Which of the following cybersecurity roles is charged with the duty of managing incidents and remediation?
Board of directors
Executive committee
Cybersecurity management
Cybersecurity practitioners
Choose three. According to the NIST cybersecurity framework, which of the following are considered key functions necessary for the protection of digital assets?
Encrypt
Protect
Investigate
Recover
Identify
Which of the following is the best definition for cybersecurity?
The process by which an organization manages cybersecurity risk to an acceptable level
The protection of information from unauthorized access or disclosure
The protection of paper documents, digital and intellectual property, and verbal or visual communications
Protecting information assets by addressing threats to information that is processed, stored or transported by internetworked information systems
Three common controls used to protect the availability of information are:
redundancy, backups and access controls.
encryption, file permissions and access controls.
access controls, logging and digital signatures.
hashes, logging and backups
Select all that apply. Governance has several goals, including:
providing strategic direction.
ensuring that objectives are achieved.
verifying that organizational resources are being used appropriately.
directing and monitoring security activities.
ascertaining whether risk is being managed properly
The protection of assets from ________ is a primary concern for security in general.
breaches
malware
threats
controls
Select all that apply - With respect to technology, many factors can impact security, such as:
Level of IT complexity
Network connectivity (e.g., internal, third-party, public)
Specialist industry devices/instrumentation
Nature of business
Platforms, applications and tools used
Industry-specific compliance requirements and regulations
Operational support for security
Select All that apply - When evaluating business plans and the general business environment, consider drivers, such as:
Risk tolerance
Risk assessments
Security mission, vision and strategy
Industry alignment and security trends
_______________ deals with information, regardless of its format—it encompasses paper documents, digital and intellectual property in people’s minds, and verbal or visual communications.
Information security
Cybersecurity
______________ deals with with protecting digital assets—everything encompassed within network hardware, software and information that is processed, stored within isolated systems or transported by internetworked information environments.
Information Security
This term uses organizational understanding to minimize risk to systems, assets, data and capabilities.
Detect
Respond
This term helps design safeguards to limit the impact of potential events on critical services and infrastructure
Implement activities to identify the occurrence of a cybersecurity event.
Take appropriate action after learning of a security event.
Plan for resilience and the timely repair of compromised capabilities and services.
___ is the protection of information from unauthorized access or disclosure
Confidentiality
Integrity
Availability
___ is the protection of information from unauthorized modification.
___ ensures the timely and reliable access to and use of information and systems.
Personal, financial and medical information require a higher degree of ___ than the minutes of a staff meeting.
The ___ of digital information can be maintained using several different means, including access controls, file permissions and encryption.
If a bank transfers $10,000 to another financial institution, it is important that the amount does not change to $100,000 during the exchange. This is an example of:
The ___ of digital assets can be controlled and verified by logging, digital signatures, hashes, encryption and access controls.
___ can be protected by the use of redundancy, backups and implementation of business continuity management and planning
___ looks to the chief information security officer (CISO) or other senior cybersecurity manager to define the information security program and its subsequent management.
Board of Directors
Executive Management
Senior Information Security Managment
Cybersecurity Practitioners
The individual who oversees information security and cybersecurity (CISO, CSO, or Cybersecurity Manager).
Senior Information Security Management
Check all that apply - Generally, the cybersecurity manager (Senior Information Security Management) will be responsible for:
Developing the security strategy
Overseeing the security program and initiatives
Coordinating with business process owners for ongoing alignment
Ensuring that risk and business impact assessments are conducted
Implement and manage processes and technical controls
Security architects, administrators, digital forensics, incident handlers, vulnerability researchers, and network security specialists.
What is the correct order of Cybersecurity Roles from Top to bottom
1. Board of Directors 2. Senior Information Security Management 3. Executive Management 4. Cybersecurity Practitioners
1. Board of Directors 2. Executive Management 3. Senior Information Security Management 4. Cybersecurity Practitioners