GLBA

HIPAA

PCI-DSS

Federal Privacy Act of 1974

40.
Question 40
Guards
protected health information from unauthorized use or disclosure

1 point

HIPAA

Federal Privacy Act of 1974

GLBA

PCI-DSS

41.
Question 41
Ensures
better protection of credit card holder data

1 point

Federal
Privacy Act of 1974

GLBA

HIPAA

PCI-DSS

42.
Question 42
Separation
of duties prevents one person from having total control of security measures

1 point

True

False

43.
Question 43
Audit
and monitoring functions allow for the identification of security events

1 point

True

False

44.
Question 44
Examples
of threats to the physical environment include:

1 point

Emergencies

Service
interruptions

Sabotage

All of the above

45.
Question 45
Consideration
of things like locks and security guards fall outside the physical environment
domain

1 point

True

False

46.
Question 46
The concept which holds that modification of
data is allowed only by authorized users

1 point

Integrity

Confidentiality

Availability

None of the above

47.
Question 47
The concept which holds that data should only be
accessed by those who have a legitimate right to do so

1 point

Integrity

Confidentiality

Availability

None of the above

48.
Question 48
The concept which holds that data should be
useable by legitimate users, when they need to do so

1 point

Availability

Confidentiality

Integrity

None of the above

49.
Question 49
Type of attack described as the interception of
messages without modification

1 point

Active

Passive

50.
Question 50
Type of attack described as one in which an
unauthorized change is attempted

1 point

Active

Passive

Sniffing

Shoulder surfing

 

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *