In risk management, the term "impact" refers to:

The severity or consequences of a risk event

The potential vulnerabilities in a system or process

The actions taken to transfer or mitigate risks

Which of the following options is an example of a logical access control?

Security cameras monitoring a facility

Security guards patrolling an area

A company employs mantraps/turnstiles at the entrance to their high-security data center. This physical access control measure is primarily aimed at:

Detecting motion within the data center

Restricting access based on time of day

Alerting security personnel in case of an intrusion

Your company is based in the US and wants to extend its services to the European market. Which regulation should your company comply with to protect the personal data of its European users?

General Data Protection Regulation (GDPR)

Health Insurance Portability and Accountability Act (HIPAA)

National Institutes of Standards and Technology (NIST)

Institute of Electrical and Electronics Engineers (IEEE)

For a large healthcare organization seeking to streamline user access management based on specific job titles like doctor, nurse, and administrator, which access control model offers the most efficiency and minimal administrative overhead?

Role-Based Access Control (RBAC)

Discretionary Access Control (DAC)

Attribute-Based Access Control (ABAC)

In which cloud service model does the IT department have the least responsibility for managing and maintaining the underlying infrastructure and software?

Infrastructure as a Service (IaaS)

In the context of cybersecurity, what is the primary purpose of data backups?

To recover lost or corrupted data in the event of a disaster

To prevent unauthorized access to sensitive information

To ensure the availability of network resources

To monitor and detect potential security breaches

In the event of a major earthquake, what should be the immediate priority?

Ensuring the safety of individuals

Activating the disaster recovery plan for systems

Assessing the physical damage to infrastructure

Implementing additional security measures

To improve the security of your organization's information system, you have been tasked to perform a vulnerability assessment. Which of the following will you primarily focus on? • • (Correct) •

Identifying potential weaknesses in the system

Identifying potential threat actors

Assessing the potential impacts of threat

What does the term "Governance" refer to in an organizational context?

The process of how an organization is managed, including decision-making policies and roles

The implementation of security controls to protect organizational assets

The monitoring and assessment of security controls to ensure compliance

The identification and management of risks within an organization

What does the term "Risk Tolerance" refer to in cybersecurity?

The level of risk an entity is willing to assume in order to achieve a potential desired result

The level of risk associated with a specific vulnerability or threat

The process of assessing and mitigating risks in an organization

The likelihood of a risk event occurring and its potential impact

Which cloud service model is specifically designed to enable businesses and developers to host, build, and deploy consumer-facing apps?

Infrastructure as a Service (IaaS)

What is the purpose of subnet masks in IP addressing?

Subnet masks determine the network portion and host portion of an IP address.

Subnet masks define the maximum number of devices allowed on a network.

Subnet masks provide encryption for secure communication over the internet.

Subnet masks assign IP addresses to devices within a local network.

What is the primary purpose of a digital signature in cryptography?

To verify the integrity and authenticity of digital data

To ensure data confidentiality by encrypting messages

To facilitate secure key exchange between two parties

To compress and optimize the size of digital files

Which of the following organizations is a private non-profit organization that develops and promotes voluntary Internet standards, in particular the standards that comprise the Internet protocol suite (TCP/IP)?

Internet Engineering Task Force (IETF)

National Institute of Standards and Technology (NIST)

Institute of Electrical and Electronics Engineers (IEEE)

International Organization for Standardization (ISO)

During an incident response, what is the highest priority of first responders?

To restore services as quickly as possible

To update the security policies

As the new head of cybersecurity at your organization, you are tasked with preparing a Business Impact Analysis (BIA). What is the primary purpose of a BIA?

To assess the potential effects of an interruption to critical business operations

To ensure that all employees are trained in cybersecurity best practices

To identify all potential cybersecurity threats to the organization

To create a plan for responding to a cybersecurity incident

What is the purpose of classifying data in terms of its sensitivity within an organization?

To understand the potential impact if the data were to be compromised

To determine the level of encryption needed for each data type

To identify what information can be made public

To ensure all employees have access to all data

Which type of cyberattack primarily targets the availability aspect of the CIA triad in cybersecurity, often by overwhelming network resources and causing a disruption in services?

AttackDenial-of-Service (DoS) Attack

What is the primary purpose of a firewall in network security?

To filter incoming traffic based on rules and control access to the network.

To encrypt data transmitted between network devices.

To identify and remove malicious software from network devices.

To monitor and log network traffic for analysis and troubleshooting.

Which of the following best describes Discretionary Access Control (DAC)?

