Copiar y Editar

Cyber Security Test-1

Descripción

Test sobre Cyber Security Test-1, creado por Bishal Jena el 05/10/2023.
Bishal Jena
Test por Bishal Jena, actualizado hace 9 meses
Bishal Jena
Creado por Bishal Jena hace 9 meses
89
1
0

Resumen del Recurso

Pregunta 1

Pregunta
Security is a state or quality of being secure to be free from--------------.
Respuesta
  • Vulnerability
  • Attack
  • Threat
  • Danger

Pregunta 2

Pregunta
Which term among the following is correct?
Respuesta
  • Cybersecurity
  • Cyber-security
  • cyber security
  • All are correct

Pregunta 3

Pregunta
What does “cyber” meanin the context of Information Technology?
Respuesta
  • Software
  • Hardware
  • Network
  • Online World

Pregunta 4

Pregunta
Cyber security affects individuals, organizations, society and --------------------
Respuesta
  • Government
  • Institution
  • Department
  • Firms

Pregunta 5

Pregunta
Choose the odd one
Respuesta
  • Phishing attack
  • Denial of Service attack
  • SQL Injection
  • Man in the middle attack
  • Importing data

Pregunta 6

Pregunta
Restricting unauthorized access and misuse of physical assets helps in achieving physical security of an organization.
Respuesta
  • True
  • False

Pregunta 7

Pregunta
Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment , organization and
Respuesta
  • users’ cyber assets
  • user personal information
  • cyberspace
  • resource

Pregunta 8

Pregunta
The general security objectives comprise -------------------,Availability and Integrity
Respuesta
  • Confidentiality
  • Accountability
  • Authorization
  • Authentication

Pregunta 9

Pregunta
Network security involves protection of items, objects, or facilities.
Respuesta
  • True
  • False

Pregunta 10

Pregunta
What term describes the quality or state of ownership or control of information?
Respuesta
  • confidentiality
  • possession
  • authenticity
  • integrity

Pregunta 11

Pregunta
Fill in the blanks The McCumber Cube has -------------------dimensions with -------cells representing areas that must be addressed to secure today’s information systems.
Respuesta
  • 7 and 21
  • 4 and 27
  • 3 and 18
  • 3 and 27

Pregunta 12

Pregunta
------------------is a weakness or fault in a system or protection mechanism that opens it to attack or damage.
Respuesta
  • Threat
  • Vulnerability
  • Risk
  • Attack

Pregunta 13

Pregunta
Which of the following is not a component of an organization’s Information System? (1) Software (2) Vendors (3) People (4) Government (5) ISPs
Respuesta
  • 1&3
  • 1,2 &4
  • 4 & 5
  • 2,4, & 5

Pregunta 14

Pregunta
True or False: The person responsible for the storage, maintenance, and protection of information is the data custodian.
Respuesta
  • True
  • False

Pregunta 15

Pregunta
Biometric data collected from users is used for-------------------------------------------- process.
Respuesta
  • Authentication
  • Authorization
  • Accountability
  • Privacy

Pregunta 16

Pregunta
Select the right options of the C.I.A. triad (1) Assurance that information is shared only among authorized people or organizations (2) Assurance that the information is complete and uncorrupted (3) Assurance that information systems and the necessary data are not available for use when needed
Respuesta
  • (1) True (2) False (3) True
  • (1) False (2) False (3) True
  • (1) True (2) True (3) True
  • (1) True (2) True (3) False

Pregunta 17

Pregunta
Match the following:
Image:
Cs (binary/octet-stream)
Respuesta
  • A-1, B-3, C-4, D-2, E-5
  • A-3, B-4, C-5, D-1, E-2
  • A-5, B-4, C-3, D-2, E-1
  • A-1, B-2, C-3, D-4, E-5

Pregunta 18

Pregunta
Who are responsible for the security and use of a particular set of information?
Respuesta
  • Data users
  • Data exporter
  • Data custodians
  • Data owner

Pregunta 19

Pregunta
True or False: If information has a state of being genuine or original and is not a fabrication, it has the characteristic of authenticity.
Respuesta
  • True
  • False

Pregunta 20

Pregunta
Which of the following terms best describe the specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls?
Respuesta
  • Blueprint
  • NIST handbook
  • An information security framework
  • Security plan

