Cybersecurity Foundations for Risk Management Quiz Answers

All Weeks Cybersecurity Foundations for Risk Management Quiz Answers

Table of Contents

All Quiz Answers of Cybersecurity Foundations for Risk Management Week 02 Quiz Answers

Quiz for the Introduction to Cybersecurity Module 1.1 Quiz Answers

Q1. Which of the following is not a term that is part of the history of cybersecurity?

  • information security
  • computer security
  • cyberdefense
  • IT security

Q2. Which of these is the best definition of cybersecurity?

  • The protection of computer systems through the application of good security practices.
  • The application of improved security practices to protect information on cyber-related systems.
  • The protection of information in all of its forms, wherever it may exist, through the application of good security practices.
  • The protection of information when it is used on a computer system or cybernetic network through the application of good security practices.

Q3. Which if these is not one of the identified good security practices?

  • cybersecurity policy
  • cybersecurity programming
  • cybersecurity technology
  • cybersecurity training and awareness

Key Concepts in Cybersecurity – Part 1 (Quiz 1.1.2) Quiz Answers

Q1. The three core characteristics of information are what give it value. Which of these is not one of those characteristics?

  • authenticity
  • integrity
  • availability
  • confidentiality

Q2. In the context of cybersecurity, _____ is the right of the individual or group to protect themselves and their information from unauthorized access.

  • privacy
  • aggregation
  • utility
  • possession

Q3. A threat to privacy is information ______ where adversaries assemble of a portfolio of information from a number of different sources which can be assembled to create a more complete picture of an individual.

  • privacy
  • aggregation
  • utility
  • possession

Key Concepts in Cybersecurity – Part 2 (Quiz 1.1.3) Quiz Answers

Q1. _____ are those information-based items of value to the organization.

  • information assets
  • database
  • loss
  • threats

Q2. _____ are events or circumstances that have the potential to adversely affect operations and assets.

  • information assets
  • database
  • loss
  • threats

Q3. A technique used to compromise a system is known as a(n) ____.

  • exploit

All Quiz Answers of Cybersecurity Foundations for Risk Management Week 03 Quiz Answers

Threats to Cybersecurity – Module 1.2 Quiz Answers

Q1. Any event or circumstance that has the potential to adversely affect operations and assets is known as a(n) ______.

  • threat
  • spike
  • fault
  • patent

Q2. The creation, ownership, and control of original ideas, as well as the representation of those ideas, is known as _____.

  • intellectual property
  • information extortion
  • property rights
  • right to privacy

Q3. When power is interrupted for a long term (called an outage) it is called a _____.

  • blackout
  • brownout
  • surge
  • sag

Forces of Nature, Human Error or Failure & Information Extortion (Quiz 1.2.2) Quiz Answers

Q1. Forces of _____ are also known as force majeure, or acts of God, includes natural disasters, fires, floods, earthquakes, lightning strikes.

  • Comment Correct Answer Below

Q2. When an employee or other stakeholder of an organization, makes a mistake, that’s called _____.

  • human error
  • social engineering
  • force of nature
  • human nature

Q3. If someone tricks a user into sharing their credentials, by pretending to be someone that the user would trust that’s called _____.

  • human error
  • social engineering
  • force of nature
  • privilege escalation

Sabotage or vandalism, Software attacks & Technical hardware failures (Quiz 1.2.3) Quiz Answers

Q1. The threat category known as _____ includes malware such as viruses, worms, macros, as well as denial of service attacks and script injections.

  • software attacks
  • sabotage
  • vandalism
  • information extortion

Q2. _____ software looks like legitimate software but is either malware in disguise or legitimate software embedded with malware

  • loanware
  • trojan horse
  • open source
  • greenware

Q3. An attack that attempts to overwhelm a computer target’s ability to handle incoming communications is known as _____.

  • denial of service
  • a virus
  • a worm
  • spam

Technical Hardware Failure, Technical Software Failure, Technological Obsolescence, and Theft (Quiz1.2.4) Quiz Answers

Q1. The category of threat that represents a situation where, for some reason, our technology equipment fails is known as _____.

  • technical hardware failure
  • mean time until failure
  • network unit failure
  • technical software failure

Q2. The category of threat that represents a situation where, for some reason, our programming or operating systems fail is known as _____.

  • technical hardware failure
  • mean time until failure
  • technological obsolesence
  • technical software failure

Q3. The category of threat that represents a situation where we must rely on technology that cannot be easily replaced is known as _____.

