Enroll Here: Strategic Cybersecurity Management Certification
Next Generation Issues Quiz Answers
Question 1: Your smartphone is going to become substantially more powerful in two particular areas. Which areas are those? (Choose Two)
- The amount of sophisticated applications available for your smartphone
- The processing of images for social media
- The conversion of voice for rapid translation
- The transmission rate of data going back and forth
Question 2: What does the tracking of cars have to do with securing your enterprise?
- Securing cars is difficult, so is securing your enterprise.
- Security for cars has evolved past a focus on just the perimeter and now takes into account what happens if someone does steal the car.
- The rate of stolen cars has dropped, much like the rate of security breaches.
- Use of blockchain in cars is also valuable to your enterprise.
Building Cyber Resilience Quiz Answers
Question 1: Aside from protecting legacy systems, what is another challenge CISOs face in terms of the changing attack surface?
- Companies often hire CISOs to be a “sacrificial lamb.”
- Cyber insurance premiums and ransom payments are eating into budgets
- GDPR has made privacy a top focus of boards.
- Exponential growth in cheap computing power makes it cheaper for attackers to deploy.
Question 2: In this course, we discussed two types of security teams. What were they? (Choose Two)
- Reactionary security
- Threat security
- Informed security
- Rigid security
Question 3: Which framework is useful for building up active intelligence that ties back to your controls?
- Lockheed Cyber Kill Chain
- MITRE ATT&CK
- ISO 27001
- FAIR Model
Risk Profiles and Playbooks Quiz Answers
Question 1: Finding out your cloud-based assets were used to perform a DDoS attack on another company is an example of:
- Primary Risk
- Secondary Risk
- Unavoidable Risk
- A really bad day
Question 2: At higher levels in your company, including executives, you need to do ___________
- Risk mapping
- Threat mapping
- Breach simulation
- Vulnerability assessments
Question 3: What is a reason why the FAIR Model is valuable?
- FAIR not only considers the loss you might have, but also the threat of and frequency of your vulnerabilities.
- FAIR addresses secondary risk
- FAIR works well together with leveraging MITRE
- All of the above
Strategic Cybersecurity Management Quiz Answers
Question 1: True or False: 5G greatly diminishes the reliability and practicality of IoT.
- True
- False
Question 2: _______ security has a real-time risk appetite and feed on constant indications of compromise.
- Reactionary
- Threat
- Informed
- Rigid
Question 3: At the highest level, you can secure your company doing which three things (Choose 3)
- Segmenting your networks
- Implementing threat intelligence
- Clear routines
- Layered defenses
Question 4: When speaking to the board, always relate the technical issues of security to ________
- Business objectives
- Revenue opportunities
- Other company’s technical issues
- Data transformation projects
Strategic Cybersecurity Management Final Exam Answers:
Question 1: At higher levels in your company, including executives, you need to do ___________
- Risk mapping
- Threat mapping
- Breach simulation
- Vulnerability assessments
Question 2: Your smartphone is going to become substantially more powerful in two particular areas. Which areas are those? (Choose Two)
- The amount of sophisticated applications available for your smartphone
- The processing of images for social media
- The conversion of voice for rapid translation
- The transmission rate of data going back and forth
Question 3: In order to align with threat frequency, you need to be aware of and aligned to ________.
- MITRE ATT&CK
- Different threat actors
- GDPR
- Secondary Risk
Question 4: True or False: You should determine if you will pay a ransom and how much you are willing to pay before you are hit with ransomware.
- True
- False
Question 5: True or False: Frameworks lack the value that many think they provide.
- True
- False
Question 6: What does the tracking of cars have to do with securing your enterprise?
- Securing cars is difficult, so is securing your enterprise.
- Security for cars has evolved past a focus on just the perimeter and now takes into account what happens if someone does steal the car.
- The rate of stolen cars has dropped, much like the rate of security breaches.
