CYSA+ QUIZ 1
Which of the following objectives is not one of the three main objectives that information security
professionals must achieve to protect their organizations against cybersecurity threats? -
ANS-Nonrepudiation
Vincent works as a security analyst in an organization. He is responding to a security incident
that compromised one of his organization's web servers. He does not believe that attackers
modified or stole any information, but they did disrupt access to the organization's website.
Which cybersecurity objective did this attack violate in the given scenario? - ANS-Availability
Tommy, a data analyst in an organization, is assessing the security of several database servers
in his datacenter. During his assessment process, he realizes that one of the databases is
missing a critical Oracle security patch. Which type of situation has Tommy detected in the given
scenario? - ANS-Vulnerability
Ben works as a cybersecurity analyst in an ABC organization. He is preparing to conduct a
cybersecurity risk assessment process for his organization. For the risk assessment, he
chooses to follow the standard process proposed by NIST. Which of the following steps be the
first step that Ben would perform in the given scenario? - ANS-Identify threats.
Cindy works as a cybersecurity analyst in an XYZ organization. She conducts a cybersecurity
risk assessment and considers the impact of a failure of her city's power grid that might have on
the organization. Which type of threat is Cindy facing in the given scenario? -
ANS-Environmental
Which of the following categories of threat requires that cybersecurity analysts consider the
capability, intent, and the likelihood that the threat will target the organization? -
ANS-Adversarial
Paul works as a risk analyst in an organization. He recently completed a risk assessment and
determined that his network was vulnerable to hackers as the network was connecting to open
ports on servers. He implemented a network firewall to reduce the likelihood of a successful
attack. Which risk management strategy did Paul choose to pursue in the given scenario? -
ANS-Risk mitigation
A user is configuring a jump box server from which system administrators will connect their
laptops. Which one of the following ports should not be open on the server? - ANS-23
Robert works as a security analyst in an organization. His organization has a Bring Your Own
Device (BYOD) policy and he would like to ensure that devices connected to the network under
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.