  • technical hardware failure
  • mean time until failure
  • technological obsolesence
  • technical software failure

All Quiz Answers of Cybersecurity Foundations for Risk Management Week 04 Quiz Answers

Cybersecurity Management (Module Quiz 1.3) Quiz Answers

Q1. In a manager’s decisional role they _____.

  • collect, process, and use information in order to complete cybersecurity objectives
  • interact with their bosses, employees, co-workers, other organizational stakeholders, and basically anyone involved with or affected by the cybersecurity function
  • make choices by selecting from among alternatives and they resolve conflicts, dilemmas, or challenges related to cybersecurity
  • unilaterally direct all employee compter uses in the organization

Q2. Management and leadership are interchangeable and have the same necessary skills.

  • True
  • False

Q3. Controlling is _____.

  • the activity that focuses on the structuring of resources
  • the administration of employees, making sure you have the right number of people, as well as the right skills within your staff to do the work
  • communicating your plans to your employees, and making sure they are working to help achieve the department’s goals
  • making sure that the department and it’s employees are making progress towards the objectives that you specified during planning and making sure any problems that come up are solved

Cybersecurity Roles and Responsibilities – Lesson 1.3.2 Quiz Answers

Q1. Cybersecurity professionals have to have _____.

  • technical skills
  • an abilty to able to discuss cybersecurity with non-technical managers
  • an ability to gather requirements from non-technical managers
  • all of these are required

Q2. The _____ develops the strategic plans for the cybersecurity function.

  • CIO
  • CFO
  • CISO
  • CEO

Q3. The job with the title of _____ is frequently called on to manage the day-to-day operations of security technology as well as to assist in training programs, developing policies.

  • CISO
  • cybersecurity manager
  • security technician
  • security administrator

Cybersecurity Governance – Lesson Quiz Answers

Q1. The responsibility for the entire cybersecurity program should rests solely on the CISO or VP for Cybersecurity.

  • True
  • False

Q2. In recent years, there is a strong trend to make cybersecurity the responsibility of _____.

  • the highest ranking computer manager
  • a middle-level manager
  • the highest ranking security executive
  • the upper levels of management to include the boards of directors

Q3. _____ is an approach to cybersecurity management requiring direct oversignt by the board of directors or senior management.

  • Governance, risk management, and compliance (GRC)
  • People, plans, and practices (PPP)
  • Information technology governance inference (ITGI)
  • Computing governance tehnical framework (CGTF)

Planning for Cybersecurity (Lesson Quiz 1.3.4) Quiz Answers

Q1. What is a system development lifecycle or SDLC approach?

  • An approach to plan the hiring of a new systems manager.
  • A way to develop a new personnel evaluation approach.
  • A framework used to hire a design consultant.
  • A methodology for the design and implementation of a system or program.

Q2. The _____ phase of the SecSDLC begins with instructions from upper management specifying the process, outcomes, and goals of the project as well as its budget and other constraints.

  • analysis
  • implementation
  • design
  • investigation

Q3. The _____ phase of the SecSDLC is where the components of the recommended program are acquired, tested, implemented, and retested.

  • analysis
  • implementation
  • design
  • investigation

Planning for Cybersecurity Contingencies (Lesson Quiz 1.3.5) Quiz Answers

Q1. What are ‘non-normal’ operations?

  • What our organization does when the unexpected happens
  • What our organization does when customers are unhappy
  • What our organization does in routine operations
  • What out organization does when there are no tasks to be done immediately

Q2. Contingency planning is accomplished with all of the following except _____.

  • good luck
  • technical measures
  • plans
  • procedures

Q3. Crisis management planning is focused on the _____.

  • recovery of business data
  • people aspects of incidents or disasters
  • resumption of IT services
  • resumption of customer revenue

All Quiz Answers of Cybersecurity Foundations for Risk Management Week 05 Quiz Answers

Understanding Cybersecurity Risk and Risk Management Module Quiz Answers

Q1. In cybersecurity, risk is focused on the loss of confidentiality, integrity, and availability of information assets.

  • True
  • False

Q2. The probability that a specific vulnerability within an organization will be attacked by a threat is called _____.

  • Likelihood
  • Impact
  • Residual
  • Reslilience

Q3. The consequence of a loss from the outcome of a successful attack on an information asset, known as the “magnitude of harm” is known as the _____.

  • likelihood
  • impact
  • result
  • influence

Understanding Risk Management (Lesson Quiz 1.4.2) Quiz Answers

Q1. _____ can be defined as the quantity and nature of risk that the organization is willing to accept as it evaluates the trade-offs between security and accessibility.

