11. Fill in the blank: A security professional has been tasked with implementing safeguards to reduce suspicious activity on their company's network. They use _____ to help them reduce this type of risk.
- security controls
- public websites
- security ethics
- private information
12. You are helping your security team consider risk when setting up a new software system. Using the CIA triad, you focus on confidentiality, availability, and what else?
- Integrity
- Information
- Inconsistencies
- Intelligence
13. Fill in the blank: _____ are items perceived as having value to an organization.
- Incidents
- Lifecycles
- Assets
- Alerts
14. Which of the following statements accurately describe the NIST CSF? Select all that apply.
- It is only effective at managing long-term risk.
- Its purpose is to help manage cybersecurity risk.
- It is a voluntary framework.
- It consists of standards, guidelines, and best practices.
15. Fill in the blank: Some of the most dangerous threat actors are _____ because they often know where to find sensitive information, can access it, and may have malicious intent.
- past vendors
- disgruntled employees
- senior partners
- dissatisfied customers
16. A security professional is updating software on a coworker’s computer and happens to see a very interesting email about another employee. The security professional chooses to follow company guidelines with regards to privacy protections and does not share the information with coworkers. Which concept does this scenario describe?
- Preserving evidence
- Security controls
- Security ethics
- Business email compromise
17. Fill in the blank: The ethical principle of _____ involves safeguarding an organization’s human resources records that contain personal details about employees.
- honesty
- privacy protection
- unlimited access
- non-bias
18. You are a security professional working for a state motor vehicle agency that stores drivers' national identification numbers and banking information. Which ethical principle involves adhering to rules that are intended to protect these types of data?
- Restrictions
- Laws
- Guidelines
- Investigations
Shuffle Q/A 2
19. Which of the following are core components of security frameworks? Select two answers.
- Establishing regulatory compliance measures
- Implementing security processes
- Setting guidelines to achieve security goals
- Monitoring personally identifiable information
20. Fill in the blank: A security professional has been tasked with implementing strict password policies on workstations to reduce the risk of password theft. This is an example of _____.
- security controls
- networking regulations
- hardware changes
- security teams