CS205 Grand Quiz Solution and Discussion


  • Cyberian's Gold

    Please share you Grand Quiz


  • Cyberian's Gold

    The verizon and symantec reports show that_______________.
    Web is the most vulnerable vector
    Email is the most attacked vector
    IOT is more secure than other technologies
    Malicious internal users or disgruntled employees cause most damage

    e70ae74c-ca3e-4082-9e55-de065a8e5ab4-image.png


  • Cyberian's Gold

    If account lockout feature value is set to “0” on a ms 2012 member server than?
    The account will never be locked despite of several failed login attempts
    The account will be locked and system will have to be rebooting
    Will require administrator to unlock the account
    Will have to disconnect from network

    ed3c9961-d8e5-46d9-8bb1-ded50eaba42a-image.png


  • Cyberian's Gold

    Which of the following statement is correct?
    CVE is superset of NVD
    NVD is an open standard for assigning vulnerability impacts
    NVD is superset of CVSS
    NVD is superset of CVE

    d20bea56-bfb8-4fdd-b308-c76868eba8c0-image.png


  • Cyberian's Gold

    _________________is the part of Information Security Awareness.
    Procedure
    Standard
    Policy
    Training

    b77d655b-9722-4ea9-bce3-037812548eee-image.png


  • Cyberian's Gold

    What does check content explain about rule in DISA STIG?
    Describes the control
    Describes the benefit of implementing control
    Tells how to check whether control is implemented or not
    Tells how to apply control

    7c8066f2-89a3-4155-8c53-3ed4d3e53607-image.png


  • Cyberian's Gold

    One of the challenges in effective implementation of a security transformation project in a small-sized organization is_______________.
    Adhoc culture and lack of discipline
    Old and outdated IT environment
    Multiple data center sites
    Lack of a disaster recovery (DR) site

    d21a6327-0f3c-41f7-a09b-a65d3ee77d47-image.png


  • Cyberian's Gold

    The purpose of the information security lifecycle is to ensure that___________________.
    Project management is conducted adequately
    The sequence is documented
    There is a completion date to security projects
    All security projects & activities consistently follow the same sequence and steps

    d39d41e5-ad60-42ba-bcd4-6e6e3facb8ae-image.png


  • Cyberian's Gold

    For effective information security implementation, the security journey should start with___________.
    Developing comprehensive policies and procedures
    Management commitment
    Security hardening and vulnerability management of IT assets
    A penetration test

    2bc1c8fb-000e-4d7a-b125-583fa923a4f8-image.png


  • Cyberian's Gold

    A policy is___________________.
    Mandatory and limited in scope to a department
    Mandatory and applies to entire organization; signed off by senior management
    Not mandatory but a guideline only
    Signed off by information security department

    92bf93ae-4804-4d54-bb12-859b57ea9f57-image.png


  • Cyberian's Gold

    In an enterprise which software should be allowed to install and execute?
    Softwares included in white-list.
    Any freely available software.
    Only paid software.
    Softwares displayed on notice board.

    2c3351c1-dd8b-4ab9-af2f-5789b59c35f6-image.png


  • Cyberian's Gold

    Which activity is carried out in security hardening layer?
    Address security configuration of all it assets
    Scanning to inspect patching of all it assets
    Aggregative controls involving people, process, and technology
    Ensure the proper utilization, ROI and audits of purchased devices

    3b066eb3-4224-46cf-a1e2-1a10d917b43d-image.png


  • Cyberian's Gold

    What are the three types of redundant site models in an enterprise network?
    Hot site, cold site and warm site
    Primary site, secondary site and DR site
    Highly available site, fault tolerant site and DR site
    Both a & b

    f02eb931-b086-4c36-852d-984bf87495bd-image.png


  • Cyberian's Gold

    Anthem insurance breach 2014 was initiated through?
    Windows vulnerability
    Phishing email
    Man in the middle attack
    Sql injection attack

    9a2c81c1-4615-4701-bf3d-3a5e0dd26eda-image.png


  • Cyberian's Gold

    What do you mean by RTO in a business continuity plan?
    Minimum frequency of backups
    Maximum downtime an organization can handle
    Maximum age of files that an organization must recover from backup storage for normal operations to resume after disaster
    Both a & b

    3ebe0ea0-1ddf-45c2-9595-753ea9e81950-image.png


  • Cyberian's Gold

    The 4 layer security transformation model and isms requirements and controls__________________.
    Are both separate security programs
    Are both separate security projects
    May form essential elements of the security program
    None of the given

    93c60250-46a0-4249-9220-0fe0744684da-image.png



Quiz 100% Result Quiz 100% Result
| |