Cybersecurity
From the following list, select all the possible warning signs of social engineering attacks.
Criminals often impersonate others and offer free giveaways in emails, texts, or webpages to encourage people to give up personal information or click a malicious link.v
How does a cybersecurity exploit threaten the safety of a system?
It is a tool or technique for taking advantage of a system vulnerability to cause harm.
Which of the following statements describes a keylogger most accurately?
It is surveillance malware that captures confidential information through keyboard input.
Describe the goals of the respond (RS) function of the NIST Cybersecurity Framework. More than one answer may be correct.
The RS function calls on organizations to create and employ procedures that allow quick action given a cybersecurity event to ensure proper steps are taken to mitigate damage and prevent a more manageable event from becoming a widespread attack on IT infrastructures.
Describe steps in cybersecurity risk analysis. More than one answer may be correct.
The first step in a risk analysis is identification and valuation of an organization's information assets. The second step is to estimate potential costs and losses per security incident, which include costs of malware attacks, fees and penalties associated with data breaches, and lost revenue. It is important to understand the probability of each type of security threat.
Why is it important to preserve the integrity of data, information, and systems?
These assets lose their usefulness and value if their consistency, accuracy, or dependability is compromised.
What do all cybersecurity threats have in common?
They are connected to the loss of information, software, or hardware.
What is the goal of the planning phase of the plan-protect-respond cycle?
Understand common threats that an organization may face and determine how vulnerable they are to such threats.
What is the "DE" function in the National Institute of Standards Technology (NIST) Cybersecurity Framework?
detect function
Although bothersome, seeing multiple ads for products you have searched is never considered an invasion of privacy.
false
Authenticating the identity of a user, process, or device serves one purpose: to prevent unauthorized access to an organization's assets or resources.
false
California's SB-327 for IoT requires companies to anonymize collected data to protect consumer privacy.
false
In cybersecurity risk analysis, PML (probable maximum loss) is used to
help determine spending needed to adequately secure an organization's IT infrastructure.
What does the General Data Protection Regulation (GDPR) regulate?
how companies protect personal data
Which of the NIST Cybersecurity Framework functions investigates an organization's cybersecurity management in the context of their business needs and resources?
identify (ID) function
Cybersecurity threat mitigation is best defined as the policies, procedures, and tools that help an organization
identify cybersecurity threats, prevent them from being realized, and minimize damage from them.
An email that appears to be from a legitimate company is most likely to be a social engineering cybersecurity attack if
it contains a link to a free offer that seems too good to be true.
To properly authenticate, or verify, the identity of authorized users and protect assets from unauthorized users, it is essential to
keep user logins and passwords confidential.
One surveillance technology that relies on how the user enters data is a
keylogger.
Which of the following is a goal of confidentiality as defined by the CIA triad?
making sure the right people have access to secure information
Which of the following acts is an example of social engineering?
manipulating people in order to obtain and misuse their personal information
What does the identify (ID) function of the NIST Cybersecurity Framework focus on?
organizational understanding of how to manage cybersecurity risks
Which of the following is a goal of an information technology disaster recovery plan (IT DRP)?
outline specific recovery times for information technology to resume after an issue occurs
What part of the plan-protect-respond cycle is occurring when an organization limits access to sensitive documents on a server to only those with the required security clearance?
protect
Which threat to cybersecurity can only come from outside an organization?
ransomware
A cybersecurity exploit allows a hacker or intruder to
remotely access a network, gain privileges, and make unauthorized changes.
Which of the NIST Cybersecurity Framework functions calls for quick action on the part of an organization's cybersecurity team to mitigate damage to systems?
respond (RS) function
In what stage of the plan-protect-respond cycle forensic analysis conducted?
responding stage
If an organization's automated backup system is vulnerable to data loss or corruption, its cybersecurity vulnerability is a weakness or flaw in its
software.
What is the meaning of the term "social engineering" in the area of cybersecurity?
the act of manipulating or tricking people into sharing confidential, personal information
Which of these online functions are most susceptible to MitM attacks? More than one answer may be correct.
third-party financial services
What is the goal of the NIST Cybersecurity Framework Protect (PR) function?
to help protect an organization's IT infrastructure from security breaches by offering guidelines on IT infrastructure protection
Hacking into an organization's email servers is a crime that can be prosecuted under the Stored Communications Act.
true
A benign Internet robot that gathers data is called a(n)
web crawler.
In which situation should the origin of information be authenticated to protect data integrity?
when electronic votes are submitted during an election
According to the CIA triad, in which of the following examples is an organization ensuring data integrity? More than one answer may be correct.
