play it safe manage security risks coursera weekly challenge 2 answers

Test your knowledge: More about frameworks and controls

1. How do security frameworks enable security professionals to help mitigate risk?

  • They are used to establish laws that reduce a specific security risk.
  • They are used to create unique physical characteristics to verify a person’s identity.
  • They are used to refine elements of a core security model known as the CIA triad.
  • They are used to establish guidelines for building security plans.

2. Competitor organizations are the biggest threat to a company’s security.

  • True
  • False

3. Fill in the blank: Security controls are safeguards designed to reduce _____ security risks.

  • public
  • broadscale
  • specific
  • general

4. A security analyst works on a project designed to reduce the risk of vishing. They develop a plan to protect their organization from attackers who could exploit biometrics. Which type of security control does this scenario describe?

  • Authentication
  • Encryption
  • Authorization
  • Ciphertext

Test your knowledge: The CIA triad

5. What is the CIA triad?

  • Ongoing validation processes involving all employees in an organization
  • A foundational security model used to set up security policies and systems
  • A set of security controls used to update systems and networks
  • A mandatory security framework involving the selection of appropriate controls

6. Which element of the CIA triad specifies that only authorized users can access specific information?

  • Access
  • Confirmation
  • Integrity
  • Confidentiality

7. A security analyst discovers that certain data is inaccessible to authorized users, which is preventing these employees from doing their jobs efficiently. The analyst works to fix the application involved in order to allow for timely and reliable access. Which element of the CIA triad does this scenario describe?

  • Applicability
  • Capacity
  • Integrity
  • Availability

8. Fill in the blank: According to the CIA triad, _____ refers to ensuring that an organization's data is verifiably correct, authentic, and reliable.

  • Availability
  • Credibility
  • Accuracy
  • Integrity

Shuffle Q/A 1

Test your knowledge: NIST frameworks

9. What is the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)?

  • A collection of security principles focused on maintaining confidentiality, integrity, and availability
  • A required business framework for ensuring security updates and repairs are successful
  • A set of security controls that help analysts determine what to do if a data breach occurs
  • Standards, guidelines, and best practices that organizations follow voluntarily in order to manage cybersecurity risk

10. Fill in the blank: The five core functions that make up the CSF are: identify, protect, detect, _____, and recover.

  • regulate
  • respond
  • reevaluate
  • reflect

Leave a Reply