Pregunta 21

Pregunta
True or False: SP 800-18, Guide for Developing Security Plans, is considered the foundation for a comprehensive security blueprint and framework.
Respuesta
  • True
  • False

Pregunta 22

Pregunta
One of the foundations of security architectures is the requirement to implement security in layers. This layered approach is referred to as:
Respuesta
  • managerial controls
  • security domain
  • redundancy
  • defense in depth

Pregunta 23

Pregunta
Control Objectives for Information and Related Technologies is a framework created by ------ for information technology (IT) management and -------------
Respuesta
  • HIPPA, & Information officer
  • SO, & Security officer
  • ISACA, & IT governance
  • CISO, & Chief officer

Pregunta 24

Pregunta
Three approaches to cyber security management are 1. Governance-Risk-Compliance (GRC) approach 2. --------------------------------------------------- 3. Organizational planning approach
Respuesta
  • Information-driven approach
  • Security-driven approach
  • Standards-driven approach
  • Procedure-driven approach

Pregunta 25

Pregunta
SO/IEC 27032:2012 involves guidelines for -----------------
Respuesta
  • Network security
  • Cyber security
  • Risk Management
  • Governance of information security

Pregunta 26

Pregunta
The five goals of information security governance are 1. -----------------of information security with business strategy to support organizational objectives 2. ---------------- by executing appropriate measures to manage and mitigate threats to information resources 3. -----------------by utilizing information security knowledge and infrastructure efficiently and effectively 4. -----------------by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved 5. -----------------by optimizing information security investments in support of organizational objectives. A. Strategic alignment B. Risk management C. Resource management D. Performance measurement E. Value delivery Match the following
Respuesta
  • 1-B,2-C,3-D,4-C,5-A,
  • 1-C,2-B,3-A,4-B,5-E
  • 1-E,2-C,3-A,4-B,5-D
  • 1-A,2-B,3-C,4-D,5-E,

Pregunta 27

Pregunta
Match ISO Series with the corresponding topic (A) 27000 (1)Series Overview and Terminology (B) 27003 (2)Information Security Management Systems Implementation Guidelines (C) 27004 (3) Information Security Measurements and Metrics (D) 27005 (4) ISMS Risk Management (E) 27006 (5) Requirements for Bodies Providing Audit and Certification of ISMS
Respuesta
  • A-1, B-2,C-3, D-4, E-5
  • A-4, B-2, C-3, D-1, E-5
  • A-2,B-1,C-3,D-5,E-4
  • A-3,B-2,C-1,D-5,E-4

Pregunta 28

Pregunta
(1)------------------ is authorized by policy from senior management and is usually carried out by senior IT and information security executives, such as the(2)---------and-(3)-------
Respuesta
  • 1- ISG 2- CIO, 3- CISO
  • 1-CO,2, 2-CIO,3- CISO
  • 1-CISO, 2-CIO, 3-CO
  • 1-CISO, 2-ISG, 3-CO

Pregunta 29

Pregunta
Which term is used to describe detailed statements of what must be done to comply with policy?
Respuesta
  • Policies
  • Standards
  • Ethics
  • Governance

Pregunta 30

Pregunta
Management must use -------------------as the basis for all information security planning, design, and deployment.
Respuesta
  • Standards
  • Procedures
  • Policies
  • Best business practices

Pregunta 31

Pregunta
Which type of planning ensures that critical business functions continue if a catastrophic incident or disaster occurs?
Respuesta
  • Business continuity planning (BCP)
  • Contingency planning (CP)
  • Business resumption planning (BRP)
  • Disaster recovery planning (DRP)

Pregunta 32

Pregunta
-------------- policy can be separated into two general groups (a) managerial guidance and (b) technical specifications. Select the correct options
Respuesta
  • Systems-Specific Security
  • Issue-Specific Security
  • Enterprise Information Security
  • None of these

Pregunta 33

Pregunta
The actions taken during and after a disaster falls under ----------------
Respuesta
  • Impact assessment
  • Risk management
  • Crisis management
  • Both (a) & (b)

Pregunta 34

Pregunta
Special Publication 800-14 of the National Institute of Standards and Technology (NIST) defines three types of security policy and chooses the
Respuesta
  • Violations of Policy, Business continuity planning, Response planning
  • A disaster recovery, Incident response planning, and Business continuity planning
  • Issue-specific security, Systems-specific security, Enterprise information security
  • Enterprise information security, Violations of Policy, Response planning

