
Cybersecurity Leadership & Operations Quiz
Authored by Soufiane Elhamdani
Computers
University
Used 1+ times

AI Actions
Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...
Content View
Student View
15 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
A Chief Information Security Officer (CISO) is establishing a new cybersecurity program. Which of the following should be developed FIRST to provide the overall direction, scope, and tone for the organization's security efforts?
Security procedures
System security baselines
An information security policy
A patch management schedule
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
An organization has identified a vulnerability in a legacy system. The cost to fix the vulnerability is estimated to be 150,000$. The cybersecurity team′s analysis shows the maximum potential loss from this vulnerability is only 5,000$ , with a low probability of occurrence. The leadership team decides not to apply a patch or implement any new controls. What risk management strategy is being applied?
Risk transference
Risk avoidance
Risk mitigation
Risk acceptance
3.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A security manager installs a firewall to block unauthorized network traffic from entering the company's internal network. What type of control is a firewall?
Corrective and administrative
Detective and physical
Preventive and technical
Recovery and operational
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
To reduce the potential for successful cyberattacks, a security team is tasked with identifying and eliminating all non-essential services, open ports, and unnecessary user accounts on its public-facing servers. This practice is a core component of:
Risk transference
Attack surface management
Incident response
Business continuity planning
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A software vendor has just released a critical security update for a zero-day vulnerability that is being actively exploited. Which of the following is the MOST appropriate immediate action for a cybersecurity leader to direct?
Wait for the next scheduled maintenance window to apply the patch.
Perform an emergency change request to test and deploy the patch.
Commission a third-party penetration test to validate the vulnerability.
Update the security policy to reflect the new threat.
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A system administrator is hardening a new server before it is deployed to the production environment. The administrator uses a standardized checklist to ensure all security settings are configured to a specific, secure state. This standardized state is known as a:
Security baseline
Maintenance window
Risk register
Security policy
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A company has a policy that all employees must complete mandatory security awareness training annually. From a governance perspective, what type of control is this training?
Physical
Technical
Administrative
Corrective
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever
or continue with

Microsoft
%20(1).png)
Apple
Others
Already have an account?