Strategic Cybersecurity Management Final Exam Answers – AttackIQ Academy

Related Articles

CISCO VIRTUAL INTERNSHIPS PROGRAM 2024

5 days ago

IISD INDIA – INTERNSHIP PROGRAMME 2024

5 days ago

Ministry of Panchayati Raj Internship 2024 | Get Complete details Here

5 days ago

Enroll Here: Strategic Cybersecurity Management Certification

Next Generation Issues Quiz Answers

Question 1: Your smartphone is going to become substantially more powerful in two particular areas. Which areas are those? (Choose Two)

1. The amount of sophisticated applications available for your smartphone
2. The processing of images for social media
3. The conversion of voice for rapid translation
4. The transmission rate of data going back and forth

Question 2: What does the tracking of cars have to do with securing your enterprise?

1. Securing cars is difficult, so is securing your enterprise.
2. Security for cars has evolved past a focus on just the perimeter and now takes into account what happens if someone does steal the car.
3. The rate of stolen cars has dropped, much like the rate of security breaches.
4. Use of blockchain in cars is also valuable to your enterprise.

Building Cyber Resilience Quiz Answers

Question 1: Aside from protecting legacy systems, what is another challenge CISOs face in terms of the changing attack surface?

1. Companies often hire CISOs to be a “sacrificial lamb.”
2. Cyber insurance premiums and ransom payments are eating into budgets
3. GDPR has made privacy a top focus of boards.
4. Exponential growth in cheap computing power makes it cheaper for attackers to deploy.

Question 2: In this course, we discussed two types of security teams.  What were they? (Choose Two)

1. Reactionary security
2. Threat security
3. Informed security
4. Rigid security

Question 3: Which framework is useful for building up active intelligence that ties back to your controls?

1. Lockheed Cyber Kill Chain
2. MITRE ATT&CK
3. ISO 27001
4. FAIR Model

Risk Profiles and Playbooks Quiz Answers

Question 1: Finding out your cloud-based assets were used to perform a DDoS attack on another company is an example of:

1. Primary Risk
2. Secondary Risk
3. Unavoidable Risk
4. A really bad day

Question 2: At higher levels in your company, including executives, you need to do ___________

1. Risk mapping
2. Threat mapping
3. Breach simulation
4. Vulnerability assessments

Question 3: What is a reason why the FAIR Model is valuable?

1. FAIR not only considers the loss you might have, but also the threat of and frequency of your vulnerabilities.
2. FAIR addresses secondary risk
3. FAIR works well together with leveraging MITRE
4. All of the above

Strategic Cybersecurity Management Quiz Answers

Question 1: True or False: 5G greatly diminishes the reliability and practicality of IoT.

1. True
2. False

Question 2: _______ security has a real-time risk appetite and feed on constant indications of compromise.

1. Reactionary
2. Threat
3. Informed
4. Rigid

Question 3: At the highest level, you can secure your company doing which three things (Choose 3)

1. Segmenting your networks
2. Implementing threat intelligence
3. Clear routines
4. Layered defenses

Question 4: When speaking to the board, always relate the technical issues of security to ________

1. Business objectives
2. Revenue opportunities
3. Other company’s technical issues
4. Data transformation projects

Strategic Cybersecurity Management Final Exam Answers:

Question 1: At higher levels in your company, including executives, you need to do ___________

1. Risk mapping
2. Threat mapping
3. Breach simulation
4. Vulnerability assessments

Question 2: Your smartphone is going to become substantially more powerful in two particular areas. Which areas are those? (Choose Two)

1. The amount of sophisticated applications available for your smartphone
2. The processing of images for social media
3. The conversion of voice for rapid translation
4. The transmission rate of data going back and forth

Question 3: In order to align with threat frequency, you need to be aware of and aligned to ________.

1. MITRE ATT&CK
2. Different threat actors
3. GDPR
4. Secondary Risk

Question 4: True or False: You should determine if you will pay a ransom and how much you are willing to pay before you are hit with ransomware.

1. True
2. False

Question 5: True or False: Frameworks lack the value that many think they provide.

1. True
2. False

Question 6: What does the tracking of cars have to do with securing your enterprise?

