Cybersecurity Threats: Compromised Devices and Account Protection

Questions and Answers

What is a common threat to data in transit?

• Malware attack
• Untrained employee
• Ransomware attack
• Man-in-the-middle attack (correct)

What is the most common cause of the costliest data breaches?

• Lack of diligence and untrained employees
• Targeted attack
• Phishing and social engineering
• Malware (viruses and Trojans) (correct)

What is a countermeasure to protect data at rest on a device?

• Two-factor authentication
• File level or disk encryption (correct)
• Network segmentation
• SSL/TLS with valid certificates

What is a type of threat that can read or modify data at rest on-premise or in the cloud?

Unauthorized or malicious process (B)

What is essential for protecting data, according to the given quote?

Knowledge (A)

What is a potential risk if a user accesses corporate SaaS applications from a compromised device?

Account compromise through brute force or password guessing (A)

Why is security awareness training essential for protecting against cyber threats?

To mitigate the risks of phishing attacks by making users more aware of potential threats (D)

What is the primary goal of a cybercriminal when stealing credentials?

To escalate privileges to a domain administrator (B)

What is the purpose of Multi-Factor Authentication (MFA)?

To use multiple factors for authentication to increase security (B)

What is the new perimeter in terms of a user's identity?

The credential boundary (B)

Who is the lecturer for the CSIT302 Cybersecurity subject?

Dr Partha Sarathi Roy (B)

What is the total percentage of the quizzes in the CSIT302 Cybersecurity subject?

30% (C)

What is the title of the textbook recommended for the CSIT302 Cybersecurity subject?

Cybersecurity – Attack and Defense Strategies (B)

What is the percentage of the final examination in the CSIT302 Cybersecurity subject?

50% (C)

What type of assignments can be expected in the CSIT302 Cybersecurity subject?

Either written reports or programs (or combined) (A)

What is the primary goal of privacy in the context of cybersecurity?

To benefit the individual by maintaining secrecy (C)

What is the result of achieving the goals of cybersecurity in an organization?

Enhancing the security posture (A)

What is the difference between privacy and confidentiality in the context of cybersecurity?

Privacy is for individuals, while confidentiality is for organizations (C)

What is essential for enhancing overall security posture in an organization?

Both detection and response systems (D)

Why is it important to have a strong security posture in an organization?

To reduce the risk of cybersecurity attacks (C)

What is continuous monitoring used for in authentication?

To continuously verify a person's identity throughout a session (D)

What security consideration should be taken for apps developed in-house?

Using a secure framework throughout the software development lifecycle (A)

What is a potential security risk of personal apps on BYOD?

They may not be secure (B)

What is a characteristic of Shadow IT?

Systems developed by individual departments other than the central IT department (B)

What is a potential benefit of Shadow IT, despite the security risks?

It may give us efficiency (A)

What is the primary reason human error is a significant cybersecurity challenge?

Humans are the weakest link in cybersecurity, making them vulnerable to social engineering (D)

What is a characteristic of a targeted attack?

It is a long-term attack with persistent access to the target's network (D)

What is the primary goal of a ransomware attack like WannaCry?

To demand a ransom in exchange for restoring access to data (A)

What is the initial stage of a targeted attack?

Public reconnaissance to gather information about the target (D)

What is the role of social engineering in cybersecurity attacks?

It is used to lead employees to click on links that download malware or viruses (C)

What is the primary focus of cybersecurity?

Safeguarding programs, network systems, software, and virtual data from invasion or damage (B)

What is the main reason why cybersecurity is crucial for businesses?

It is a must-have feature to avoid irrevocable damage or bankruptcy (B)

What is an example of a cyberattack that can result in a fine?

Data breach of a company's database (C)

What is the purpose of cybersecurity in an interconnected digital environment?

To diminish the risk of cyberattacks and protect individuals and organizations (A)

What is a common threat to individuals and organizations in the cyberspace?

Cyberattacks (A)

What is the broad area of security that encompasses computer security, network security, and software/hardware security?

Cybersecurity (B)

What is the consequence of failing to invest in cybersecurity?

Irrevocable damage or even bankruptcy (C)

What is an example of a cyberattack that can result in the unauthorized exploitation of data?

Facebook-Cambridge Analytica data scandal (B)

What is the role of cybersecurity in protecting individuals and organizations?

To protect individuals and organizations from unauthorized exploitation of data, network systems, and technologies (B)

What is the main reason why cybersecurity is necessary in today's digital age?

To protect against cyberattacks and malicious activities (A)