CSX Cybersecurity Fundamentals Quiz
Detailed procedures
A business continuity plan (BCP) is not complete unless it includes:
On a regular basis
Risk assessments should be performed:
Insecure protocols could result in a compromise of privileged user credentials
Virtual systems should be managed using a dedicated virtual local area network (VLAN) because:
Wireless Protected Access 2 (WPA2)
Which of the following offers the strongest protection for wireless network traffic?
System-centric
A cybersecurity architecture designed around the concept of a perimeter is said to be:
Stateful
A firewall that tracks open connection-oriented protocol sessions is said to be:
Physical
A passive network hub operates at which layer of the OSI model?
Emergent
An interoperability error is what type of vulnerability?
Business needs
Business continuity plans (BCPs) associated with organizational information systems should be developed primarily on the basis of:
Segmented network
Consists of two or more security zones.
Eradication
During which phase of the six-phase incident response model is the root cause determined?
Planning
During which phase of the system development lifecycle (SDLC) should security first be considered?
Asymmetric key encryption is used to securely obtain symmetric keys
In practical applications:
Chain of custody
Maintaining a high degree of confidence regarding the integrity of evidence requires a(n):
Core business functions
Outsourcing poses the greatest risk to an organization when it involves:
Operate in specialized environments and often have non-standard design elements
Securing Supervisory Control and Data Acquisition (SCADA) systems can be challenging because they:
Payload
The attack mechanism directed against a system is commonly called a(n):
Malicious code
Under the US-CERT model for incident categorization, a CAT-3 incident refers to which of the following?
Homogeneous
Updates in cloud-computing environments can be rolled out quickly because the environment is:
Heuristic
What kind of anti-malware program evaluates system processes based on their observed behaviors?
At the perimeter, to allow for effective internal monitoring
Where should an organization's network terminate virtual private network (VPN) tunnels?
Nonrepudiation
Which cybersecurity principle is most important when attempting to trace the source of malicious activity?
Standards
Which of the following interpret requirements and apply them to specific situations?
Threat and vulnerability
Which two factors are used to calculate the likelihood of an event?
Users
Who has the greatest influence over access security in a password authentication environment?