Pregunta 35

Pregunta
What are the elements of a business impact analysis? 1. Threat attack identification 2. Business unit analysis 3. Attack success scenario development 4. Potential damage assessment 5. Subordinate plan classification 6. Risk management 7. Disaster management The elements of a business impact analysis are:
Respuesta
  • 1,2,3,4,5 correct
  • 1,2,3,5,6 correct
  • 2,3,5,6,7 correct
  • All are correct

Pregunta 36

Pregunta
Access control lists (ACLs) that govern the rights and privileges of users consist of the 1. User access lists, 2. Matrices, 3. Capability, and 4. Dedicated hardware Choose the correct answer
Respuesta
  • 1,2,3,4 are true
  • 1,2,3 are true
  • Only 4 is true
  • All are true

Pregunta 37

Pregunta
The instructions a system administrator codes into a server, networking device, or a device to specify how it operates is called
Respuesta
  • Administration rule
  • Configuration rules
  • Networking rules
  • Security rule

Pregunta 38

Pregunta
Information security safeguards focus on administrative planning, organizing, leading, and controlling and that are designed by strategic planners and implemented by the organization’s security administration. These safeguards include governance and risk management together known as
Respuesta
  • Managerial controls
  • Operational controls
  • Technical controls
  • None of these

Pregunta 39

Pregunta
A lattice-based access control with rows of attributes associated with a particular subject such as a user is called
Respuesta
  • Access control matrix
  • Capabilities table
  • Configuration table
  • All of above

Pregunta 40

Pregunta
What type of policy addresses specific areas of technology, requires frequent updates, and contains a statement on the organization’s position on a specific issue?
Respuesta
  • Enterprise information security policy (EISP)
  • Systems-specific security policy (SysSP)
  • Automated policy (AP)
  • Issue-specific security policy (ISSP)

Pregunta 41

Pregunta
What are the defence strategies’ three common methods? 1. Application of policy 2. Education and training 3. Business impact analysis 4. Risk management 5. Application of technology Choose the correct answer.
Respuesta
  • 1,2,3
  • 1,2,4
  • 2,4,5
  • 1,2,5

Pregunta 42

Pregunta
Policy administrator is responsible for ----------- 1. creation, 2. revision, 3. implementation 4. distribution, and 5. storage of policy in an organization. Choose the correct option
Respuesta
  • 1,2
  • 3
  • 3,4
  • 5

Pregunta 43

Pregunta
Which type of policy is frequently codified as standards and procedures to be used when configuring or maintaining systems?
Respuesta
  • Enterprise information security policy (EISP)
  • Systems-specific security policy (SysSP)
  • Automated policy (AP)
  • Issue-specific security policy (ISSP)

Pregunta 44

Pregunta
Which of the following is used to direct how issues should be addressed and technologies must be used in an organization?
Respuesta
  • policies
  • standards
  • ethics
  • governance

Pregunta 45

Pregunta
The boundary in the network within which an organization attempts to maintain security controls for securing information from threats from untrusted network areas is called ----
Respuesta
  • Security peripheral
  • Security perimeter
  • Security measure
  • Security principle

Pregunta 46

Pregunta
Consider the following statements 1. Statement of Purpose -What the policy is for 2. Information Technology Security Elements – Defines information security 3. Need for Information Technology Security – Justifies the irrelevance of information security in the organization 4. Information Technology Security Responsibilities and Roles - Defines organizational overall business planning and security investment plan. Identify the components of the EISP
Respuesta
  • 3, 4
  • 2, 3, 4
  • 1, 2
  • all are true

Pregunta 47

Pregunta
Access Control Lists specify 1. who can --------the system 2. what ---------users can access 3. when authorised users can --------the system 4. where authorised users can access the system from Chose the correct words or expressions to fill in the blanks, in sequence:
Respuesta
  • use, authorised, access
  • authorised, access, create
  • authorised, access, use
  • administer, access, accountable

Pregunta 48

Pregunta
The goals of (A)------------------------------ are: 1.------------------ of information security with business strategy to support organizational objectives 2 ------------------ by executing appropriate measures to manage and mitigate threats to information resources 3. ------------------ by using information security knowledge and infrastructure efficiently and effectively Choose the correct answer:
Respuesta
  • A-Financial security gov, 1- Tactical alignment, 2- Performance mgmt., 3- Resource mgmt.,
  • A-Information security governance,1-Strategic alignment, 2- Risk mgmt., 3- Resource mgmt.
  • A-Data security gov, 1-Operational management, 2- Resource mgmt., 3- Risk mgmt.,
  • A-Bord of governance,1-Operational alignment, 2- Risk mgmt., 3- Resource mgmt

