11. Fill in the blank: By enabling security professionals to determine which devices have been affected, the CSF _____ function helps organizations manage cybersecurity risks and their effects.

  • protect
  • identify
  • detect
  • recover

12. What does a security analyst’s work involve during the CSF recover function?

  • Return affected systems back to normal operation
  • Protect an organization through the implementation of employee training
  • Contain, neutralize, and analyze security incidents
  • Pinpoint threats and improve monitoring capabilities

Weekly challenge 2

13. What does a security professional use to create guidelines and plans that educate employees about how they can help protect the organization?

  • Security posture
  • Security audit
  • Security framework
  • Security hardening

14. Fill in the blank: A security professional uses _____ to convert data from a readable format to an encoded format.

  • authorization
  • authentication
  • encryption
  • confidentiality

15. Which of the following characteristics are examples of biometrics? Select all that apply.

  • Voice
  • Fingerprint
  • Eye scan
  • Password

16. You work as a security analyst at a bank and need to ensure that customers can access their account information. Which core principle of the CIA triad are you using to confirm their data is accessible to them?

  • Confidentiality
  • Availability
  • Integrity
  • Accuracy

17. Which of the following statements accurately describe the CSF? Select all that apply.

  • The CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk.
  • Implementing improvements to a security process is part of the respond function of the CSF.
  • The identify function of the CSF involves managing cybersecurity risk and its effects on an organization’s people and assets.
  • The protect function of the CSF involves returning affected systems back to normal operation.

18. A security team has just finished addressing a recent security incident. They now conduct tests to ensure that all of their repairs were successful. Which OWASP principle does this scenario describe?

  • Minimize attack surface area
  • Fix security issues correctly
  • Principle of least privilege
  • Separation of duties

Shuffle Q/A 2

19. What are some of the primary objectives of an internal security audit? Select all that apply.

  • Determine what needs to be improved in order to achieve the desired security posture
  • Help security teams identify organizational risk
  • Avoid fines due to a lack of compliance
  • Reduce the amount of data on a network

20. Fill in the blank: In an internal security audit, _____ refers to identifying people, assets, policies, procedures, and technologies that might impact an organization’s security posture.

  • completing a controls assessment
  • implementing administrative controls
  • scope
  • goals

Leave a Reply