foundations of Cybersecurity
Which of the following statements accurately describe personally identifiable information (PII) and sensitive personally identifiable information (SPII)? Select all that apply.
- PII is any information used to infer an individual's identity. - An example of PII is someone's phone number. - An example of SPII is someone's biometric data.
What were the key impacts of the Equifax breach? Select two answers.
-millions of customers' PII was solen - the significant consequences of a breach became more apparent
Fill in the blank: A security _____ is a set of guidelines used for building plans to help mitigate risk and threats to data and privacy.
Framework
An individual has their personal information stolen. They discover that someone is using that information to impersonate them and commit fraud. What does this scenario describe?
Identity Theft
Question 2 What are the primary responsibilities of an entry-level security analyst? Select three answers.
protect information, monitor systems !!!!!!!!! one more
An organization requires its employees to complete a new data privacy training program each year to reduce the risk of a data breach. What is this training requirement an example of?
security control
In what ways do security teams bring value to an organization? Select two answers.
- Achieving regulatory compliance -Protecting against external and internal threats
Fill in the blank: An organization that is in regulatory compliance is likely to _____ fines.
Avoid
Fill in the blank: A computer virus is malicious _____ that interferes with computer operations and causes damage.
Code
Fill in the blank: Examples of security _____ include security and risk management and security architecture and engineering.
Domains
A security professional investigates an alert about an unknown user accessing a system within their organization. What is the purpose of computer forensics in this situation?
Identify, analyze, and preserve criminal evidence
What is one way that the Morris worm helped shape the security industry?
It led to the development of computer response team
Fill in the blank: Security information and event _____ (SIEM) tools enable security professionals to identify and analyze threats, risks, and vulnerabilities.
Management
What occurs during a security audit?
Review of an organization's security records, activities, and other related documents
Which of the following entities may be an internal threat to an organization? Select three answers.
Trusted Partners Vendors Employees
An individual is in their first job as an entry-level security professional. They apply the problem-solving proficiencies that they learned in past roles to their current security career. What does this scenario describe?
Using Transferable skills
A security professional is asked to destroy and dispose of old hard drives that include confidential customer information. Which security domain is this task related to?
asset security
What is a foundational model that informs how organizations consider risk when setting up systems and security policies?
conf
Fill in the blank: Cybersecurity is the practice of ensuring _____ by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.
confidentiality, integrity, and availability of information
Fill in the blank: Cybersecurity aims to protect networks, devices, people, and data from _____ or unauthorized access.
criminal Exploitation
Social engineering, such as phishing, is a manipulation technique that relies on computer error to gain private information, access, or valuables
false because it relies on human error
Fill in the blank: Performing _____ enables security professionals to review an organization's security records, activities, and related documents.
security Audits
You are asked to investigate an alert related to an unknown device that is connected to the company's internal network. After you complete your investigation, you follow company policies and procedures to implement preventative measures that will stop the potential threat posed by the device. Which security domain is this scenario related to?
security Operations
Your supervisor asks you to audit user permissions for payroll data to ensure no unauthorized employees have access to it. Which security domain is this audit related to?
security assessment and testing