Cyber Security Awareness Quiz

Questions and Answers

Which of these is a reality with respect to Cyber Security?

• Compliance equates to a robust security strategy
• There will always be residual risk after security control implementation (correct)
• Cyber threats are only external
• Password protected Wi-Fi networks are secure

Does multi-tier architecture provide a larger attack surface than single tier architecture?

• True (correct)
• False
• Only in specific cases
• Depends on the implementation

Which of the following is a correct pairing of the Secure SDLC phases and their primary activities?

• Initiation phase: Security and Privacy Requirement; Development phase: Security Design and Architecture considerations; Implementation phase: Security Software Development and (correct)
• Initiation phase: Security Configuration and Monitoring; Development phase: Security Software Development and Security Testing; Implementation phase: Security Design and Architecture considerations; Operations phase: Security considerations at the time of decommissioning; Disposal phase: Security and Privacy Requirement
• Initiation phase: Security considerations at the time of decommissioning; Development phase: Security and Privacy Requirement; Implementation phase: Security Design and Architecture consideration; Operations phase: Security Software Development and Security Testing; Disposal phase: Security Configuration and Monitoring
• Development phase: Security and Privacy Requirement; Implementation phase: Security Design and Architecture considerations; Operations phase: Security considerations at the time of decommissioning; Disposal phase: Security Software Development and Security Testing

Which phase of the Secure SDLC involves Security Design and Architecture considerations?

Development phase (B)

At which phase in the Secure SDLC are security and privacy requirements primarily considered?

Initiation phase (D)

Which of the following is NOT a phase in the Secure SDLC?

Security Review phase (C)

Flashcards

Residual Risk in Cybersecurity

Risk that remains after implementing security controls.

Multi-tier Architecture Attack Surface

Multi-tier architecture exposes a larger attack surface than single-tier architecture.

Secure SDLC Initiation Phase

Security and privacy requirements defined during this phase.

Secure SDLC Development Phase

Security design and architecture considerations take place.

Secure SDLC Implementation Phase

Security software development and validation.

Non-existent Secure SDLC Phase

Security review is not a phase in the standard Secure SDLC.

Study Notes

Cyber Security Awareness

Myth vs Reality

• Password protected Wi-Fi networks are not secure, they can still be vulnerable to cyber threats.
• Cyber threats are not only external, internal threats also exist.
• There will always be residual risk after security control implementation, it's a reality in cyber security.
• Compliance does not equate to a robust security strategy, it's just one aspect of it.

Multi-Tier Architecture

• Multi-tier architecture does not necessarily provide a larger attack surface than single tier architecture, this statement is False.

Secure SDLC Phases

• Initiation phase involves Security and Privacy Requirements.
• Development phase involves Security Design and Architecture considerations.
• Implementation phase involves Security Software Development and Security Testing.
• Operations phase involves Security Configuration and Monitoring.
• Disposal phase involves Security considerations at the time of decommissioning.

Description

Test your knowledge about cyber security myths and realities, and learn about security strategies and architectures. Assess your understanding of cyber threats and risk management.