Pregunta 49

Pregunta
Match 1 & 2 with A& B following 1. Residual risk 2. Risk appetite A: The risk to information assets that remains even after current controls have been applied. B: The quantity and nature of risk that organizations are willing to accept as they evaluate the trade-offs between perfect security and unlimited accessibility. Choose the correct answer:
Respuesta
  • 1-A, 2-B
  • 1-B, 2-A

Pregunta 50

Pregunta
True or False: The information technology community of interest must assist in risk management by configuring and operating information systems in a secure fashion.
Respuesta
  • True
  • False

Pregunta 51

Pregunta
The process of examining how each threat will affect an organization is called:
Respuesta
  • Risk assessment
  • Data classification
  • Threat assessment
  • Vulnerability classification

Pregunta 52

Pregunta
The probability that a specific vulnerability within an organization will be the target of an attack is known as:
Respuesta
  • Loss Magnitude
  • Manageability
  • Likelihood
  • Practicability

Pregunta 53

Pregunta
The calculation of the value associated with the most likely loss from an attack is called:
Respuesta
  • Annualised Rate of Occurrence (ARO)
  • Annualised Loss Expectancy (ALE)
  • Cost Benefit Analysis (CBA)
  • Single Loss Expectancy (SLE)

Pregunta 54

Pregunta
----------------------is the formal assessment and presentation of the economic expenditures needed for particular security control, contrasted with its projected value to the organization.
Respuesta
  • Feasibility analysis
  • Cost-benefit analysis
  • Risk-benefit analysis
  • Economic impact analysis

Pregunta 55

Pregunta
A document that compares the relative importance of prioritised assets to prioritised threats and highlights any weaknesses in the asset/threat pairs.
Respuesta
  • Threats-Vulnerabilities document
  • Threats-Vulnerabilities-Assets (TVA) worksheet
  • Threats-Vulnerabilities-Assets log file
  • Attack Vulnerability Asset document

Pregunta 56

Pregunta
Match the following: (A) Internal Used for the most sensitive corporate information that must be tightly controlled, even within the company. Access to information with this classification is strictly on a need-to-know basis or as required by the terms of a contract. Information with this classification may also be referred to as “sensitive” or “proprietary.” (B) Confidential Used for all internal information that does not meet the criteria for the confidential category. Internal information is to be viewed only by corporate employees, authorized contractors, and other third parties. (C) External All information that has been approved by management for public release.
Respuesta
  • A-2, B-1, C-3
  • A-1, B-2, C-3
  • A-3, B-2, C-1
  • A-1, B-3, C-2

Pregunta 57

Pregunta
------------------- varies among organisations because they maintain different balances between the expense of controlling vulnerabilities and the possible losses if the vulnerabilities are exploited. The key for each organisation is to find the proper balance in its decision-making and feasibility analyses, to use experience and facts instead of ignorance or wishful thinking.
Respuesta
  • Risk appetite
  • Risk control
  • Residual Risk
  • Risk Assessment

Pregunta 58

Pregunta
Malware dictation Software has its own (Asset) internal personnel database behind a firewall. Industry reports indicate a 5 % chance of an attack. The information security and IT departments report that if the organization is attacked, the attack has a 15 % chance of success based on current asset vulnerabilities and protection mechanisms. The asset is valued at a score of 35 on a scale of 0 to 100, and information security and IT staff expect that 60 % of the asset would be lost or compromised by a successful attack, because not all of the asset is stored in a single location. You estimate that the assumptions and data are 90 % accurate. Calculating Risk.
Respuesta
  • 0.1575
  • 0.1733
  • 0.2887
  • 0.5575

Pregunta 59

Pregunta
xyzbuy.com has an estimated value of Rs 50,00,000, as determined by an asset valuation and a cracker defacement scenario indicates that a deliberate act of sabotage or vandalism could damage 25 per cent of xyzbuy.com, then the single loss expectancy for the xyzbuy.com would be?
Respuesta
  • 16,50,000
  • 15,20,000
  • 11,11,000
  • 12,50,000

