All Weeks Cybersecurity Foundations for Risk Management Quiz Answers
Table of Contents
All Quiz Answers of Cybersecurity Foundations for Risk Management Week 02 Quiz Answers
Quiz for the Introduction to Cybersecurity Module 1.1 Quiz Answers
Q1. Which of the following is not a term that is part of the history of cybersecurity?
- information security
- computer security
- cyberdefense
- IT security
Q2. Which of these is the best definition of cybersecurity?
- The protection of computer systems through the application of good security practices.
- The application of improved security practices to protect information on cyber-related systems.
- The protection of information in all of its forms, wherever it may exist, through the application of good security practices.
- The protection of information when it is used on a computer system or cybernetic network through the application of good security practices.
Q3. Which if these is not one of the identified good security practices?
- cybersecurity policy
- cybersecurity programming
- cybersecurity technology
- cybersecurity training and awareness
Key Concepts in Cybersecurity – Part 1 (Quiz 1.1.2) Quiz Answers
Q1. The three core characteristics of information are what give it value. Which of these is not one of those characteristics?
- authenticity
- integrity
- availability
- confidentiality
Q2. In the context of cybersecurity, _____ is the right of the individual or group to protect themselves and their information from unauthorized access.
- privacy
- aggregation
- utility
- possession
Q3. A threat to privacy is information ______ where adversaries assemble of a portfolio of information from a number of different sources which can be assembled to create a more complete picture of an individual.
- privacy
- aggregation
- utility
- possession
Key Concepts in Cybersecurity – Part 2 (Quiz 1.1.3) Quiz Answers
Q1. _____ are those information-based items of value to the organization.
- information assets
- database
- loss
- threats
Q2. _____ are events or circumstances that have the potential to adversely affect operations and assets.
- information assets
- database
- loss
- threats
Q3. A technique used to compromise a system is known as a(n) ____.
- exploit
All Quiz Answers of Cybersecurity Foundations for Risk Management Week 03 Quiz Answers
Threats to Cybersecurity – Module 1.2 Quiz Answers
Q1. Any event or circumstance that has the potential to adversely affect operations and assets is known as a(n) ______.
- threat
- spike
- fault
- patent
Q2. The creation, ownership, and control of original ideas, as well as the representation of those ideas, is known as _____.
- intellectual property
- information extortion
- property rights
- right to privacy
Q3. When power is interrupted for a long term (called an outage) it is called a _____.
- blackout
- brownout
- surge
- sag
Forces of Nature, Human Error or Failure & Information Extortion (Quiz 1.2.2) Quiz Answers
Q1. Forces of _____ are also known as force majeure, or acts of God, includes natural disasters, fires, floods, earthquakes, lightning strikes.
- Comment Correct Answer Below
Q2. When an employee or other stakeholder of an organization, makes a mistake, that’s called _____.
- human error
- social engineering
- force of nature
- human nature
Q3. If someone tricks a user into sharing their credentials, by pretending to be someone that the user would trust that’s called _____.
- human error
- social engineering
- force of nature
- privilege escalation
Sabotage or vandalism, Software attacks & Technical hardware failures (Quiz 1.2.3) Quiz Answers
Q1. The threat category known as _____ includes malware such as viruses, worms, macros, as well as denial of service attacks and script injections.
- software attacks
- sabotage
- vandalism
- information extortion
Q2. _____ software looks like legitimate software but is either malware in disguise or legitimate software embedded with malware
- loanware
- trojan horse
- open source
- greenware
Q3. An attack that attempts to overwhelm a computer target’s ability to handle incoming communications is known as _____.
- denial of service
- a virus
- a worm
- spam
Technical Hardware Failure, Technical Software Failure, Technological Obsolescence, and Theft (Quiz1.2.4) Quiz Answers
Q1. The category of threat that represents a situation where, for some reason, our technology equipment fails is known as _____.
- technical hardware failure
- mean time until failure
- network unit failure
- technical software failure
Q2. The category of threat that represents a situation where, for some reason, our programming or operating systems fail is known as _____.
- technical hardware failure
- mean time until failure
- technological obsolesence
- technical software failure
Q3. The category of threat that represents a situation where we must rely on technology that cannot be easily replaced is known as _____.
