CSX Cybersecurity Fundamentals: Practice Questions and Answers
4 views 0 purchase
Course
CSX Cybersecurity Fundamentals
Institution
CSX Cybersecurity Fundamentals
CSX Cybersecurity Fundamentals: Practice Questions
- Redundancy
- Backups
- access controls - Answer- Three common controls used to protect the availability of information are
Providing strategic direction, Ensuring that objectives are achieved, Verifying that organizational resources are ...
CSX Cybersecurity Fundamentals:
Practice Questions
- Redundancy
- Backups
- access controls - Answer- Three common controls used to protect the availability of
information are
Providing strategic direction, Ensuring that objectives are achieved, Verifying that
organizational resources are being used appropriately, Ascertaining whether risk is
being managed properly. - Answer- Governance has several goals, including
- Protect,
- Recover
- Identify - Answer- According to the NIST framework, which of the following are
considered key functions necessary for the protection of digital assets?
Protecting information assets by addressing threats to information that is processed,
stored or transported by interworked information systems - Answer- The best
definition for cybersecurity?
Cybersecurity management - Answer- Cybersecurity role that is charged with the
duty of managing incidents and remediation?
risk to an organization's digital assets. - Answer- The core duty of cybersecurity is to
identify, respond and manage
is anything capable of acting against an asset in a manner that can cause harm. -
Answer- A threat
is something of value worth protecting. - Answer- A asset
is a weakness in the design, implementation, operation or internal controls in a
process that could be exploited to violate the system security - Answer- A
vulnerability
attack vector - Answer- The path or route used to gain access to the target asset is
known as a
payload - Answer- In an attack, the container that delivers the exploit to the target is
called
communicate required and prohibited activities and behaviors. - Answer- Policies
is a class of malware that hides the existence of other malware by modifying the
underlying operating system. - Answer- Rootkit
, provide details on how to comply with policies and standards. - Answer- Procedures
contain step-by-step instructions to carry out procedures. - Answer- Guidelines
also called malicious code, is software designed to gain access to targeted computer
systems, steal information or disrupt computer operations. - Answer- Malware
are used to interpret policies in specific situations. - Answer- Standards
are solutions to software programming and coding errors. - Answer- Patches
includes many components such as directory services, authentication and
authorization services, and user management capabilities such as provisioning and
deprovisioning. - Answer- Identity Management
Detect and block traffic from infected internal end points, Eliminate threats such as
email spam, viruses and worms, Control user traffic bound toward the Internet,
Monitor and detect network ports for rogue activity. - Answer- The Internet perimeter
should
ensures that data are transferred reliably in the correct sequence - Answer-
Transport layer of the OSI
coordinates and manages user connections - Answer- Session layer of the OSI
Encryption is an essential but incomplete form of access control - Answer- best
states the role of encryption within an overall cybersecurity program
Asset value, criticality, reliability of each control and degree of exposure. - Answer-
The number and types of layers needed for defense in depth are a function of
Least privilege or access control - Answer- System hardening should implement the
principle of
Accounting management, Fault management, Performance management, Security
management - Answer- Which of the following are considered functional areas of
network management as defined by ISO?
Multiple guests coexisting on the same server in isolation of one another - Answer-
Virtualization involves
Maintaining an asset inventory. - Answer- Vulnerability management begins with an
understanding of cybersecurity assets and their locations, which can be
accomplished by
Preparation, Detection and analysis, Investigation, Mitigation and recovery,
Postincident analysis - Answer- Arrange the steps of the incident response process
into the correct order
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Freshy. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.