Pregunta 60

Pregunta
Which VPN technology uses leased circuits from a service provider and conducts packet switching over these leased circuits?
Respuesta
  • Secure VPN
  • Hybrid VPN
  • Trusted VPN
  • Transport VPN

Pregunta 61

Pregunta
The biometric technology criteria that describe the number of legitimate users who are denied access because of a failure in the biometric device in known as
Respuesta
  • False reject rate
  • False accept rate
  • Crossover error rate
  • Accountability rate

Pregunta 62

Pregunta
True or False: All traffic exiting from the trusted network should be filtered.
Respuesta
  • True
  • False

Pregunta 63

Pregunta
What term is used to describe decoy systems designed to lure potential attackers away from critical systems?
Respuesta
  • Trap
  • Honeypot
  • Trace
  • Sniffer

Pregunta 64

Pregunta
True or False: Signature-based IDPS technology is widely used because many attacks have clear and distinct signatures.
Respuesta
  • True
  • False

Pregunta 65

Pregunta
The method by which systems determine whether and how to admit a user into a trusted area of the organization is known as
Respuesta
  • Attribute
  • Accountability
  • Access control
  • Audibility

Pregunta 66

Pregunta
------------------denotes the rate at which fraudulent users or nonusers are allowed access to systems or areas as a result of a failure in the biometric device. This failure is also known as --------------
Respuesta
  • False reject rate, Type I error
  • False accept rate, Type 2 error
  • False accept rate, Type I error
  • False reject rate, Type 2 error

Pregunta 67

Pregunta
Fill in the blank ------------------denotes the rate at which authorised users are denied access to systems or areas as a result of a failure in the biometric device. This failure is also known as ------------. Choose the correct option
Respuesta
  • False reject rate, Type I error
  • False accept rate, Type 2 error
  • False accept rate, Type I error
  • False reject rate, Type 2 error

Pregunta 68

Pregunta
Match the following A. Thresholds 1 Signature-based detection B. Blacklists and whitelists: 2 Anomaly-based detection C. Alert settings: 3 Detection-related related programs D. Code viewing and editing: 4 Specifying which prevention capabilities Choose the correct option
Respuesta
  • A-2, B-3, C-1, D-4
  • A-2, B-1, C-3, D-4
  • A-1, B-2, C-3, D-4
  • A-2, B-1, C-4, D-3

Pregunta 69

Pregunta
Choose the right option to fill in the blanks (1) --------------- initiates network traffic to find and evaluate service ports whereas (2) ---------------- uses traffic from the target network segment to evaluate the service ports available from hosts on that segment.
Respuesta
  • 1-active vulnerability scanners, 2-passive vulnerability scanners
  • 1-passive vulnerability scanners, 2-active vulnerability scanners

Pregunta 70

Pregunta
Which of the following terms describes the process of making and using codes to secure the transmission of information?
Respuesta
  • Algorithm
  • Cryptography
  • Steganography
  • Cryptanalysis

Pregunta 71

Pregunta
What is term is used to describe a cryptographic method that incorporates mathematical operations involving both a public key and a private key to encipher or decipher a message?
Respuesta
  • Private-key encryption
  • Symmetric encryption
  • Advanced Encryption Standard (AES)
  • Asymmetric encryption

Pregunta 72

Pregunta
A substitution cipher that incorporates two or more alphabets in the encryption process is called-------------------
Respuesta
  • Monoalphabetic substitution
  • Block cipher substitution
  • Stream cipher substitution
  • Polyalphabetic substitution

Pregunta 73

Pregunta
The current standard for the encryption of data, as specified by NIST --------- is based on the Rijndael algorithm, which was developed by Vincent Rijmen and Joan Daemen.
Respuesta
  • DES
  • RSA
  • AES
  • Message Digest

Pregunta 74

Pregunta
True or False: Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny.
Respuesta
  • True
  • False

Pregunta 75

Pregunta
Limited-use symmetric keys for temporary communications during an online session is called
Respuesta
  • Session keys
  • One-time padding
  • AES
  • DES

Pregunta 76

Pregunta
Match the folowing
Image:
W8 Q7n (binary/octet-stream)
Respuesta
  • A-3, B-5, C-4, D-1, E-2
  • A-2, B-1, C-4, D-5, E-3
  • A-4, B-2, C-3, D-1, E-1
  • A-5, B-2, C-3, D-1, E-4