- technical hardware failure
- mean time until failure
- technological obsolesence
- technical software failure
All Quiz Answers of Cybersecurity Foundations for Risk Management Week 04 Quiz Answers
Cybersecurity Management (Module Quiz 1.3) Quiz Answers
Q1. In a manager’s decisional role they _____.
- collect, process, and use information in order to complete cybersecurity objectives
- interact with their bosses, employees, co-workers, other organizational stakeholders, and basically anyone involved with or affected by the cybersecurity function
- make choices by selecting from among alternatives and they resolve conflicts, dilemmas, or challenges related to cybersecurity
- unilaterally direct all employee compter uses in the organization
Q2. Management and leadership are interchangeable and have the same necessary skills.
- True
- False
Q3. Controlling is _____.
- the activity that focuses on the structuring of resources
- the administration of employees, making sure you have the right number of people, as well as the right skills within your staff to do the work
- communicating your plans to your employees, and making sure they are working to help achieve the department’s goals
- making sure that the department and it’s employees are making progress towards the objectives that you specified during planning and making sure any problems that come up are solved
Cybersecurity Roles and Responsibilities – Lesson 1.3.2 Quiz Answers
Q1. Cybersecurity professionals have to have _____.
- technical skills
- an abilty to able to discuss cybersecurity with non-technical managers
- an ability to gather requirements from non-technical managers
- all of these are required
Q2. The _____ develops the strategic plans for the cybersecurity function.
- CIO
- CFO
- CISO
- CEO
Q3. The job with the title of _____ is frequently called on to manage the day-to-day operations of security technology as well as to assist in training programs, developing policies.
- CISO
- cybersecurity manager
- security technician
- security administrator
Cybersecurity Governance – Lesson Quiz Answers
Q1. The responsibility for the entire cybersecurity program should rests solely on the CISO or VP for Cybersecurity.
- True
- False
Q2. In recent years, there is a strong trend to make cybersecurity the responsibility of _____.
- the highest ranking computer manager
- a middle-level manager
- the highest ranking security executive
- the upper levels of management to include the boards of directors
Q3. _____ is an approach to cybersecurity management requiring direct oversignt by the board of directors or senior management.
- Governance, risk management, and compliance (GRC)
- People, plans, and practices (PPP)
- Information technology governance inference (ITGI)
- Computing governance tehnical framework (CGTF)
Planning for Cybersecurity (Lesson Quiz 1.3.4) Quiz Answers
Q1. What is a system development lifecycle or SDLC approach?
- An approach to plan the hiring of a new systems manager.
- A way to develop a new personnel evaluation approach.
- A framework used to hire a design consultant.
- A methodology for the design and implementation of a system or program.
Q2. The _____ phase of the SecSDLC begins with instructions from upper management specifying the process, outcomes, and goals of the project as well as its budget and other constraints.
- analysis
- implementation
- design
- investigation
Q3. The _____ phase of the SecSDLC is where the components of the recommended program are acquired, tested, implemented, and retested.
- analysis
- implementation
- design
- investigation
Planning for Cybersecurity Contingencies (Lesson Quiz 1.3.5) Quiz Answers
Q1. What are ‘non-normal’ operations?
- What our organization does when the unexpected happens
- What our organization does when customers are unhappy
- What our organization does in routine operations
- What out organization does when there are no tasks to be done immediately
Q2. Contingency planning is accomplished with all of the following except _____.
- good luck
- technical measures
- plans
- procedures
Q3. Crisis management planning is focused on the _____.
- recovery of business data
- people aspects of incidents or disasters
- resumption of IT services
- resumption of customer revenue
All Quiz Answers of Cybersecurity Foundations for Risk Management Week 05 Quiz Answers
Understanding Cybersecurity Risk and Risk Management Module Quiz Answers
Q1. In cybersecurity, risk is focused on the loss of confidentiality, integrity, and availability of information assets.
- True
- False
Q2. The probability that a specific vulnerability within an organization will be attacked by a threat is called _____.
- Likelihood
- Impact
- Residual
- Reslilience
Q3. The consequence of a loss from the outcome of a successful attack on an information asset, known as the “magnitude of harm” is known as the _____.
