Cybersecurity Chapter 2A Quiz

The McCumber Cube's three dimensions are Information States (data at rest, in transit, and in use), Security Measures (controls and safeguards), and Security Goals (confidentiality, integrity, and availability), making this the correct choice.

The correct choice accurately defines the principles: confidentiality protects against unauthorized access, integrity ensures data accuracy, and availability guarantees access when needed.

Data exists in three states: structured (organized in a defined format), semi-structured (contains tags or markers for separation), and unstructured (no predefined format, like text or images). Each state serves different purposes.

The correct choice identifies the three main types of cybersecurity countermeasures: preventive measures stop attacks before they occur, detective measures identify incidents as they happen, and corrective measures address and mitigate the impact after an incident.

The ISO Cybersecurity Model provides a framework for managing cybersecurity risks, focusing on continuous improvement, risk assessment, and the integration of security into organizational processes to enhance resilience against threats.

The greatest challenges in protecting transmitted data include ensuring confidentiality (preventing unauthorized access), integrity (maintaining accuracy), and availability (ensuring access when needed). All three are crucial for data security.

Data in process specifically refers to information that is actively being manipulated or transformed within a system, making it the correct choice. The other options describe different states of data.

Software-based technology safeguards refer to programs and services designed to protect systems from threats. This distinguishes them from physical devices or cloud technologies, which do not inherently provide software protection.

The purpose of a security policy is to provide rules of behavior for users, ensuring they understand their responsibilities and the acceptable use of resources, which helps protect the organization's information and assets.

The ISO 27000 standard provides a framework for information security management, helping organizations establish, implement, and maintain effective information security practices. It is not mandatory or a simple checklist.