  • Residual risk
  • Risk avoidance
  • Persistent risk
  • Risk appetite

Q2. _____ can be defined as the risk you have left after you’re done reducing risk to an acceptable level.

  • Residual risk
  • Risk avoidance
  • Persistent risk
  • Risk appetite

Q3. In the risk management methodology, finding where and what is the risk is known as _____.

  • risk identification
  • risk isolation
  • risk treatment
  • risk evaluation

Risk Management Team Roles and Responsibilities (Lesson Quiz 1.4.3) Quiz Answers

Q1. The _____ is a high-level executive who can ensure that all subordinate managers will support the effort, without territory disputes, in-fighting, and other political games that can jeopardize the program.

  • project manager
  • assessment specialist
  • champion

Q2. The team that will perform the risk management assessment and recommends remediations, where shortcomings are found is known as the _____ team.

  • RM intermediation
  • RM factors
  • RM Framework
  • RM process

Q3. Threat assessment – also known as threat intelligence is used to review the valuation of the assets that may be at risk.

  • True
  • False

Final Course Assessment Quiz Answers

Some Questions of Final Course Assessment Quiz is already covered in the above module quiz, use ctrl+f to find questions instantly.

Q1. A(n) _____ is an instance of an information asset suffering damage or destruction, unintended or unauthorized modification or disclosure, or denial of use.

  • information event
  • data spill
  • loss
  • threat outcome

Q2. Potential weaknesses in an asset or its defensive control systems are known as _____.

Q3. _____ is the unauthorized entry into the real or virtual property of another party.

  • Trespass
  • Interception
  • Collusion
  • Espionage

Q4. If an adversary can increase their level of access by changing the type of access they have from user, to administrator, that’s called _____.

  • human error
  • social engineering
  • force of nature
  • privilege escalation

Q5. When an adversary steals your information, then tries to blackmail you into paying for it’s return it is known as _____.

  • ransomfail
  • phishing
  • data mashing
  • information extortion

Q6. _____ are malicious software elements designed to infect a user’s computer and either steal information and send it to the attacker, or damage, destroy or deny service to the computers.

  • viruses and worms
  • clickbait
  • cookies
  • spam

Q7. An attack in which an attacker intercepts a communications stream between two users or systems and inserts himself in the conversation is known as a(n) _____ attack.

  • denial of service
  • virus
  • man in the middle attack
  • spam

Q8. Which of these is not one of the three general categories of Cybersecurity policy?

  • Network Usage Policies (NUPs)
  • Enterprise policy (EISP or ECSP)
  • Issue-Specific Security Policies (ISSPs)
  • System-Specific Policies (SysSPs)

Q9. Those cybersecurity professional that define cybersecurity can_____.

  • handle planning, policy and risk management
  • create security solutions
  • administer or operate cybersecurity program elements
  • handle day-to-day monitoring and operations

Q10. Thos cybersecurity proffessional that build cybersecurity can _____.

  • handle planning, policy and risk management
  • create security solutions
  • administer or operate cybersecurity program elements
  • perform day-to-day monitoring and operations

Q11. Cybersecurity governance, if properly implemented, can yield _____ benefits

  • some
  • significant
  • few
  • no

Q12. The ISO 27014:2013 is the ISO 27000 series standard for _____.

  • governance of information security
  • risk management
  • compliance to standards
  • disaster recovery

Q13. Where does the name ‘waterfall model’ come from?

  • It is an acronym for the phases in the model.
  • It is the name of the person who first developed the model.
  • The work products of each phase fall into the next phase to serve as its starting point.
  • The first project it was used on was a redevelopment project for a waterfall

Q14. The BIA is also known as the _____.

  • Business Impact Assay
  • Business Impact Analysis
  • Business Influence Assessment
  • Business Integration Analysis

Q15. Crisis management planning is focused on the _____.

  • recovery of business data
  • people aspects of incidents or disasters
  • resumption of IT services
  • resumption of customer revenue
Get All Quiz Answers of Cybersecurity Risk Management Frameworks Specialization

Cybersecurity Foundations for Risk Management Quiz Answers

A General Approach to Risk Management Coursera Quiz Answers

Dominant Risk Management Standards and Frameworks Quiz Answers

Implementing a Risk Management Framework Coursera Quiz Answers

Share your love

Newsletter Updates

Enter your email address below and subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked *