11. Fill in the blank: The NIST CSF is a _____ framework that consists of standards, guidelines, and best practices to manage cybersecurity risk.
- voluntary
- mandatory
- limited
- rigid
12. What are some benefits of the NIST Cybersecurity Framework (CSF)? Select three answers.
- It helps organizations achieve regulatory standards.
- It can be used to identify and assess risk.
- It is required to do business online.
- It’s adaptable to fit the needs of any business.
Weekly challenge 1
13. A malicious hacker gains access to a company system in order to access sensitive information. What does this scenario describe?
- Vulnerability
- Regulation
- Procedure
- Threat
14. Fill in the blank: A misconfigured firewall is an example of a security _____.
- exploit
- vulnerability
- threat
- asset
15. What is the first step of asset management?
- To assign a risk score to assets
- To address an asset’s vulnerabilities
- To make an asset inventory
- To classify assets based on value
16. A small group of software developers is working internally on a confidential project. They are developing a new web application for the employees at their organization. Who can the developers discuss this confidential project with? Select two answers.
- External business partners
- Close friends
- Teammates
- Project managers
17. A local chef owns a successful small business that sells cooking sauces and seasoning. Their best-selling product is a sauce that’s made with a top secret family recipe. To continue growing the company, the chef is about to start a partnership with a large retailer. In this scenario, what classification level should be assigned to the chef's proprietary recipe in this scenario?
- Public
- Internal
- Confidential
- Restricted
18. Fill in the blank: Information security (InfoSec) is the practice of keeping ____ in all states away from unauthorized users.
- processes
- documents
- files
- data
Shuffle Q/A 2
19. What is an example of data in transit? Select two answers.
- A slideshow presentation on a thumb drive
- A file being downloaded from a website
- A website with multiple files available for download
- An email being sent to a colleague
20. Who should an effective security plan focus on protecting? Select all that apply.
- Customers
- Competitors
- Employees
- Business partners