Pregunta 77

Pregunta
Suppose that everyone in a group of N people wants to communicate secretly with the N-1 others using a symmetric key cryptographic system. Communication between any two persons should not be decodable by others in the group. The number of keys required in the system as a whole to satisfy the confidentiality requirement is
Respuesta
  • 2N
  • N(N-1)
  • N(N-1)/2
  • (N-1)2

Pregunta 78

Pregunta
Decrypt the following message if it was encrypted using a shift cipher with a shift of 3. Message: NPTELINFORMATION
Respuesta
  • Q S W H O L Q I R U P W L R Q
  • Q S W H O L Q I T U P W L R Q
  • Q S W F O L Q I R V P W L R Q
  • Q S W H O L Q I R V P W L R Q

Pregunta 79

Pregunta
------------security protocols are used to protect e-mail
Respuesta
  • SMTP
  • HTTPS
  • S/MIME, PEM, and PGP
  • Telnet

Pregunta 80

Pregunta
What is the most popular encryption system used over the Web?
Respuesta
  • Diffie Hellman key exchange
  • RSA
  • Block cipher
  • DES

Pregunta 81

Pregunta
What is the maximum fine for GDPR non-compliance?
Respuesta
  • EUR 10mn or 2% global turnover
  • EUR 15mn or 3% global turnover
  • EUR 20mn or 4% global turnover
  • EUR 25mn or 5% global turnover

Pregunta 82

Pregunta
Richards and Solove (2007) suggest that while the American derivation of general privacy is grounded in one's --------------------
Respuesta
  • inviolate personality
  • violate personality
  • serious personality
  • funny personality

Pregunta 83

Pregunta
Cohenretism treats privacy as a
Respuesta
  • Permission
  • Order
  • Freedom
  • Distinct right

Pregunta 84

Pregunta
True/ or False? Confidentiality is concerned with the externalization of restricted but accurate information to a specific entity.
Respuesta
  • True
  • False

Pregunta 85

Pregunta
Being observed, while the subject doesn’t know is
Respuesta
  • Panopticon
  • Transparency
  • Prevention
  • Anonymity

Pregunta 86

Pregunta
Concerns for Information Privacy (CFIP) has four constructs. Which is a construct that is not part of the CFIP?
Respuesta
  • Collection
  • Unauthorized access
  • Autonomy
  • Errors

Pregunta 87

Pregunta
According to --------------------- privacy is not a distinct value concept because it could be conceptually reduced to other values, like liberty
Respuesta
  • Coherentism
  • Reductionism
  • Privacy
  • Security

Pregunta 88

Pregunta
……………… determines the purposes and means of processing personal data
Respuesta
  • Data fiduciary
  • Data processor
  • Data principle
  • Data users

Pregunta 89

Pregunta
A IPL team management contracts a market research specialist team to carry out players satisfaction survey. The IPL team specifies the budget and the deadline, but the market research team determines sample sizes and interview methods. The market research team decides which player to select for the interview, what information will be collected, how the information will be collected, and how the information will be presented to the IPL team management. Who is the data controller in this situation?
Respuesta
  • An IPL team management
  • Market research firm
  • Both a & b are controllers
  • None of them are controllers

Pregunta 90

Pregunta
Fair Information Practice (FIP) principles were developed the United States in response to increasing privacy concerns resulting from massive computerization. What is an issue FIP does not address?
Respuesta
  • secret record-keeping systems
  • access by data subject to information stored in record keeping systems
  • ability by data subject to correct errors in one’s own data
  • data localization

Pregunta 91

Pregunta
GDPR makes provisions for the individual member states to add their own exemptions
Respuesta
  • True
  • False

Pregunta 92

Pregunta
The GDPR introduces a new data protection principle that requires organizations to
Respuesta
  • demonstrate compliance with the principles
  • optional compliance with the privacy regulation
  • flexibility to report data protection breaches
  • accept data breaches

Pregunta 93

Pregunta
In which of these circumstances could a data subject exercise their right to be forgotten?
Respuesta
  • Where they have withdrawn consent for data processing
  • Where the data is no longer necessary for the purposes for which it was collected
  • Where erasure is necessary to comply with a legal obligation
  • All are true
  • All are false

Pregunta 94

Pregunta
According to GDPR a group of companies or public authorities may appoint a single data protection officer to represent them all
Respuesta
  • True
  • False