1. Securing cars is difficult, so is securing your enterprise.
2. Security for cars has evolved past a focus on just the perimeter and now takes into account what happens if someone does steal the car.
3. The rate of stolen cars has dropped, much like the rate of security breaches.
4. Use of blockchain in cars is also valuable to your enterprise.

Question 7: True or False: A successful breach concerns board members, but doesn’t distract them when trying to grow the business and service their customers.

1. True
2. False

Question 8: Aside from protecting legacy systems, what is another challenge CISOs face in terms of the changing attack surface?

1. Companies often hire CISOs to be a “sacrificial lamb.”
2. Cyber insurance premiums and ransom payments are eating into budgets
3. GDPR has made privacy a top focus of boards.
4. Exponential growth in cheap computing power makes it cheaper for attackers to deploy.

Question 9: Which of the following are a part of cyber resilience? (Choose all that apply)

1. Data Integrity/Protection
2. Crisis Management
3. EDR Deployment Strategy
4. 3rd Pary Management

Question 10: True or False: The attack surface has expanded dramatically in the last few decades.

1. True
2. False

Question 11: When addressing the board what are the two most important things as a leader? (Choose Two)

1. That you are in control of things
2. That you are an excellent public speaker
3. That you understand risk and governance
4. That people have confidence in you

Question 12: When speaking to the board, always relate the technical issues of security to ________

1. Business objectives
2. Revenue opportunities
3. Other company’s technical issues
4. Data transformation projects

Question 13: What does being resilient mean?

1. You won’t be hacked
2. You’re completely safe
3. You’re prepared for an attack
4. You have 95% or greater perimeter coverage

Question 14: True or False: Cyber playbooks are different from runbooks.

1. True
2. False

Question 15: _______ security has a real-time risk appetite and feed on constant indications of compromise.

1. Reactionary
2. Threat
3. Informed
4. Rigid

Question 16: True or False: 5G greatly diminishes the reliability and practicality of IoT.

1. True
2. False

Question 17: What is a reason why the FAIR Model is valuable?

1. FAIR not only considers the loss you might have, but also the threat of and frequency of your vulnerabilities.
2. FAIR addresses secondary risk
3. FAIR works well together with leveraging MITRE
4. All of the above

Question 18: At the highest level, you can secure your company doing which three things (Choose 3)

1. Segmenting your networks
2. Implementing threat intelligence
3. Clear routines
4. Layered defenses

Question 19: True or False: The same threat intelligence used by a stock exchange is the same threat intelligence you should use for an insurance firm.

1. True
2. False

Question 20: What is one regulation that affects all industries?

1. SOX
2. PCI-DSS
3. HIPAA
4. GDPR

Question 21: How will 5G change the internet landscape?

1. 5G will increase data transmission and decrease security vulnerability.
2. 5G will increase data transmission and increase security vulnerability.
3. 5G will decrease data transmission and decrease security vulnerability.
4. 5G will decrease data transmission and increase security vulnerability.

Question 22: Which framework is useful for building up active intelligence that ties back to your controls?

1. Lockheed Cyber Kill Chain
2. MITRE ATT&CK
3. ISO 27001
4. FAIR Model

Question 23: True or False: FAIR considers not just the loss that you might have, but the threat of and frequency of your vulnerabilities.

1. True
2. False

Question 24: Which framework can be used for risk mapping?

1. Lockheed Cyber Kill Chain
2. MITRE ATT&CK
3. ISO 27001
4. FAIR Model

Question 25: True or False: Cultures are formed from authority.

1. True
2. False

Question 26: What are some common security vulnerabilities for big companies? (Choose Two)

1. Lack of control over physical security at cloud data centers.
2. Old/Out of date Mainframe systems
3. Data Access Control, leading to data breach opportunities for attackers.
4. Client/Server Systems, which can be attacked cheaply from around the world.

Question 27: In this course, we discussed two types of security teams.  What were they? (Choose Two)

1. Reactionary security
2. Threat security
3. Informed security
4. Rigid security

Question 28: __________ security is known as the “no” team and are not brought into decisions until the end.

1. Reactionary
2. Threat
3. Informed
4. Rigid

Question 29: Finding out your cloud-based assets were used to perform a DDoS attack on another company is an example of:

1. Primary Risk
2. Secondary Risk
3. Unavoidable Risk
4. A really bad day