PROTECT: How does multi-factor authentication (MFA) contribute to the Protect function?

By providing an additional layer of security

By eliminating the need for passwords

Continuous monitoring is important for cybersecurity because:

it helps in early detection of threats and vulnerabilities.

it reduces the need for cybersecurity professionals.

it eliminates all cyber threats.

it is a regulatory requirement only.

RESPONSE: Why is it important to have a pre-defined communication plan in the Respond function?

To ensure clear and efficient communication during a response

To allow for spontaneous decision-making

To increase the number of communication channels

To reduce the need for training

PROTECT: The role of security awareness training in the Protect function is to:

Enhance staff skills in identifying a hacking attempt

Educate employees on security best practices

Improve social engineering attempts

The main activities in the Recover function of NIST are:

Planning and improving resilience and recovery

Detecting and monitoring bad hombres

RECOVER: A business continuity plan is important in cybersecurity recovery because it:

ensures that critical business functions continue during and after a disaster.

focuses solely on preventing cyber attacks.

eliminates the need for cybersecurity measures.

is only necessary for large corporations.

Lessons that should be learned from a cybersecurity incident recovery include:

Social Engineering is the number one reason for coporate data loss.

Training on how to respond to a cyber incident is vital to sucess.

Continuous Training staff to identify social engineering patterns is a skill worth learning

which three elements of a phishing attempt are correct

asks you to update your personal infomation threatens loss of access if you don't act requests you to click or open an attachment

Urgency threat of access loss if you don't act bad breath

Your a winner! unsolicited email from another country

Tells you to pick up your clothes unusual time to receive an email demanding tone

What is an Intrusion Detection System (IDS) used for?

Detecting and monitoring suspicious network activity

Preventing unauthorized software downloads

Why are data backups important in cybersecurity?

They allow recovery of lost or encrypted data after a cyberattack

They prevent cyberattacks from happening

They make sharing sensitive data safer

hey are only useful for legal compliance

What is the NIST and ED Law 2d standard for employee access to sensitive data?

The level of sensitive data access is strictly determined by required job duties

Education level determines access to sensitive data.

Access to sensitive data is determined by Department Heads

Access to sensitive data access should be determined based on every possible scenario I may need

What role does a Security Information and Event Management (SIEM) system play? Get it right and gain 10 points!

It analyzes and aggregates security logs to detect threats

What is business continuity planning (BCP)? Get it right and get 10 points!

A plan to keep operations running during and after a cybersecurity incident

What is the purpose of an incident response plan?

To provide a structured approach to handling security incidents

What is endpoint security?

Security measures to protect individual devices from cyber threats

What should be included in an incident report?

Type of incident, affected systems, timeline, actions taken, and recommendations

Type of vulnerability what happened why it happened whose in trouble

The people involved The amount of money paid The time we were down The lost revenue

Type of Incident affected people actions considered people contacted

What is the difference between a vulnerability and a threat? Get it right get 10 points!

A vulnerability is a weakness, while a threat is something that exploits it

What is behavioral analysis in cybersecurity?

A software/Hardware that can detect when a user or device is acting outside standard benchmarks

A process for scheduling system updates

A subtle way to train employees on company policies

A systematic process of randomly sampling network user activity for anomalies

What is the purpose of a risk assessment?

To determine where a corporations risk is and steps they can take to mitigate those risks

To identify critical finance platforms, assess and report on corporate ability to repel and recover from a cyber attack

To keep the auditors happy and off my back

To assess and protect critical business platfroms with a super backup solution

Cybersecurity Core Functions-QUIZ

Authored by Christopher Lynch

Information Technology (IT)

Professional Development

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

27 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 2 pts

RESPONSE: What are the key steps in an effective response plan?

Identify the threat, assess the impact, develop a strategy, implement the plan, review and revise

Identify the threat, plan for impact, develop a strategy, implement the plan, review and revise

Identify the threat, assess the impact, develop a strategy, implement the plan

Identify the threat, assess the impact, develop a strategy, plan, review and revise

MULTIPLE CHOICE QUESTION

30 sec • 2 pts

IDENTITY: The five core functions of the NIST Cybersecurity Framework are:

Prepare, Prevent, Respond, Mitigate, Restore

Identify, Protect, Detect, Respond, Recover

Plan, Execute, Monitor, Control, Close

Assess, Implement, Evaluate, Report, Improve

MULTIPLE CHOICE QUESTION

30 sec • 2 pts

The purpose of a risk assessment in the Identify function is to:

Identify potential risks and vulnerabilities.

Identify who is responsible

Recover from security breaches.

Respond to security incidents.

MULTIPLE CHOICE QUESTION

30 sec • 3 pts

PROTECT: What are the key security measures in the Protect function of NIST?

Access Control, Awareness and Training, Data Security, Information Protection Processes and Procedures, Maintenance, and Protective Technology

Risk Assessment, Risk Management Strategy, Supply Chain Risk Management

Protecting from Anomalies and Events, through Continuous Monitoring, Detection Processes

Response Planning, Communications, Analysis, Mitigation, Improvements

MULTIPLE CHOICE QUESTION

30 sec • 2 pts

IDENTIFY: Why is asset management critical in the Identify function of NIST?

Asset management helps in identifying and managing cybersecurity risks to systems, people, assets, data, and capabilities.

Asset management is critical to the Recovery function of NIST.

Asset management only deals with allocating financial assets properly

Asset management is only about maintaining an monitoring the inventory of assets.

MULTIPLE SELECT QUESTION

45 sec • 2 pts

The purpose of forensic analysis in the response process is to:

usually useless to solving the problem

Identify the cause of a security breach

improve the ability to repel a similar future attack

Improve the time it takes to shutdown a network.

MULTIPLE CHOICE QUESTION

30 sec • 2 pts

The primary goal of the Detect function in the NIST framework is to:

Identify cybersecurity events in a timely manner

Protect data from unauthorized access

Respond to detected cybersecurity events

Recover from cybersecurity incidents

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

22 questions

EXAMEN Cuestionario de MongoDB

Quiz

•

Professional Development

25 questions

Social Media in School Library

Quiz

•

Professional Development

25 questions

Funciones Básicas Microsoft Word

Quiz

•

Professional Development

26 questions

IBM-Gathering

Quiz

•

Professional Development

29 questions

Cyber Segurança - 03

Quiz

•

Professional Development

30 questions

BTUI'24 - Inter-school ICT Quiz - Preliminary Round

Quiz

•

Professional Development

30 questions

2. TEST sul Malware e sistemi di protezione

Quiz

•

Professional Development

22 questions

Cloud Computing and AWS Services Worksheet

Quiz

•

Professional Development

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Information Technology (IT)

44 questions

Would you rather...

Quiz

•

Professional Development

20 questions

Black History Month Trivia Game #1

Quiz

•

Professional Development

12 questions

Mardi Gras Trivia

Quiz

•

Professional Development

14 questions

Valentine's Day Trivia!

Quiz

•

Professional Development

7 questions

Copy of G5_U5_L14_22-23

Lesson

•

KG - Professional Dev...

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

11 questions

NFL Football logos

Quiz

•

KG - Professional Dev...

12 questions

Valentines Day Trivia

Quiz

•

Professional Development