QUESTIONS
#Q1. Analyst B has discovered unauthorized access to data. What has she discovered?
- Breach
- Hacker
- Threat
- Ransomware
#Q2. Analyst B has discovered multiple attempts from unauthorized users to access confidential data. This is most likely?
- Admin
- Hacker
- User
- IT Support
#Q3. Analyst B has discovered multiple sources which can harm the organization’s systems. What has she discovered?
- Breach
- Hacker
- Threat
- Ransomware
#Q4. An internet-based organization whose address is not known has attempted to acquire personal identification details such as usernames and passwords by creating a fake website. This is an example of?
- Breach
- Phishing
- Threat
- Ransomware
#Q5. One of the employees of the organization has obtained a loan by using another employee’s salary documents. This is an example of?
- Identity threat
- Threat
- Exploit
- Ransomware
#Q6. Among the following, which task is not a usual expectation from the cybersecurity analyst?
- Understand the importance of cybersecurity
- Understand risks of cyber-attacks, identity and data theft, loss or disruption of services, communication, systems, and infrastructure
- Follow industry-wide standards and practices to minimize risk
- Take periodic back-up of data for the organization
#Q7. What is the likely cost of cyber threats annually by 2021?
- 1 Trillion
- 3 Trillion
- 6 Trillion
- 12 Trillion
#Q8. Architecture, that defines the business strategy, governance, organization, and key business processes, is known as?
- Business architecture
- Data architecture
- Application architecture
- Technology architecture
#Q9. Architecture, which provides a blueprint for individual application systems to be deployed, their interactions, and their relationships to core business processes of an organization, is known as?
- Business architecture
- Data architecture
- Application architecture
- Technology architecture
#Q10. Architecture that is across all of these elements of architecture that tries to protect the organization’s information and operations is known as?
- Business architecture
- Security architecture
- Application architecture
- Technology architecture
#Q11. Which server handles application requests from a client with an HTTP interface to move, receive and send information?
- File Server
- Directory Server
- Web Server
- Application Server
#Q12. Which server handles processing logic on data received from client and from database and applies programming logic rules to data?
- File Server
- Directory Server
- Web Server
- Application Server
#Q13. Which server stores and retrieves information and optimizes storage of information in a defined folder structure?
- File Server
- Directory Server
- Web Server
- Application Server
#Q14. Which layers of internet communication mostly concern themselves with moving data around?
- Upper
- Lower
- External
- Internal
#Q15. Which approach assumes majority of planning is completed before construction is initiated?
- Waterfall
- Agile
- Scrum
- Hybrid
#Q16. Which element of the following is not a part of ITIL?
- Service strategy
- Service design
- Service transition
- Service selling
#Q17. Protection of computer networks and data from various electronic and digital threats is known as?
- Cyber Security
- Data Security
- Network Security
- Server Security
#Q18. Protection of organization’s data from threats is known as?
- Cyber Security
- Data Security
- Network Security
- Server Security
#Q19. Charter as a deliverable is of utmost interest to?
- Leadership
- Business
- Enablers
- IT Operations
#Q20. Security requirements as a deliverable are of utmost interest to which stakeholder group?
- Leadership
- Business
- Enablers
- Marketing
#Q21. Solution requirements as a deliverable is of utmost interest to
- Leadership
- Business
- Enablers
- IT Operations
#Q22. Application support is typically the primary responsibility of which stakeholder group ?
- Leadership
- Business
- Enablers
- IT Operations
#Q23. A steering committee is typically a part of which stakeholder group?
- Leadership
- Business
- Enablers
- IT Operations
#Q24. Enterprise-level threat assessment is typically the key responsibility of which stakeholder group?
- Leadership
- Business
- Enablers
- IT Operations
#Q25. A framework containing security policies, approach, tools and awareness programs for achieving the organization’s security objectives is know as?
-
Cyber security
-
Security Policy
-
CIA Triad
-
Security Governance
Answers with Explanation
Q.1 Answer: Option A
Explanation: Breach is defined as an incident resulting in unauthorized access to data, applications, services, networks, and/or devices.
Q.2 Answer: Option B
Explanation: Hacker is an unauthorized user who attempts to or gains access.
Q.3 Answer: Option C
Explanation: Threat is anything that has the potential to cause serious harm to a computer system.
Q.4 Answer: Option B
Explanation: Phishing is a fraudulent act of acquiring sensitive information, such as credit card numbers, personal identification. usernames and passwords.
Q.5 Answer: Option B
Explanation: Identity theft is an unauthorized collection of personal information and uses it for criminal reasons.
Q.6 Answer: Option D
Explanation: This is the work of the IT Operations department.
Q.7 Answer: Option B
Explanation: Data provided in IIBA Cyber Security Guide.
Q.8 Answer: Option A
Explanation: Business architecture defines the business strategy, governance, organization, and key business processes.
Q.9 Answer: Option C
Explanation: Application architecture that provides a blueprint for individual application systems to be deployed, their interactions, and their relationships to core business processes of the organization.
Q.10 Answer: Option B
Explanation: Security architecture’s primary objective is to protect the organization’s information and operations.
Q.11 Answer: Option C
Explanation: Web server handles application requests from a client with an http interface to move receive and send information.
Q.12 Answer: Option D
Explanation: Application server handles processing logic on data received from client and from database and applies programming logic rules to data.
Q.13 Answer: Option A
Explanation: Folders are linked-to file.
Q.14 Answer: Option B
Explanation: Lower layers focus on data transmissions.
Q.15 Answer: Option A
Explanation: Waterfall proposes complete planning.
Q.16 Answer: Option D
Explanation: Remaining 3 are part of ITIL.
Q.17 Answer: Option A
Explanation: Cybersecurity deals with protecting computer networks and data from various electronic and digital threats.
Q.18 Answer: Option B
Explanation: Data security deals with protection of data from various of electronic and digital threats.
Q.19 Answer: Option A
Explanation: Leadership needs to set up a charter.
Q.20 Answer: Option C
Explanation: Enablers are accountable for Security.
Q.21 Answer: Option C
Explanation: Business Process Maps, Solution requirements, Gap Analysis, Training etc. are the BA Focal Points/Related Deliverables for Business/Client
Q.22 Answer: Option D.
Explanation: IT operations provide support.
Q.23 Answer: Option
Explanation: Steering committee provides leadership and direction.
Q.24 Answer: Option A
Explanation: Leadership is accountable for managing enterprise threats.
Q.25 Answer: Option D
Explanation: Governance: Security governance is a framework containing security policies, approaches, tools, and awareness programs for achieving the organization’s security objectives. Risk and data privacy is enforced by security policies.
