Fundamental Cyber Security Concepts Course

Questions and Answers

What is one of the fundamental cyber security concepts covered in the course?

• The history of artificial intelligence
• The differences between routers and switches
• Understanding the CIA triad (correct)
• How to use specific security tools

Why is understanding zero trust important in modern cyber security?

• To increase cyber threats
• To implement security controls effectively (correct)
• To learn how to hack into systems
• To bypass security operations

Which of the following is NOT covered in this cyber security course?

• Implementing security controls
• How to use specific security tools (correct)
• Learning about offensive security techniques
• Understanding key concepts across identity and data security

What does the course aim to teach about security controls?

The forms that security controls can take (D)

What are some key concepts and themes covered in this cyber security course?

Identity, networking, and security operations (A)

What is a threat agent?

An individual, group, organisation, or automated system that has the potential to exploit vulnerabilities (B)

Which of the following best describes a threat?

A potential event or action that can exploit system vulnerabilities to cause harm (C)

What does a vulnerability refer to in cybersecurity?

A weakness or flaw in a system's design that can be exploited (A)

Who could be considered a threat agent?

An entity capable of exploiting system weaknesses (C)

Which term refers to the 'what' in terms of potential harm to an organisation's assets?

Threat (D)

In cybersecurity, what is one of the most common actions classified as a threat?

Data breaches (D)

What is the purpose of security controls?

To protect information systems and assets (D)

Which category of controls involves guidelines and procedures governing security practices?

Administrative Controls (C)

What do security policies and procedures define?

How to maintain security within an organization (A)

What are technical controls mainly based on?

Using technology (B)

Which type of control focuses on educating employees about security best practices?

User Awareness Controls (D)

In the context of cybersecurity risk management, what is exposure?

When vulnerabilities are exploited by threat agents (B)

What is the purpose of logging and auditing in an organization?

To monitor and record system activities for security and compliance purposes (A)

Which security control category focuses on guidelines for writing software to minimize vulnerabilities?

Secure coding practices (A)

What do legal and regulatory controls ensure within an organization?

Compliance with relevant laws, regulations, and industry standards (D)

Which type of risk management is considered important for all security professionals?

Continuous assessment of security risks (B)

Which aspect helps organizations decide what action to take against risks to the business?

Constant assessment of security risks (D)

Which standard is specifically mentioned in the text as relevant for payment card data security?

PCI DSS (B)

What is the main purpose of Least Privilege in cybersecurity?

Limiting access to only the necessary level for tasks (D)

How does Micro-Segmentation help in limiting lateral movement in a network breach?

It divides network resources into smaller segments (B)

What distinguishes Zero Trust from traditional security architectures regarding trust?

Traditional models implicitly trust internal users and devices (C)

What is the main focus of Continuous Monitoring in cybersecurity?

Detecting anomalies and potential threats in real-time (C)

How does Data Encryption protect information in cybersecurity?

Prevents unauthorized access by encrypting data in transit and at rest (A)

What context is used for enforcing Strict Access Control in cybersecurity?

Device health, user roles, and network location (C)