The definition andenforcement of permitted capabilities for a person or entity whose identity hasbeen established.
AuthenticationCorrect
The emphasis should still be on retrofitting tools to meet current safety requirements, not development.
True
FalseCorrect
The end-user device is typically called the local host and communicates to the remote host over the Internet, and is the second computer running the FTP program.
TrueCorrect
False
The engineering method of formal verification, which explicitly correlates with concept checking, requires network cables
True
FalseCorrect
The firewall can ____________ any traffic or all traffic, depending on the firewall policy of the company.
Absolutely allow
Rarely disallow
Rarely allow
Absolutely disallowCorrect
The focus of physical security is on the planning, _________________, and protection of countermeasures that can secure a company's physical capital.
imposition
importation
implantation
implementationCorrect
The following are SNMP Agent's key functions except ____________.
Acts as a proxy for some non-SNMP manageable network node
Stores and retrieves management information
Acknowledges asynchronous eventsCorrect
Collects management information about its local environment
The following are SNMP Manager's key functions except ________.
Queries agent
Get responses from agents
Signals an eventCorrect
Sets variables in agents
The following are the types of firewalls except _________.
Stateful Packet Filtering
Packet Filtering
Proxy
WhitelistingCorrect
The following securityspecifics appropriate to the security architecture must be addressed withineach phase in addition to the generic phase activities. What phase is that?
Phase A: Architecture VisionCorrect
The goal of this step is to understand what data could cause harm to your organization.
Identification of Critical InformationCorrect
Analysis of Vulnerabilities
Analysis of Threat
Assessment of Risk
The ideas behind the CIA triad are influenced by industry-standard cybersecurity systems like those of NIST.
TrueCorrect
False
The infected file can be used by the self-execution facility tolaunch the malware code, or it can be executed by the user himself;
ExploitationCorrect
The level of secrecy effect of the PII varies from mild, moderate, or extreme to reflect the possible damage that could happen to a person or entity if the data is obtained, used, or released.
TrueCorrect
False
The main advantage of security architecture is its standardization, which makes it affordable. Security architecture is cost-effective due to the reuse of controls described in the architecture.
Form
BenefitsCorrect
Financial
Driver
The main ways of transport are e-mails (attachment of infected files), web platforms (running malware scripts), or removable USB memories;
DeliveryCorrect
The management team applies a series of security measures on the basis of the assessment to___________________ within their climate.
maximize risk
maximize exposure
minimize riskCorrect
minimize exposure
The method of scanning an environment for weak points and prioritizing remediation based on risk is _____________.
accelerate management
international management
vulnerability managementCorrect
creative management
The more software an organization deploys, the more bugs it creates.
TrueCorrect
False
The OPSEC mechanism helps in the production of technological and non-technical steps to minimize cybersecurity threats, first-party threats, third-party risks, and fourth-party risks
TrueCorrect
False
The organization'sattitude and tolerance for risk.
Risk ManagementCorrect
The Parkerian Hexad added elements are:
control, possession, utility
possession, honesty, alliance
control, authenticity, utilityCorrect
idd, html, intel
The position of software in applications has also decreased, such that the majority of functionality is now managed by software, rendering the effect of multiple breaches more important.
True
FalseCorrect
The practice of avoiding unauthorized entry, use, dissemination, disturbance, alteration, inspection, monitoring or destruction of information is essentially __________________________.
Ledger Security
System Security
Network Security
Information SecurityCorrect
The probability of human error must also be taken into account, as demonstrated by the error committed by a power system worker that triggered an hour-long blackout in cities in the Pacific Southwest in 2013.
True
FalseCorrect
The process where individual pieces of data are grouped to form a bigger picture.
Sorting
Classification
Analysis
AggregationCorrect
The protection ofinformation assets from loss or unintended disclosure, and resources fromunauthorized and unintended use.
Asset ProtectionCorrect
The purpose and role of information management can be broken down into three key categories include:
Central Security Service
making available data freely to those who need access to itCorrect
The aspects in which information is covered varies depending on the need and the volume of data and the kinds of threats that are expected to be posed by the sensitive data
For any enterprise that uses the five pillars to secure knowledge, the same is true
The security architect needs to draft knowledge of the organization's infrastructure to learn who has access to where weak points can occur.
True
FalseCorrect
The security architecture must secure the entire IT infrastructure.
TrueCorrect
False
The Security Manager guarantees that the management and staff are aware of their security responsibilities, support security efforts, and accept small inconveniences that are invariably part of system transition and development.
TrueCorrect
False
The security manager is responsible for achieving balance and effectively supporting corporate security.
TrueCorrect
False
The smallest and most common type of network, consisting of a wireless modem, a computer or two, computers, printers, tablets, etc. In one building, it circles one person.
PANCorrect
WAN
TAN
LAN
The state of beingprotected against the criminal or unauthorized use of electronic data, or themeasures taken to achieve this.
cyber securityCorrect
The subdivision's fundamental principle is that the risk of compromise is more significant when the threat is very competent and committed, while friendly organizations are concurrently revealed.
