Cybersecurity Intro Coursera Notes

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

A security professional is auditing user permissions at their organization in order to ensure employees have the correct access levels. Which domain does this scenario describe?

Security assessment and testing

An organization requires its employees to complete a new data privacy training program each year to reduce the risk of a data breach. What is this training requirement an example of?

Security control

A cybersecurity analyst needs to collect data from multiple places to analyze filtered events and patterns. What type of tool should they use?

Security information and event management (SIEM)

You are asked to investigate an alert related to an unknown device that is connected to the company's internal network. After you complete your investigation, you follow company policies and procedures to implement preventative measures that will stop the potential threat posed by the device. Which security domain is this scenario related to?

Security operations

What are some of the primary purposes of security frameworks? Select three answers

Managing organizational risks Protecting PII data Identifying security weaknesses

Which ethical principle describes safeguarding personal information from unauthorized use?

Privacy protection

An employee trained to handle PII and SPII leaves confidential patient information unlocked in a public area. Which ethical principles does this violate? Select all that apply.

This violates laws, confidentiality, and privacy protections.

What can cybersecurity professionals use logs for?

To identify vulnerabilities and potential security breaches

Fill in the blank: A key aspect of the CIA triad is ensuring that data is correct, _____, and reliable.

authentic

Fill in the blank: Linux relies on a(n) _____ as the primary user interface.

command line

Fill in the blank: A _____ is malicious code written to interfere with computer operations and cause damage to data.

computer virus

Fill in the blank: Social engineering is a manipulation technique that exploits _____ error to gain access to private information.

human

What tool is designed to capture and analyze data traffic within a network?

A packet sniffer, also known as a network protocol analyzer, is a tool designed to capture and analyze data traffic within a network.

Fill in the blank: A _____ is a manual that provides details about operational actions.

A playbook is a manual that provides details about operational actions. Playbooks provide guidance when handling a security incident before, during, and after it has occurred.

A security professional is asked to destroy and dispose of old hard drives that include confidential customer information. Which security domain is this task related to?

Asset security

Which domain involves securing digital and physical assets, as well as managing the storage, maintenance, retention, and destruction of data?

Asset security

What are some key benefits of programming languages? Select all that apply.

Complete repetitive tasks with a high degree of efficiency Can be used to create a specific set of instructions for a computer to execute tasks Execute repetitive processes very accurately

Which of the following tasks are part of the security and risk management domain? Select all that apply

Compliance Business continuity Defining security goals and objectives

Which of the following tasks may be part of the identity and access management domain? Select three answers.

Ensuring users follow established policies Managing and controlling physical and logical assets Setting up an employee's access keycard

You work for a U.S.-based utility company that suffers a data breach. Several hacktivist groups claim responsibility for the attack. However, there is no evidence to verify their claims. What is the most ethical way to respond to this incident?

Improve the company's defenses to help prevent future attacks.

You are helping your security team consider risk when setting up a new software system. Using the CIA triad, you focus on confidentiality, availability, and what else?

Integrity

What are some key benefits of using Python to perform security tasks? Select all that apply.

It saves time It helps ensure accuracy.

Which of the following statements accurately describe the NIST CSF? Select all that apply.

Its purpose is to help manage cybersecurity risk. It is a voluntary framework. Security teams use it as a baseline to manage risk.

Fill in the blank: Privacy protection means safeguarding _____ from unauthorized use.

Privacy protection means safeguarding personal information from unauthorized use. Ensuring user permissions are correct helps prevent individuals from accessing protected information that they are not authorized to access.

A security professional is optimizing data security by ensuring that effective tools, systems, and processes are in place. Which domain does this scenario describe?

Security architecture and engineering

Your supervisor asks you to audit user permissions for payroll data to ensure no unauthorized employees have access to it. Which security domain is this audit related to?

Security assessment and testing

A security professional overhears two employees discussing an exciting new product that has not been announced to the public. The security professional chooses to follow company guidelines with regards to confidentiality and does not share the information about the new product with friends. Which concept does this scenario describe?

Security ethics

A security professional receives an alert that an unknown device has connected to their organization's internal network. They follow policies and procedures to quickly stop the potential threat. Which domain does this scenario describe?

Security operations

(T/F) Security teams use the NIST Cybersecurity Framework (CSF) as a baseline to manage short and long-term risk.

True

As a security analyst, you are monitoring network traffic to ensure that SPII data is not being accessed by unauthorized users. What does this scenario describe?

Using a network protocol analyzer (packet sniffer)

For what reasons might disgruntled employees be some of the most dangerous threat actors? Select two answers.

because they often know where to find sensitive information, can access it, and may have malicious intent.

Fill in the blank: Examples of security _____ include security and risk management and security architecture and engineering.

domains

A security _____ is a set of guidelines used for building plans to help mitigate risk and threats to data and privacy.

framework

Fill in the blank: Linux is an open-source _____ that can be used to examine logs.

operating system

Fill in the blank: Security professionals use _____ to help them manage a security incident before, during, and after it has occurred.

playbooks

Fill in the blank: A security professional has been tasked with implementing strict password policies on workstations to reduce the risk of password theft. This is an example of _____.

security controls

Which of the following statements correctly describe logs? Select two answers.

A log is a record of events that occur within an organization's systems. A business might log each time an employee signs into their computer

The _____ spread globally within a couple of months due to users inserting a disk into their computers that was meant to track illegal copies of medical software.

Brain virus

What is a foundational model that informs how organizations consider risk when setting up systems and security policies?

Confidentiality, integrity, and availability (CIA) triad

What is programming typically used for? Select two answers.

Create a specific set of instructions for a computer to execute tasks Complete repetitive tasks and processes

Which of the following tasks can be performed using SIEM tools? Select three answers.

Providing alerts for specific types of risks and threats Collecting and analyzing data Helping security analysts identify potential breaches

T/F: A playbook is a manual that only provides details about how to respond to an incident.

False: A playbook is a manual that provides details about any operational action, including incident response, security or compliance reviews, access management, and many other organizational tasks that require a documented process from beginning to end.

Which of the following are core components of security frameworks? Select two answers.

Identifying and documenting security goals Monitoring and communicating results

A security professional conducts internal training to teach their coworkers how to identify a social engineering attack. What types of security issues are they trying to avoid? Select all that apply.

Malicious software being deployed Phishing attacks Employees inadvertently revealing sensitive data

You receive a text message on your personal device from your manager stating that they cannot access the company's secured online database. They're updating the company's monthly party schedule and need another employee's birth date right away. Your organization's policies and procedures state that employee information should never be accessed or shared through personal communication channels. What should you do?

Respectfully decline, then remind your manager of the organization's guidelines.

What type of tool uses dashboards to organize data into categories and allows analysts to identify potential security incidents as they happen?

SIEM tools use dashboards to organize data into categories and allow analysts to identify potential security incidents, such breaches, as they happen.

What do security professionals use to interact with and request information from a database?

Structured Query Language (SQL)

Fill in the blank: A database is a _____ of organized data stored in a computer system.

collection


Ensembles d'études connexes

Microbiology Ch. 9-Introduction to Microbial Genetics

View Set

acc 331 CHPT 9: Business income, business deductions, and accounting methods

View Set

IOWA DRIVER'S LICENSE PRACTICE TEST

View Set

Chapters 12, 13 and 14 Study Guide Exam Review Questions

View Set

Martini's Essentials of Anatomy & Physiology, Ch. 5: The Integumentary System

View Set

Human growth and development test 4: Attachment & Temperment

View Set