- likelihood
- impact
- result
- influence
Understanding Risk Management (Lesson Quiz 1.4.2) Quiz Answers
Q1. _____ can be defined as the quantity and nature of risk that the organization is willing to accept as it evaluates the trade-offs between security and accessibility.
- Residual risk
- Risk avoidance
- Persistent risk
- Risk appetite
Q2. _____ can be defined as the risk you have left after you’re done reducing risk to an acceptable level.
- Residual risk
- Risk avoidance
- Persistent risk
- Risk appetite
Q3. In the risk management methodology, finding where and what is the risk is known as _____.
- risk identification
- risk isolation
- risk treatment
- risk evaluation
Risk Management Team Roles and Responsibilities (Lesson Quiz 1.4.3) Quiz Answers
Q1. The _____ is a high-level executive who can ensure that all subordinate managers will support the effort, without territory disputes, in-fighting, and other political games that can jeopardize the program.
- project manager
- assessment specialist
- champion
Q2. The team that will perform the risk management assessment and recommends remediations, where shortcomings are found is known as the _____ team.
- RM intermediation
- RM factors
- RM Framework
- RM process
Q3. Threat assessment – also known as threat intelligence is used to review the valuation of the assets that may be at risk.
- True
- False
Final Course Assessment Quiz Answers
Some Questions of Final Course Assessment Quiz is already covered in the above module quiz, use ctrl+f to find questions instantly.
Q1. A(n) _____ is an instance of an information asset suffering damage or destruction, unintended or unauthorized modification or disclosure, or denial of use.
- information event
- data spill
- loss
- threat outcome
Q2. Potential weaknesses in an asset or its defensive control systems are known as _____.
Q3. _____ is the unauthorized entry into the real or virtual property of another party.
- Trespass
- Interception
- Collusion
- Espionage
Q4. If an adversary can increase their level of access by changing the type of access they have from user, to administrator, that’s called _____.
- human error
- social engineering
- force of nature
- privilege escalation
Q5. When an adversary steals your information, then tries to blackmail you into paying for it’s return it is known as _____.
- ransomfail
- phishing
- data mashing
- information extortion
Q6. _____ are malicious software elements designed to infect a user’s computer and either steal information and send it to the attacker, or damage, destroy or deny service to the computers.
- viruses and worms
- clickbait
- cookies
- spam
Q7. An attack in which an attacker intercepts a communications stream between two users or systems and inserts himself in the conversation is known as a(n) _____ attack.
- denial of service
- virus
- man in the middle attack
- spam
Q8. Which of these is not one of the three general categories of Cybersecurity policy?
- Network Usage Policies (NUPs)
- Enterprise policy (EISP or ECSP)
- Issue-Specific Security Policies (ISSPs)
- System-Specific Policies (SysSPs)
Q9. Those cybersecurity professional that define cybersecurity can_____.
- handle planning, policy and risk management
- create security solutions
- administer or operate cybersecurity program elements
- handle day-to-day monitoring and operations
Q10. Thos cybersecurity proffessional that build cybersecurity can _____.
- handle planning, policy and risk management
- create security solutions
- administer or operate cybersecurity program elements
- perform day-to-day monitoring and operations
Q11. Cybersecurity governance, if properly implemented, can yield _____ benefits
- some
- significant
- few
- no
Q12. The ISO 27014:2013 is the ISO 27000 series standard for _____.
- governance of information security
- risk management
- compliance to standards
- disaster recovery
Q13. Where does the name ‘waterfall model’ come from?
- It is an acronym for the phases in the model.
- It is the name of the person who first developed the model.
- The work products of each phase fall into the next phase to serve as its starting point.
- The first project it was used on was a redevelopment project for a waterfall
Q14. The BIA is also known as the _____.
- Business Impact Assay
- Business Impact Analysis
- Business Influence Assessment
- Business Integration Analysis
Q15. Crisis management planning is focused on the _____.
- recovery of business data
- people aspects of incidents or disasters
- resumption of IT services
- resumption of customer revenue
Get All Quiz Answers of Cybersecurity Risk Management Frameworks Specialization
Cybersecurity Foundations for Risk Management Quiz Answers
A General Approach to Risk Management Coursera Quiz Answers
Dominant Risk Management Standards and Frameworks Quiz Answers
Implementing a Risk Management Framework Coursera Quiz Answers