- Use of blockchain in cars is also valuable to your enterprise.
Question 7: True or False: A successful breach concerns board members, but doesn’t distract them when trying to grow the business and service their customers.
- True
- False
Question 8: Aside from protecting legacy systems, what is another challenge CISOs face in terms of the changing attack surface?
- Companies often hire CISOs to be a “sacrificial lamb.”
- Cyber insurance premiums and ransom payments are eating into budgets
- GDPR has made privacy a top focus of boards.
- Exponential growth in cheap computing power makes it cheaper for attackers to deploy.
Question 9: Which of the following are a part of cyber resilience? (Choose all that apply)
- Data Integrity/Protection
- Crisis Management
- EDR Deployment Strategy
- 3rd Pary Management
Question 10: True or False: The attack surface has expanded dramatically in the last few decades.
- True
- False
Question 11: When addressing the board what are the two most important things as a leader? (Choose Two)
- That you are in control of things
- That you are an excellent public speaker
- That you understand risk and governance
- That people have confidence in you
Question 12: When speaking to the board, always relate the technical issues of security to ________
- Business objectives
- Revenue opportunities
- Other company’s technical issues
- Data transformation projects
Question 13: What does being resilient mean?
- You won’t be hacked
- You’re completely safe
- You’re prepared for an attack
- You have 95% or greater perimeter coverage
Question 14: True or False: Cyber playbooks are different from runbooks.
- True
- False
Question 15: _______ security has a real-time risk appetite and feed on constant indications of compromise.
- Reactionary
- Threat
- Informed
- Rigid
Question 16: True or False: 5G greatly diminishes the reliability and practicality of IoT.
- True
- False
Question 17: What is a reason why the FAIR Model is valuable?
- FAIR not only considers the loss you might have, but also the threat of and frequency of your vulnerabilities.
- FAIR addresses secondary risk
- FAIR works well together with leveraging MITRE
- All of the above
Question 18: At the highest level, you can secure your company doing which three things (Choose 3)
- Segmenting your networks
- Implementing threat intelligence
- Clear routines
- Layered defenses
Question 19: True or False: The same threat intelligence used by a stock exchange is the same threat intelligence you should use for an insurance firm.
- True
- False
Question 20: What is one regulation that affects all industries?
- SOX
- PCI-DSS
- HIPAA
- GDPR
Question 21: How will 5G change the internet landscape?
- 5G will increase data transmission and decrease security vulnerability.
- 5G will increase data transmission and increase security vulnerability.
- 5G will decrease data transmission and decrease security vulnerability.
- 5G will decrease data transmission and increase security vulnerability.
Question 22: Which framework is useful for building up active intelligence that ties back to your controls?
- Lockheed Cyber Kill Chain
- MITRE ATT&CK
- ISO 27001
- FAIR Model
Question 23: True or False: FAIR considers not just the loss that you might have, but the threat of and frequency of your vulnerabilities.
- True
- False
Question 24: Which framework can be used for risk mapping?
- Lockheed Cyber Kill Chain
- MITRE ATT&CK
- ISO 27001
- FAIR Model
Question 25: True or False: Cultures are formed from authority.
- True
- False
Question 26: What are some common security vulnerabilities for big companies? (Choose Two)
- Lack of control over physical security at cloud data centers.
- Old/Out of date Mainframe systems
- Data Access Control, leading to data breach opportunities for attackers.
- Client/Server Systems, which can be attacked cheaply from around the world.
Question 27: In this course, we discussed two types of security teams. What were they? (Choose Two)
- Reactionary security
- Threat security
- Informed security
- Rigid security
Question 28: __________ security is known as the “no” team and are not brought into decisions until the end.
- Reactionary
- Threat
- Informed
- Rigid
Question 29: Finding out your cloud-based assets were used to perform a DDoS attack on another company is an example of:
- Primary Risk
- Secondary Risk
- Unavoidable Risk
- A really bad day