Get IT Security: Defense Against The Digital Dark Arts Graded Quiz Answers
Table of Contents
Q1. In the Payment Card Industry Data Security Standard (PCI DSS), what are the requirements for the “regularly monitor and test networks” objective? Select all that apply.
Answer:
Regularly test security systems and processesTrack and monitor all access to network resources and cardholder data
Explanation:
These measures ensure continuous monitoring of security and tracking of access to sensitive data to detect and prevent unauthorized activities.
Q2. What tools can be used to discover vulnerabilities or dangerous misconfigurations in systems and networks?
Answer: Vulnerability scanners
Explanation: Vulnerability scanners are specialized tools designed to identify security weaknesses, misconfigurations, and vulnerabilities in systems and networks.
Q3. Which of the following are examples of security tools that can scan computer systems and networks for vulnerabilities? Select all that apply.
Answer:
NessusQualysOpenVAS
Explanation:
These tools are well-known for their ability to scan systems and networks for vulnerabilities. Wireshark is used for network analysis but not for vulnerability scanning.
Q4. Your company wants to establish good privacy practices in the workplace. What are some ways to enforce these privacy policies? Select all that apply.
Answer:
Audit access logsApply the principle of least privilege
Explanation:
Auditing access logs helps track who accessed data, while enforcing least privilege limits access rights to only those necessary for tasks, reducing exposure to sensitive data.
Q5. Which of the following is recommended to secure authentication?
Answer: 2-factor authentication
Explanation: Two-factor authentication (2FA) adds an extra layer of security, requiring users to verify their identity using two separate methods.
Q6. When working on a laptop in a public area, always _____ when getting up to use the restroom.
Answer: Lock the screen
Explanation: Locking the screen prevents unauthorized access to your laptop when you step away, protecting sensitive information.
Q7. What is a quick way of evaluating a third party’s security?
Answer: A security assessment questionnaire
Explanation: A security assessment questionnaire provides a structured method to quickly evaluate a third party’s security practices.
Q8. Third-party services that require equipment on-site may require a company to do which of the following? Select all that apply.
Answer:
Evaluate hardware in the lab firstProvide additional monitoring via a firewall or agentless solution
Explanation:
Testing hardware in a controlled environment and monitoring with firewalls or agentless solutions ensures the integration is secure.
Q9. Periodic mandatory security training courses can be given to employees in what way? Select all that apply.
Answer:
Brief quizShort video
Explanation:
Interactive and engaging methods like quizzes and videos are effective in delivering mandatory security training to employees.
Q10. Once the scope of the incident is determined, the next step would be _____.
Answer: Containment
Explanation: Containing the incident limits its impact and prevents further damage before moving on to remediation and resolution.
Get IT Security: Defense Against The Digital Dark Arts Practice Quiz Answers >>
Module 01 Challenge: Understanding Security Threats Quiz Answers
Module 02 Challenge: Pelcgbybtl (Cryptology) Graded Quiz Answers
Module 03 Challenge Authentication Authorization & Accounting Quiz Answers
Module 04 Challenge: Securing Your Networks Quiz Answers
Module 05 Challenge: Defense in Depth Quiz Answers
Module 06 Challenge: Creating a Company Culture for Security Quiz Answers