Cyber Threat Intelligence All Quiz Answers | Data Loss Prevention and Mobile Endpoint Protection Graded Assessment | Week 2

Data Security and Protection Knowledge Check ( Practice Quiz )

Q1) A student's grades should be visible to that student when she logs in to her university account. Her ability to see her grades is an example of which aspect of the CIA Triad ?

• Availability

Q2) A university has implemented practices that ensures all student data is encrypted while stored on university servers. Which aspect of the CIA Triad does this practice support ?

• Confidentiality

Q3) The Student Portal of a university issues a confirmation code with a hash value each time a student submits an assignment using the portal. This is an example of which aspect of the CIA Triad ?

• Integrity

Q4) True or False. An organization has "air gapped" its small network of critical data servers so they are accessible internally but not to any external system. These systems are now safe from a deliberate attack.

• False

Q5) C-level executives face 4 challenges when assuring their organizations maintain a comprehensive, workable data security solution. The proliferation of smartphones used for work would impact which two (2) of these concerns the most ? (Select 2)

• Explosive data growth
• New privacy regulations

Q6) True or False. An organization is subject to both GDPR and PCI-DSS data security regulations and has dedicated all of its efforts in remaining in compliance with these 2 sets of regulations. They are correct in believing that their data is safe.

• False

Q7) True or False. A newly hired CISO made the right choice when he moved the Known Vulnerabilities list to a high priority for his team to resolve even though none of these had ever been exploited on the company's network to-date.

• True

Q8) All industries have their own unique data security challenges. Which of these industries has a particular concern with HIPAA compliance and the highest cost per breached record ?

• Healthcare

Q9) All industries have their own unique data security challenges. Which of these industries has a particular concern with being targeted more than any other by cybercriminals "because that is where the money is" ?

• Financial

Q10) Which three (3) of these are among the top 12 capabilities that a good data security and protection solution should provide ? (Select 3)

• Data discovery
• Data risk analysis
• Blocking, masking and quarantining

Q11) Parsing discovered data against known patterns or key words is a process known as what ?

• Data classification

Q12) Which data protection process takes data activity monitoring output and uses it to generate insights about threats ?

• Active analytics

Q13) True or False. The Guardium administrator needs to be someone with the highest level of access to the data being protected ?

• False

Mobile Endpoint Protection Knowledge Check ( Practice Quiz )

Q1) Which mobile operating system runs the majority of smartphones today ?

• iOS
• Android

Q2) Which mobile operating system runs approximately 60% of tablet computers worldwide ?

• iOS

Q3) True or False. Security is enhanced on iOS mobile devices because users typically cannot interact directly with the operating system.

• True

Q4) Which statement best describes the use of anti-virus software on mobile devices ?

• Antivirus software can "see" the apps that are running on a mobile device but cannot see the data that is associated with each app.

Q5) Which type of threat is Jailbreaking ?

• System based

Data Loss Prevention and Mobile Endpoint Protection Graded Assessment ( Main Quiz )

Q1) Which mobile operating system was originally based on the Linux kernel ?

• Android

Q2) Which two (2) mobile operating combined dominate the vast majority of the smartphone market ? (Select 2)

• iOS
• Android

Q3) True or False. Security is enhanced on Android mobile devices because users interact directly with the operating system.

• False

Q4) What is one limitation to the operation of anti-virus software running on mobile devices ?

• Antivirus software can "see" the apps that are running on a mobile device but cannot see the data that is associated with each app.

Q5) On a mobile device, which type of threat is a phishing scam ?

• App based

Q6) A university uses clustered servers to make sure students will always be able to submit their assignments even if one server is down for maintenance. Server clustering enables which aspect of the CIA Triad ?

• Availability

Q7) A university has enabled WPA2 encryption on its WiFi systems throughout the campus. Which aspect of the CIA Triad is directly supported by this action ?

• Confidentiality

Q8) A student can see her grades via her school's Student Portal but is unable to change them. This restriction is in support of which aspect of the CIA Triad ?

• Integrity

Q9) True or False. An operator who corrupts data by mistake is considered an "inadvertent attack" that should be considered when developing data protection plans.

• True

Q10) C-level executives face 4 challenges when assuring their organizations maintain a comprehensive and workable data security solution. GDPR, CCPA, and PCC-DSS are concerned with which one of these challenges ?

• New privacy regulations

Q11)True of False. A biotech research company with a very profitable product line has grown so rapidly it has acquired a marketing company, a small IT services company and a company that specializes in pharmaceutical manufacturing and distribution.  The CEO of the parent company made a good decision when he decided not to consolidate all data security under a single CISO, believing that each of the new divisions understands its own data security needs better than the parent company possibly could.

• False

Q12) Which three (3) of these are among the 5 common pitfalls of data security ? (Select 3)

• Failure to move beyond compliance
• Failure to address known vulnerabilities
• Failure to prioritize and leverage data activity monitoring

Q13) All industries have their own unique data security challenges. Which of these industries has a particular concern with a widely distributed IT infrastructure that must provide services across a multiple government jurisdictions while not violating the privacy concerns of its users ?

• Transportation

Q14) Which three (3) of these are among the top 12 capabilities that a good data security and protection solution should provide ? (Select 3)

• Data and file monitoring
• Data classification
• Encryption

Q15) Which is the data protection process that addresses inappropriate privileges, insecure authentication methods, account sharing, configuration files and missing security patches ?

• Vulnerability assessment

Q16) Which data protection process substitutes key data with a token that is issued by a trusted third-party where the token can be accessed but not redeemed by an untrusted party ?

• Tokenization

Q17) IBM Guardium provides heterogeneous data source support. This support results in which capability ?

• Similar security capabilities can be applied to different sort of data repositories

*****************************************************************************************************

Cyber Threat Intelligence

• Cyber Threat Intelligence All Quiz Answers | Threat Intelligence Graded Assessment | Week 1

• Cyber Threat Intelligence All Quiz Answers | Data Loss Prevention and Mobile Endpoint Protection Graded Assessment | Week 2

• Cyber Threat Intelligence All Quiz Answers | Application Testing Graded Assessment | Week 3

• Cyber Threat Intelligence All Quiz Answers | SIEM Platforms Graded Assessment | Week 4

• Cyber Threat Intelligence All Quiz Answers | Threat Hunting Graded Assignment | Week 5