Pregunta 95

Pregunta
--------------------- is a system for publicly sharing information about a dataset by describing the patterns of groups within the dataset while withholding information about individuals in the dataset.
Respuesta
  • Differential privacy (DP)
  • Privacy calculus
  • Privacy paradox
  • Privacy theory

Pregunta 96

Pregunta
A release of data is said to have the k-anonymity property if the information for each person contained in the release cannot be distinguished from at ---------individuals whose information also appears in the release
Respuesta
  • least k−1
  • least k+1
  • least k +/- 1
  • least k*1

Pregunta 97

Pregunta
consider the diagram: In the First wave of the economic theory of privacy, work did not consist of formal economic models, but rather general ------------around the value or the damage that individuals, and society, may incur when personal information is protected, thereby making potentially useful information unavailable to the marketplace Choose the correct answer:
Image:
W10 Q8 (binary/octet-stream)
Respuesta
  • information privacy
  • economic arguments
  • economic value
  • economic benefit

Pregunta 98

Pregunta
The economics of privacy concerns the tradeoffs associated with the balancing of --------------------spheres between individuals, organizations, and governments.
Respuesta
  • public and private
  • internal and external
  • low and high
  • individual vs group

Pregunta 99

Pregunta
The goal of privacy-preserving data mining is to develop data mining methods without increasing the risk of misuse of the ---------
Respuesta
  • privacy
  • data
  • anonymity
  • Privacy-related content
  • database

Pregunta 100

Pregunta
___________ is a dichotomy between a person’s intention to protect their online privacy versus how they actually behave online and as a result compromise their privacy
Respuesta
  • Privacy paradox
  • Privacy calculus
  • Differential calculus
  • Coherentism

Pregunta 101

Pregunta
The personal data that has been de-identified, ----------------but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.
Respuesta
  • pseudonymized
  • decrypted
  • Anonymize
  • Secrete

Pregunta 102

Pregunta
The area of philosophy that examines the basis for moral judgment, as well as its nature, standards, sources, and logic, is called ------------------
Respuesta
  • Moral principle
  • Moral value
  • Ethics
  • Law

Pregunta 103

Pregunta
Choose the correct option that represents HIPAA’s fundamental principle
Respuesta
  • Producer control of medical information
  • No restrictions on how medical data may be used
  • Accountability to maintain the privacy of specified types of information
  • Balance of public responsibility for the use of medical information for the greater good measured against no impact on the individual
  • Security of health information

Pregunta 104

Pregunta
True or False: The cornerstone of many current computer-related criminal laws in the US is the Computer Fraud and Abuse Act of 1986.
Respuesta
  • True
  • False

Pregunta 105

Pregunta
Which one of these activities falls outside the scope of the GDPR?
Respuesta
  • processing for marketing purposes
  • processing for domestic and household purposes
  • processing for the purposes of crime and investigations
  • processing for the purposes of journalism literature and art

Pregunta 106

Pregunta
What types of information are covered by the GDPR? 1. Personal data 2. Data related to the public domain 3. All data of a person that can be identified by their identifier, directly or indirectly 4. Garbage data Choose the correct option.
Respuesta
  • 1,2
  • 2,4
  • 1,3
  • 4,3

Pregunta 107

Pregunta
Which of the following are not GDPR fundamental rights?
Respuesta
  • The right to be informed, the right of access
  • The ability to learn from mistakes, the freedom to transfer data
  • The right to object, rights related to automated decision-making
  • All are correct

Pregunta 108

Pregunta
Match topics of interest to IT Professionals with US Laws (A) Cryptography (1) Electronic Communications Privacy Act (B) IP (2) Federal Privacy Act (C) Encryption and digital signatures (3) No Electronic Theft Act amends (D) Privacy (4) Security and Freedom through Encryption Act Choose the correct option
Respuesta
  • A-3, B-1, C-4, D-2.
  • A-4, B-3, C-1, D-2.
  • A-1, B-3, C-4, D-2.

Pregunta 109

Pregunta
INDIAN COPYRIGHT ACT was drafted in --------------------by Shalu Gothi and Daisy Jain
Respuesta
  • 2000
  • 1857
  • 1957
  • 1967

Pregunta 110

Pregunta
What is the software that comes hidden in free downloadable software and tracks your online movements, mine the information stored on your computer or use your computer’s CPU and storage for some task you know nothing about?
Respuesta
  • Weblog
  • Clickstream
  • Anonymous web browsing service
  • None of above

Pregunta 111

Pregunta
What are the primary examples of public law?
Respuesta
  • Criminal, administrative, and constitutional law
  • Civil, Legislative and public service
  • IPC, administrative, service, constitutional law
  • All are the primary examples of public law.