An access control policy where permissions are granted or denied based on user's discretion

An access control policy determined by the system administrator

An access control policy where permissions are granted based on role of the user

An access control policy that restricts access based on the sensitivity level of the information

Certified in Cybersecurity (CC): Full Coverage Mastery Exam 1

Authored by Kim undefined

Computers

Professional Development

Used 1+ times

Certified in Cybersecurity (CC): Full Coverage Mastery Exam 1

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

101 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

In a system, Alice, a programmer, attempts to access a code repository. In terms of access control, how would Alice and the code repository be classified?

Alice is the object, the code repository is the subject

Alice is the subject, the code repository is the object

Both Alice and the code repository are subjects

Both Alice and the code repository are objects

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

As an IT manager at a financial institution, you are designing a system to ensure that any transaction made cannot be denied by the party making it. This security measure is known as:

Confidentiality

Non-repudiation

Authorization

Encryption

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

In a financial company, a system requires both the manager and the accountant to simultaneously use their access codes to transfer funds exceeding $10,000. What security concept does this scenario illustrate?

Defense in depth

Principle of least privilege

Two-person integrity

Mandatory Access Control (MAC)

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You've just discovered that an unknown attacker has obtained unauthorized access to your company's client database. This situation is best defined as:

Exploit

Breach

Intrusion

Zero Day

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The IT team at XYZ Corp is working on identifying potential threats to their network. They are also assessing the impact of these threats and planning how to respond if any of these threats occur. What is the IT team engaged in?

Risk Management

Incident Response

Asset Management

Compliance Management

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

In the context of user authentication, which factors typically fall under the categories of "something you are" and "something you have"?

Username and password

Fingerprint and mobile phone

Security questions and PIN

Smart card and email address

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company implements multiple layers of security controls, including firewalls, intrusion detection systems, encryption, and regular security awareness training for employees. This approach is an example of:

Defense in Depth

Least Privilege

Separation of Duties

Single Sign-On

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

101 questions

Computer Fundamentals

Quiz

•

Professional Development

100 questions

march2024 monthly test

Quiz

•

Professional Development

103 questions

CCNA Prep Simulation

Quiz

•

Professional Development

100 questions

Information Security Quiz

Quiz

•

Professional Development

100 questions

IS202 - Midterm Sy2022 - 2023

Quiz

•

Professional Development

104 questions

QUIZ 5 OFFICERS BATCH 2023-24

Quiz

•

Professional Development

101 questions

Unit 19

Quiz

•

Professional Development

102 questions

M3 R5 Test 14

Quiz

•

Professional Development

Popular Resources on Wayground

8 questions

Spartan Way - Classroom Responsible

Quiz

•

9th - 12th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

3 questions

Integrity and Your Health

Lesson

•

6th - 8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

9 questions

FOREST Perception

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

Discover more resources for Computers

15 questions

LOTE_SPN2 5WEEK3 Day 2 Itinerary

Quiz

•

Professional Development

6 questions

Copy of G5_U6_L5_22-23

Lesson

•

KG - Professional Dev...

10 questions

March Quiz

Quiz

•

Professional Development

5 questions

Copy of G5_U6_L8_22-23

Lesson

•

KG - Professional Dev...

10 questions

suffixes FUL OR LESS

Quiz

•

Professional Development

Certified in Cybersecurity (CC): Full Coverage Mastery Exam 1

In a system, Alice, a programmer, attempts to access a code repository. In terms of access control, how would Alice and the code repository be classified?

As an IT manager at a financial institution, you are designing a system to ensure that any transaction made cannot be denied by the party making it. This security measure is known as:

In a financial company, a system requires both the manager and the accountant to simultaneously use their access codes to transfer funds exceeding $10,000. What security concept does this scenario illustrate?

You've just discovered that an unknown attacker has obtained unauthorized access to your company's client database. This situation is best defined as:

The IT team at XYZ Corp is working on identifying potential threats to their network. They are also assessing the impact of these threats and planning how to respond if any of these threats occur. What is the IT team engaged in?

In the context of user authentication, which factors typically fall under the categories of "something you are" and "something you have"?

A company implements multiple layers of security controls, including firewalls, intrusion detection systems, encryption, and regular security awareness training for employees. This approach is an example of:

An organization wants to ensure that a message sent over the internet cannot be read if intercepted. What technique should they use?

As a cybersecurity analyst, your supervisor instructs you to create a document outlining the step-by-step process for configuring firewall rules in the organization's network infrastructure. What type of document are you creating?

In risk management, the term "impact" refers to:

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers