Module 2: The Evolution of Cybersecurity

Q: Which of the following threats are examples of malware? Select two answers.

• Error messages
• Viruses 
• Worms 
• Bugs

Explanation: The term "virus" refers to a kind of computer software that can duplicate itself and spread to other systems to infect files. In the realm of malicious software, worms are self-contained programs that can duplicate themselves and propagate autonomously across networks.

 Q: Fill in the blank: Social engineering is a ______   that exploits human error to gain private information, access, or valuables.

• manipulation techniques 
• replicating virus
• type of malware
• business breach

Explanation: In the field of manipulation, social engineering refers to the practice of taking advantage of human mistakes to acquire confidential information, access, or assets.

 Q: Which of the following threats are most likely to occur in the event of a phishing attack? Select all that apply.

• Malicious software being deployed 
• Theft of the organization’s hardware
• Employees inadvertently revealing sensitive data 
• Overtaxing systems with too many internal emails

Explanation: Phishing attacks, which often attempt to steal data or obtain unauthorized access rather than physically taking gear, are not directly tied to the theft of the organization's hardware. In general, phishing assaults are not. There is no obvious correlation between a phishing assault and the overburdening of systems with an excessive number of internal emails. Phishing emails, when sent in high numbers, can overwhelm mail systems; however, this is not often the main purpose of phishing assaults, nor is it the consequence of such operations.

Q: Which domain involves defining security goals and objectives, risk mitigation, compliance, business continuity, and the law?

• Security architecture and engineering
• Security assessment and testing
• Identity and access management
• Security and risk management 

Explanation: This topic often involves a broad range of strategic and operational activities that are linked with the management of security threats within the framework of an organization for the most part. The process of creating security goals and objectives, putting risk mitigation strategies into action, ensuring compliance with regulations and laws, planning for business continuity and disaster recovery, and managing the general governance of security practices inside the firm are all activities that fall under this category.

Q: Which domain involves optimizing data security by ensuring that effective tools, systems, and processes are in place?

• Security architecture and engineering 
• Communication and network security
• Identity and access management
• Security and risk management

Explanation: When it comes to security architecture and engineering, one of the most important aspects is the creation and implementation of security solutions to protect data, systems, and networks. The selection and implementation of appropriate security solutions, the design of secure architectures, the creation of security processes and procedures, and the assurance that these measures are effectively implemented and maintained to decrease risks and fight against threats are all essential components of this process.

Q: Which domain involves securing digital and physical assets, as well as managing the storage, maintenance, retention, and destruction of data?

• Security operations
• Communication and network security
• Security assessment and testing
• Asset security

Explanation: Asset security is the area that encompasses the management of the storage, maintenance, retention, and destruction of data, as well as the protection of both digital and physical components of an organization's assets.

Q: Which of the following tasks may be part of the identity and access management domain? Select three answers.

• Ensuring users follow established policies 
• Managing and controlling physical and logical assets
• Setting up an employee’s access keycard
• Conducting security control testing

Explanation: Identity and Access Management (IAM) is the process of developing and implementing access rules that determine how users may interact with the resources of an organization. For the sake of preserving security, it is essential to make sure that users adhere to these regulations. Managed access to both physical assets (like buildings and rooms) and logical assets (like files, databases, and applications) is what identity and access management (IAM) entails. One of the most important aspects of identity and access management (IAM) is the ability to control access to these assets based on user identities. Integrated Access Management (IAM) encompasses the process of providing and managing access credentials for users. This process may require the establishment of physical access restrictions for workers, such as keycards or badges.

Q: Which domain involves conducting investigations and implementing preventive measures?

• Security operations
• Security and risk management
• Identity and access management
• Asset security

Explanation: The day-to-day actions that are involved in monitoring, identifying, investigating, and reacting to security occurrences inside an organization are the primary emphasis of security operations. The implementation of preventative measures to limit the risk of security breaches and the effect of such breaches, as well as the performance of post-incident analysis to enhance security practices and resilience, are both included in this description.

Q: A security professional is researching compliance and the law in order to define security goals. Which domain does this scenario describe?

• Security assessment and testing
• Security architecture and engineering
• Security and risk management 
• Identity and access management

Explanation: To effectively manage security and risks, it is necessary to have a comprehensive grasp of legal and regulatory requirements, conduct risk assessments, to formulate security policies and objectives based on these evaluations, and to guarantee compliance with all relevant laws and regulations. The strategic elements of managing security inside an organization are the focus of this area. These aspects include the establishment of objectives and the alignment of security activities with business goals and compliance needs.

Q: Which of the following tasks may be part of the security architecture and engineering domain? Select all that apply.

• Validating the identities of employees
• Ensuring that effective systems and processes are in place 
• Configuring a firewall 
• Securing hardware

Explanation: Security architecture and engineering about the process of creating and putting into action efficient security systems, procedures, and controls to safeguard assets and minimize risks. It is often considered to be within the purview of security architecture and engineering to configure security devices such as firewalls. This is because the configuration of these devices entails developing the network security infrastructure to guard against unauthorized access and threats. To verify the identification of the staff members: In most cases, this work is a component of identity and access management (IAM), which is the administration of procedures of access control and authentication.

Q: Which of the following tasks may be part of the security assessment and testing domain? Select all that apply.

• Conducting security audits 
• Collecting and analyzing data
• Auditing user permissions
• Securing physical networks and wireless communications

Explanation: Conducting audits to evaluate the security posture of systems, networks, and applications in comparison to predetermined security standards and best practices is a common component of security testing and assessment techniques. Common tasks within the realm of security assessment and testing include reviewing and auditing user permissions to verify that access controls are effectively set and aligned with security rules. This is done to guarantee that security policies are adhered to. Processes of data collection and analysis: Although data collection and analysis are essential for a variety of areas of security operations and management, they are not exclusive to the domain of security assessment and testing, which is primarily concerned with analyzing and validating security controls and settings.

Q: Which domain involves keeping data secure by ensuring users follow established policies to control and manage physical assets?

• Security assessment and testing
• Security and risk management
• Communication and network security
• Identity and access management 

Explanation: The term "identity and access management" (IAM) refers to the process of managing and limiting access to physical assets (also known as buildings, rooms, and equipment) based on predetermined rules and user IDs. Assuring that users have access rights and privileges that are suitable for their positions and responsibilities within the company is the primary emphasis of this security measure. Additional responsibilities in this area include the implementation of controls and procedures to enforce security regulations for the management of physical assets and access.

Q: Which of the following tasks may be part of the security operations domain? Select all that apply.

• Conducting investigations
• Implementing preventive measures 
• Investigating an unknown device that has connected to an internal network 
• Using coding practices to create secure applications

Explanation: Investigation of security events, anomalies, or breaches is part of security operations. The goal of these investigations is to identify the source and effect of the occurrences, as well as to launch appropriate remedies. Security operations include the implementation of steps to avoid security events. These procedures include the configuration of security controls, the deployment of security patches, and the delivery of awareness training. One of the most important responsibilities of security operations teams is to keep an eye out for possible security risks and to promptly react to them. Examples of such dangers include unfamiliar devices connecting to the network.

Q: Fill in the blank: Social engineering is a manipulation technique that exploits______   error to gain access to private information.

• human 
• computer
• coding
• network

Explanation: The term "social engineering" refers to a sort of manipulation that takes advantage of human mistakes to get access to confidential information.

Q: Which of the following tasks are part of the security and risk management domain? Select all that apply.

• Securing physical assets
• Defining security goals and objectives 
• Business continuity 
• Compliance 

Explanation: It is common practice to identify the process of safeguarding physical assets with physical security measures rather than with the strategic management of security risks and goals. This is although securing physical assets is vital for overall security. It is common practice to view compliance with legal and regulatory requirements as a distinct but related area that overlaps with security and risk management practices. This is although compliance with these standards is significantly essential for security and risk management.

Q: Which of the following tasks may be part of the asset security domain? Select all that apply.

• Ensuring users follow established policies
• Data storage and maintenance           
• Securing digital and physical assets 
• Proper disposal of digital assets

Explanation: To ensure confidentiality, integrity, and availability, asset security entails the management and protection of data during its entire lifespan, including its storage and maintenance. The protection of assets includes safeguarding both digital assets (such as data, software, and intellectual property) and physical assets (such as hardware, facilities, and equipment) from illegal access, theft, loss, or damage. Physical assets include things like hardware, facilities, and equipment. An additional component of asset security is making certain that digital assets are disposed of properly when they are no longer required. This is done to avoid unwanted access or data breaches.

Q: A security professional is asked to issue a keycard to a new employee. Which domain does this scenario relate to?

• Security assessment and testing
• Identity and access management
• Security and risk management
• Communication and network security

Explanation: Managing and restricting access to resources inside an organization is what identity and access management takes care of. IAM is responsible for the process of furnishing access credentials, which includes the issuance of keycards to new employees. This procedure is part of the process of providing access credentials. Authentication, authorization, provisioning, and management of user identities and access privileges are some of the duties that fall under this domain. The purpose of this domain is to guarantee that workers have proper access to the organization's facilities and systems.