Search Header Logo

Sec+ | Important Notes

Authored by Prem Jadhwani

Computers

Professional Development

Used 2+ times

Sec+ | Important Notes
AI

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

    Content View

    Student View

12 questions

Show all answers

1.

MATCH QUESTION

3 mins • 5 pts

Match the Security Control to its purpose

Intrusion Prevention System (IPS)

Software that detects and STOPS an attack in real-time

Data Loss Prevention (DLP)

Software that automates a response when set up

SIEM

Software that Aggregates log data and acts as workforce multiplier

SOAR

Security technologies that work together to screen devices for health conditions before accessing a network

Network Access Control (NAC)

Stops sensitive data exfiltration

2.

MATCH QUESTION

3 mins • 5 pts

Match the tool that is used for the provided purpose:

Mobile Device Manager (MDM)

Best tool to use to capture data packets going between computers.

Tabletop Exercise (TTX)

Best way to see internal to external conversations between computers

Wireshark (PCAP)

Best way to control company data on a laptop or cellular phone.

Data Tokenization

Best way to store credit card data in a database is to replace it with a placeholder.

Firewall Logs

Best way to test your Incident Response Plan (IRP)

3.

MATCH QUESTION

3 mins • 5 pts

Match the following:

Playbook

Report that shows how things are affected when a security incident happens.

Data Retention

Best way to transfer risk involved with a security incident.

Cyber Insurance

A report provided by a vendor stating that we meet certain regulatory requirements

Compliance Attestation

A policy that outlines how long we must store and maintain data

Business Impact Analysis (BIA)

Step by step guide to responding to a security incident

4.

MATCH QUESTION

3 mins • 5 pts

Match the regulatory laws to their definition.

PCI DSS

Supporting document that provides security controls to orgs that are required to have ISMS.

General Data Privacy Regulation (GDPR)

Law that governs how an organization handles credit/debit card data.

ISO 27001

Requires companies handle PII in a manner that keeps it private.

ISO 27002

Privacy law that applies to European Citizens regarding their privacy rights.

ISO 27701

Requires an organization to set up an ISMS if they deal with sensitive info.

5.

MATCH QUESTION

3 mins • 5 pts

Match the following terms to their appropriate definitions.

Single Loss Expectancy (SLE)

The number of times something happens in a given year.

Recovery Time Objective (RTO)

The amount of money we can expect to lose in a given year due to events occurring.

Recovery Point Objective (RPO)

This is the maximum amount of time equipment can be down.

Annual Loss Expectancy (ALE)

This is the maximum amount of data that can be lost.

Annual Rate of Occurrence (ARO)

The amount of money we can expect to lose if something occurs.

6.

MATCH QUESTION

3 mins • 5 pts

Match the appropriate solution with the problem.

Backout Plan

Mandy needs to create a way to rollback to a previous point if something goes wrong.

Data Loss Prevention (DLP)

Dameon needs to determine everything that needs to be done to get into compliance.

Gap Analysis

Terry wants to enforce security policies on the cloud.

File Integrity Monitoring (FIM)

Jon needs a tool that will help him identify if anything in a file system has changed.

Cloud Access Security Broker (CASB)

Sierra wants to prevent employees from sending sensitive info in email.

7.

MATCH QUESTION

3 mins • 5 pts

Match the following documents to their purpose

SOW

A formal document that an employee signs to ensure they understand what they are allowed to use an asset for.

AUP


A plan that outlines scope of a job, the completion timeline and the cost.

BIA

Legal agreement between two parties that outlines service requirements. Often denotes 99.9% uptime.

SLA

A plan that we put into place to maintain continuity in the event of a disaster or attack.

BCP

A complete analysis on how a situation or event would impact the organization.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Google

Continue with Google

Email

Continue with Email

Classlink

Continue with Classlink

Clever

Continue with Clever

or continue with

Microsoft

Microsoft

Apple

Apple

Others

Others

Already have an account?