TrueCorrect
False
The substantiation ofthe identity of a person or entity related to the enterprise or system in someway.
AuthenticationCorrect
The terms protection of information, cyber protection, and information assurance are also used interchangeably.
TrueCorrect
False
The transformation of wage data from one currency into an incorrect currency.
Availability
Integrity
Confidentiality
UtilityCorrect
The vulnerability process is intended to find exploitable flaws in a company's data network.
True
FalseCorrect
The word __________________ was invented by the United States Army during the Vietnam War as a part of military operations led by a team called Purple Dragon.
firewall display
virtual private network
security assurance
operation securityCorrect
The word cyberspace has become a ____________________________ and the complex society of the Internet.
interconnected information technology and the interdependent network of information technology
collection of sculptures and photographs entitled 'sensory spaces'
the standard way of representing everything related to the internetCorrect
social connections involved than by its technological application
The_______________ is a symmetric key algorithm used to safeguard secret government records.
HTTP
AFS
CTO
AESCorrect
There are ________ types of firewall policies which are widely used.
2Correct
3
4
5
These actions typically consist of collecting information, modifyingdata integrity, or attacking the availability of services and devices, but thevictim system can also be used as a starting point for infecting other systemsor for expanding access to the local network.
Action on objectiveCorrect
These are constantly creating and implementing new securitytools to help enterprise users better secure their data.
cloud providersCorrect
These are the packet's intended location at the receiving end of a transmission.
The source IP address of the outgoing packets
The type of IP the pocket contains
The source IP address of the incoming packets
Destination IP addressesCorrect
These network forms are developed and operated by organizations who want to link their separate locations and connect computing resources safely.
LPN
EPNCorrect
VPN
HAN
This acts as a deterrent against deliberate misconfigurations.
Automation
Change Management Process
Operational Security PolicyCorrect
Dual Control
This assured that theinformation is authentic and complete.
integrityCorrect
This involves enforcing security measures to ensure that data cannot be changed or destroyed by, or in an undetected way by, an unauthorized user.
data validation
data system
data authentication
data integrityCorrect
This involves ensuring that the are who they say are and one of the most famous method to secure this is by using
authenticationCorrect
This involves preserving information in its right shape and avoiding it from being wrongly changed, either by mistake or maliciously.
Inclusion
Indulgence
IntegrityCorrect
Informative
This is an assurance that the systems responsible fordelivering, storing, and processing information are accessible when needed, bythose who need them.
availabilityCorrect
This is not a type of application security.
photo enhancementCorrect
This is roughly equivalent to.
confidentialityCorrect
This keeps the potential enemies from discovering critical DOD information, such as when units are mobilizing, traveling, or what processes are involved.
Operation SecurityCorrect
People Security
Physical Security
IT Security
This kind of network enables you to cover an area from few miles to tens of miles, depending on the kind of setup.
LAN
MANCorrect
WLAN
CAN
This means that only thoseauthorized to view information are allowed access to it.
confidentialityCorrect
This step uses multiple sources, such as intelligence activities, law enforcement, and open source information to identify likely adversaries to a planned operation and prioritize their degree of threat.
Application of Appropriate Countermeasures
Assessment of Risk
Analysis of ThreatCorrect
Analysis of Vulnerabilities
This version improves security and privacy.
SNMPv2
SNMPv3Correct
SNMPv1
SNMPv4
This was the first implementation, which was carried out under the structure management information specification This was the first implementation, which was carried out under the structure management information specification.
SNMPv2
SNMPv3
SNMPv4
SNMPv1Correct
Those stakeholderswho will be affected by security capabilities and who are in groups ofcommunities
Identify communities involvedCorrect
Those units outsidethe scoped enterprise who will need to enhance their security architecture forinteroperability purposes
Identify extended enterpriseCorrect
Those who are mostaffected and achieve most value from the security work
Identify core enterpriseCorrect
Those who will seechange to their capability and work with core units but are otherwise notdirectly affected
Identify soft enterpriseCorrect
Threat assessments reflect the totality of the intelligence collection effort targeting the organization inaccurately.
True
FalseCorrect
Three distinct levels:
Physical, Perceptual, Desired EffectsCorrect
Three Features of Security
Confidentiality, Integrity and AvailabilityCorrect
To access the FTP server, we do not need to log in with the username and password. Therefore, we can say that FTP is vulnerable.
True
FalseCorrect
To affect thetechnical performance and the capabilityof physical systems, to disrupt the capabilitiesof the defender.
Desired EffectsCorrect
To enforce the safety specifications, the engineers build the device verification to assure that the configuration satisfies the safety evidence.
True
FalseCorrect
Transmitting the weapon to the target environment.
DeliveryCorrect
True or False: Identify coreenterprise (units) - those who are most affected and achieve most value fromthe security work
TRUECorrect
True or False: Business rules regarding handling of data/information assets
TRUECorrect
True or False: Codifieddata/information asset ownership and custody