11. Fill in the blank: By enabling security professionals to determine which devices have been affected, the CSF _____ function helps organizations manage cybersecurity risks and their effects.
- protect
- identify
- detect
- recover
12. What does a security analyst’s work involve during the CSF recover function?
- Return affected systems back to normal operation
- Protect an organization through the implementation of employee training
- Contain, neutralize, and analyze security incidents
- Pinpoint threats and improve monitoring capabilities
Weekly challenge 2
13. What does a security professional use to create guidelines and plans that educate employees about how they can help protect the organization?
- Security posture
- Security audit
- Security framework
- Security hardening
14. Fill in the blank: A security professional uses _____ to convert data from a readable format to an encoded format.
- authorization
- authentication
- encryption
- confidentiality
15. Which of the following characteristics are examples of biometrics? Select all that apply.
- Voice
- Fingerprint
- Eye scan
- Password
16. You work as a security analyst at a bank and need to ensure that customers can access their account information. Which core principle of the CIA triad are you using to confirm their data is accessible to them?
- Confidentiality
- Availability
- Integrity
- Accuracy
17. Which of the following statements accurately describe the CSF? Select all that apply.
- The CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk.
- Implementing improvements to a security process is part of the respond function of the CSF.
- The identify function of the CSF involves managing cybersecurity risk and its effects on an organization’s people and assets.
- The protect function of the CSF involves returning affected systems back to normal operation.
18. A security team has just finished addressing a recent security incident. They now conduct tests to ensure that all of their repairs were successful. Which OWASP principle does this scenario describe?
- Minimize attack surface area
- Fix security issues correctly
- Principle of least privilege
- Separation of duties
Shuffle Q/A 2
19. What are some of the primary objectives of an internal security audit? Select all that apply.
- Determine what needs to be improved in order to achieve the desired security posture
- Help security teams identify organizational risk
- Avoid fines due to a lack of compliance
- Reduce the amount of data on a network
20. Fill in the blank: In an internal security audit, _____ refers to identifying people, assets, policies, procedures, and technologies that might impact an organization’s security posture.
- completing a controls assessment
- implementing administrative controls
- scope
- goals