100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
Cyber Security Test - Week 1 to 5 Exam Questions with Complete Solutions $9.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. UGRD-CYBS
  4.  
  5. UGRD-CYBS

Exam (elaborations)

Cyber Security Test - Week 1 to 5 Exam Questions with Complete Solutions
 0 view  0 purchase
  • Course
  • UGRD-CYBS
  • Institution
  • UGRD-CYBS

Cyber Security Test - Week 1 to 5 Exam Questions with Complete Solutions

Preview 4 out of 59  pages

Document information

  • November 5, 2024
  • 59
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • cyber security test week 1 to 5 exam questions w

Written for

  • UGRD-CYBS
  • UGRD-CYBS

Seller

avatar-seller
Dants

Reviews received

Content preview

Cyber Security Test - Week
1 to 5 Exam Questions
with Complete Solutions

Denning [Date] [Course title]

,What does cyber security refer to? - Correct Answers Cybersecurity relates to the security of any device
which is connected to some form of network such as the internet.



What does information security refer to? - Correct Answers Information security is wider than computer
security because it relates to the security of any information, whether that be physical or held within a
digital device.



What does computer security refer to? - Correct Answers Computer security relates to the security of
any computing device.



What are the three stages within cyber security? - Correct Answers Prevent: try to prevent any attacks



Detect: try to detect any attack which are happening or have happened



Respond: try to respond to those attacks by incorporating more mechanisms or including things such as
security training or policies which can also impact the security of a system



What are the three properties that make up the CIA triad? - Correct Answers Confidentiality: where
information should be kept confidential from unauthorised parties. For example, if you visit your GP and
have some medical issues, documented, the doctor's surgery is required to ensure that that is kept
confidential from unauthorised parties.



Integrity: where you want your data to be correct. You don't want someone to go and amend that in an
incorrect fashion. If we go back to the example of the GP surgery, again, you wouldn't want somebody
going and changing your medication to something that it shouldn't be. So again, we're coming back to
the idea of unauthorised parties changing information or accessing information that they shouldn't have
access to.



Availability: The data should be available to legitimate users at a time which is expected to have access
to. One example of this could be a bank unexpectedly being hit by a denial of service attack, in which
case the end user would not be able to access their funds, which could cause some distress as well as,
obviously impact the bank's reputation, which is undesirable.

,What is a Bad/threat actor or malicious actor/hacker/attacker refer to? - Correct Answers Bad/threat
actor or malicious actor/hacker/attacker: an insider or outsider so that is someone who is legitimately
part of the system or someone who's external to that who's trying to impose some form of harm on the
system-- so to gain unauthorised access to a system that it shouldn't have access to.



What does Malicious mean? - Correct Answers Malicious: where someone sets out with the intent of
causing harm.



What does non malicious mean? - Correct Answers Non-malicious: where someone unintentionally
compromises the security of the system-- for example, writing down a password and storing it
somewhere that can be easily found by someone who shouldn't have access to that.



What is a vulnerability? - Correct Answers Vulnerability: a limitation of a system which opens it up to
exploitation.



What is a threat? - Correct Answers Threat: something or someone which is constantly posing potential
harm to an asset, such as a data set.



What is an attack? - Correct Answers Attack: an attempted exploitation of a particular vulnerability of a
system.



What is an attack surface? - Correct Answers Attack surface: a collection of all the different points of
entry an unauthorised attacker could try to exploit.



What is an attack vector? - Correct Answers Attack vector: typically referred to after an attack has taken
place and is the particular path that the attacker has taken in order to gain unauthorised access.



Give three examples of cybersecurity laws and regulations - Correct Answers Computer Misuse Act, the
Serious Crime Act Amendment which revised Computer Misuse Act to reflect more modern landscapes,
and the Data Protection Act 2018, which is the UK implementation of GDPR.



Give four examples of cyber security events in history that changed the industry - Correct Answers The
morris worm, phreaking 60s, first computer password, the 414s real life war games, target 2013

, What are cyber security frameworks? - Correct Answers Cyber security frameworks are pre-defined
guides to developing security policies and procedures.



What is the purpose of cyber security frameworks? - Correct Answers The aim is to reduce the risk of
common cyber security threats which organisations face on a daily basis.



Give three examples of cyber security frameworks - Correct Answers Such frameworks are generally
defined by leading cyber security organisations like



NIST (National Institute of Standards and Technology)

ISO (International Standards Organisation)

NCSC (National Cyber Security Centre)



What are the stages within the NIST cyber security framework? - Correct Answers Identify, Protect,
Detect, Respond and Recover model



What is the common body of knowledge cyber security framework? - Correct Answers The Common
Body of Knowledge (CBK) provides a knowledge base of information security subjects, referred to as
domains, a security professional should understand.



What are the ten security domains within the common body of knowledge? - Correct Answers Access
Control Systems and Methodology

Telecommunications and Network Security

Business Continuity Planning and Disaster Recovery Planning

Security Management Practices

Security Architecture and Models

Law, Investigation, and Ethics

Application and Systems Development Security

Cryptography

Computer Operations Security

Physical Security

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Dants. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

83637 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.99
  • (0)
  Add to cart