Pregunta 112

Pregunta
The Aadhaar project is the world’s largest national identity project, launched by the government of India, which seeks to collect the following data about residents and store these in a centralized database.
Respuesta
  • Biometric data
  • Demographic data of residents
  • Life style data of citizens
  • All of these

Pregunta 113

Pregunta
Personal Data Protection Bill 2019 had the following provision. (1) Provide for the protection of the privacy of individuals relating to their personal data, (2) Specify demerits of the flow and usage of personal data, (3) Create a mysterious relationship of trust between persons and entities processing personal data, (4) Protect the fundamental rights of individuals whose personal data are processed Choose which of the options listed above are false?
Respuesta
  • 1,2,3
  • 2,3
  • 1,4
  • 1,2

Pregunta 114

Pregunta
The Aadhaar Act attempts to create a method for--------------- of individuals so as to provide services, subsidies and other benefits to the residents of the country.
Respuesta
  • Identification
  • Authentication
  • Authorization
  • Accountability

Pregunta 115

Pregunta
------------------- gathers personally identifying information from Aadhaar holders, prepares the data for transmission, and receives the authentication.
Respuesta
  • System Terminal
  • Barcode reader
  • Authentication device
  • RFID

Pregunta 116

Pregunta
According to standard notions of digital authentication, a security principal (a user or a computer), while requesting access to a service, must provide two independent pieces of information, which are:
Respuesta
  • Identity and Authentication.
  • Verification and Authentication
  • Validation and Authorization
  • Validation and Authentication

Pregunta 117

Pregunta
Identity provides an answer to the question ------------------ Anonymity is when nobody knows who you are but potentially, they know ---------------------------
Respuesta
  • how are you? & how you do
  • who are you? & what you do
  • how are you feeling? & what you do
  • who are you? & what you know about others

Pregunta 118

Pregunta
Which of the following is odd about Aadhaar authentication?
Respuesta
  • It enables authentication using a One-Time-Password (OTP) issued to the resident's listed email address or cellphone number in the CIDR.
  • It enables authentication combining OTP, fingerprint, and iris authentication for residents.
  • It offers a 2-factor authentication with OTP as one factor and multimodal biometric as the second factor for authenticating residents.
  • It enables Aadhaar authentication by matching Aadhaar numbers and demographic attributes of residents.

Pregunta 119

Pregunta
Personal Data Protection Bill sought to ensure privacy rights of the individual. Select the odd option
Respuesta
  • Obtain confirmation from the fiduciary on whether their personal data has been processed
  • Seek correction of inaccurate, incomplete, or out-of-date personal data
  • Have personal data transferred to any other data fiduciary in certain circumstances
  • Restrict continuing disclosure of their personal data by a fiduciary, if it is no longer necessary Or consent is withdrawn
  • Provide advice on security safeguards like data encryption

Pregunta 120

Pregunta
Which of the following act enforces individual privacy in online space, after scrapping a similar bill:
Respuesta
  • PDP Bill 2018
  • Digital Personal Data Protection Bill 2023
  • GDPR
  • IT Act, 2000
Mostrar resumen completo Ocultar resumen completo

¿Quieres crear tus propios Tests gratis con GoConqr? Más información.

Similar

Introducción a la Biología
Denisse Higareda
Test de Matemáticas para el GMAT (en Inglés)
Diego Santos
Integrales Indefinidas
Rupert012
CAE Gapped Sentences
Emilio Alonsooo
Química inorgánica: Conceptos Básicos
Diana Lizeth Ruiz A
PRUEBA DE MATEMÁTICAS GRADO ONCE
jennydaza28
Sistema Nervioso
Carlos Enrique Armas Montoro
HISTORIA: HECHOS, PERSONAJES...
Ulises Yo
ANÁLISIS MORFOLÓGICO...
Ulises Yo
Unit 1. Databases and electronic libraries for English Studies
mgr UNED
Unidad 3: Fase 4 - Análisis de Sistemas de Manufactura
Julio Cesar Hernández Giraldo
Explorar la Librería