Question
According to our lecture, all of the following are elements of a cybersecurity culture, EXCEPT? a. Technology b. People c. Attitude d. Policy QUESTION 2
- According to our lecture, all of the following are elements of a cybersecurity culture, EXCEPT?
a. | Technology | |
b. | People | |
c. | Attitude | |
d. | Policy |
QUESTION 2
- When creating a culture of cybersecurity, the lecture encourages organizations to make it real, make it a team effort, make it a business priority, and make it _____________________.
Compliant | ||
Personal | ||
Sophisticated | ||
A important to stockholder |
QUESTION 3
- _____________________ is the first step on of Touhill's change management process.
QUESTION 4
- All of the following steps are part of the National Initiative for Cybersecurity Education (NICE) Workforce Development Tool Kit, EXCEPT?
Plan | ||
Assess | ||
Build | ||
Education & Training |
QUESTION 5
- All of the following are components of the SANS/CIS 20 cybersecurity controls (EXCEPT):
Data Protection | ||
Risk Metrics Developemnt | ||
Incident Response and Management | ||
Wireless Access Control |
QUESTION 6
- Which of the following are critical steps in the establishment of an effective insider threat program? (SELECT TWO OR MORE)
Program Auditing | ||
Know your critical assets | ||
Conduct a Read Team Assessment | ||
Practice Social Media Vigilance |
QUESTION 7
- Which of the following is NOT a Core domain area of the NIST Framework?
Investigate | ||
Recover | ||
Identify | ||
Protect |
QUESTION 8
- Which NIST Tier level is an organization where its risk management program demonstrates an awareness of cybersecurity risk at the organizational level, but an organization-wide approach to managing cybersecurity risk has not been established. Management approves, defines, and implements processes and procedures are defined; and staff has adequate resources to perform their cybersecurity duties. Finally, cybersecurity information is shared within the organization on an informal basis?
Tier 1 | ||
Tier 2 | ||
Tier 3 | ||
Tier 4 |
QUESTION 9
- According to the NIST Framework all of the following are steps are recommended to establish or improve a cybersecurity program EXCEPT:
Orient, Prioritize and Scope Gaps | ||
Create a Current Profile | ||
Conduct a Risk Assessment | ||
Implement an Action Plan |
QUESTION 10
- According to the lecture, the NIST Framework can be used to ________________ __________________for new or revised standards, guidelines, or practices where additional Informative References would help organizations address emerging needs.
QUESTION 11
- Based on one of the class videos, general awareness training is more effective because does all of the following EXCEPT:
Meaningful, encourage reflection and transfer into the workplace | ||
Make learners active participants | ||
Integrates best practices and industry recognized standards | ||
Prompts participants to identify risks and apply best practice to the situation |
QUESTION 12
- According to the lecture, COBIT 5 is a single and integrated framework because does all of the following EXCEPT:
Provides Complete Enterprise Coverage | ||
Aligns with Relevant Standards, Best Practices, and Frameworks | ||
Provides a Simple Architecture | ||
Integrates previously dispersed enterprises, standards, and best practices |
QUESTION 13
- According to the textbook & lecture, cybersecurity leaders should as these six questions when examining a cybersecurity dashboard: 1) How do we Compare to others: 2) what are the threats; 3) __________________________; 4) _________________________; 5) _____________________________; 6) ___________________________________.
QUESTION 14
- T/F: According to the text, base-lining and creating a disaster recovery plan are two critical steps in preparing for a cyber-attack .
True
False
QUESTION 15
- T/F: According to NIST 800-53, the development of a successful security measurement plan must yield include data that supports the measures needs to be readily obtainable.
True
False
QUESTION 16
- According to the Textbook which of the following are Executive Cybersecurity Dashboard Categories?
Am I spending the right amount on cybersecurity and How much insurance should I buy | ||
Does the C-Suite conduct quarterly assessments of systems and software and Do I have the Right People, With Proper Training and do they follow procedures | ||
Am I compliant with Federal Regulations and How do I compare to others | ||
How vulnerable are we and How effective are our systems and processes |
QUESTION 17
- According to our required readings, name the three tenets of cybersecurity?
Threat Capability, Threat Awareness, and Adversary Tactics | ||
System Susceptability, Threat Accessibility, Threat Capability | ||
System Capability, Threat Capability, Software Capability | ||
System Susceptability, Threat Defense, Adversary Capability |
QUESTION 18
- ESSAY: Today, we must plan for the worst, in chapter nine of the textbook, Touhill discusses "what to do when you get hacked". He offers a ten-step solution to implement when bad things happen. Please identify & briefly describe those ten steps (one to two sentences each). Simple address the main point of each step.
Step by Step Solution
3.54 Rating (171 Votes )
There are 3 Steps involved in it
Step: 1
The detailed answer for the above question is provided below Answer 1 a Technology It has no link to...
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Fraud examination
Authors: Steve Albrecht, Chad Albrecht, Conan Albrecht, Mark zimbelma
4th edition
538470844, 978-0538470841