A company deactivates the username and passwords of former employees in bulk on a monthly basis.
Which of the following statements explains why a rootkit poses a cybersecurity threat? More than one answer may be correct.
A rootkit can easily be detected by the user.
Most organizations require employees to login in to view files that are posted to a shared drive, allowing different access to the files based on employee position within the organization and preventing unauthorized employees or other people from accessing all files. This is an example of which of the following tools that ensure confidentiality? More than one answer may be correct.
Authentication, encryption, and access controls are all tools that corporations use to ensure their information remains confidential.
Which of the following statements best illustrates why a rootkit is described as creating a back door?
Like an intruder coming through a back door, a rootkit allows an unknown user into an operating system.
Why is data that is located in the RAM of a device considered data in transit?
RAM only holds data and instructions temporarily; nothing is permanently stored in RAM.
Which of these statements support the assertion that MitMo is a growing security risk? More than one answer may be correct.
The sheer numbers of mobile devices, which function similarly to computers, gives cybercriminals another broadly available opportunity.
Which of the following is an example of a task that might be completed during the planning stage of the plan-protect-respond cycle? More than one answer may be correct.
Understanding what flaws exist and the current state of vulnerability and penetration testing are all examples of tasks that need to be completed during the planning stage of the plan-protect-respond cycle.
Why is establishing authentication procedures a common cybersecurity goal?
Verifying that users are authorized to access systems, data, and resources is fundamental to preventing their unauthorized use.
Which of the following is an example of an activity that would be useful during the planning stage of the plan-protect-respond cycle?
Which of the following is an example of an activity that would be useful during the planning stage of the plan-protect-respond cycle?
Who is responsible for calculating probable maximum loss?
a company's cybersecurity analysts
Software-based keyloggers often infect a system through
a malicious email or link opened by an unsuspecting user.
Conrad was disturbed to find evidence of applications he did not download, system configurations unexpectedly altered, and files mysteriously that disappeared and moved. Which cybersecurity threat best explains the problems he was having?
a rootkit
The Stored Communications Act prohibits which activity?
accessing the communications of an organization without authorization
Which of the following would be prohibited under the Electronic Communications Protection Act?
an employee leaking confidential emails they were not authorized to receive
What is a cybersecurity threat?
an event or condition that can lead to IT asset loss and the negative consequences of such loss
What are the three categories of the detect (DE) function of the NIST Cybersecurity Framework?
analysis, observation, detection
Social engineering is used to target people whom
are not cautious about giving out confidential or sensitive information.
Which of the elements of the CIA triad does properly maintaining all hardware serve?
availability
Spyware's basic function is to
capture the user's account data, passwords, keystrokes, and more.
Where are data in transit found?
on a cellular network
Ransomware is typically introduced into a network by a ________ and to an individual computer by a Trojan horse.
worm
Which of the following is an example of data in transit? More than one answer may be correct.
1.A person transfers documents between their laptop and mobile device. 2.A record of patients' medical histories is saved in a cloud-based data center. 3.A text message is stored on a user's mobile device.
From the following list, select all of the ways in which cybersecurity helps preserve the integrity of data, information, and systems.
1.Cybersecurity policies and procedures are designed to protect the consistency, accuracy, and dependability of these assets. 2Cybersecurity tools focus on protecting these assets while they are being transmitted, since this is when their integrity is vulnerable.
A man-in-the-mobile and a man-in-the-middle attack have what similar qualities? More than one answer may be correct.
1.Disrupting of the device operating system is a common symptom of the attack. 2.The malware relies on programming computer code.
Which of the following is an example of a tool that could be used to ensure data integrity? More than one answer may be correct.
1.checksums are used to detect errors that are introduced during transmission or storage 2.data input that is frequently reviewed by AI 3.hard copies of important datasets are kept in a locked warehouse
Which of the following is an example of data at rest? More than one answer may be correct.
1.data in a fitness tracker app that is shared with friends and family 2.an email being sent 3.backup files stored on an offsite server
The purpose of adware is to ________. More than one answer may be correct.
1.display ads to users based on their browsing behaviors 2.inhibit the occurrence of many pop-up and banner ads
Describe the categories of the Recover (RC) function of the NIST Cybersecurity Framework. More than one answer may be correct.
1.improvements to cybersecurity plans 2.improvements to cybersecurity plans
What are causes of the costs estimated included during a risk analysis? More than one answer may be correct.
1.system downtime 2.remote workers
Which of the following must remain confidential to achieve cybersecurity goals? More than one answer may be correct.
1.the specifications of the organization's IT systems 2.the value of the organization's systems, data, and information
