Scribd
Upload
2K views8 pages

Assessment Questions of Each Module: Cyber Security Awareness: Key Security Terms & Concepts

Uploaded by

maldeansh.pvt
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
2K views8 pages

Assessment Questions of Each Module: Cyber Security Awareness: Key Security Terms & Concepts

Uploaded by

maldeansh.pvt
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Assessment Questions Of Each Module

(Underlined Options Are The Answers)

 Cyber Security Awareness: Key Security Terms & Concepts


1. In the malware working methodology, which is the next step after performing
reconnaissance?
a. Stealing data
b. Infect user's device
c. Cause damage to the system
d. Tricking the user

2. Which Advanced Persistent Threat (APT) can attack an organization or government


because of their ideology?
a. Consultants
b. Terrorists
c. Nation states
d. Hacktivists

3. Which is a flow, error, or weakness in an application or system's design?


a. Risk
b. Exposure
c. Threat
d. Vulnerability

4. In which year was the Equation Group formed?


a. 2003
b. 2011
c. 2005
d. 2001

5. Which insider threat is usually a spouse or a friend?


a. Outside Affiliate
b. Pure Insider
c. Insider Associate
d. Insider Affiliate

6. What is the step performed after reconnaissance in an attack method?


a. Obfuscation
b. Access and escalation
c. Exfiltration
d. Scanning
7. What exploits vulnerabilities or bugs in a system or application?
a. Risk
b. Exposure
c. Vulnerability
d. Threat

8. Which entities are the types of Advanced Persistent Threats (APTs)?


a. Script Kiddies
b. Consultants
c. Nation-states
d. Organized crime groups
e. Hacktivist groups

9. Which choice is equivalent to the state of uncertainty?


a. Threat
b. Vulnerability
c. Exposure
d. Risk

10. Which is a potential or probability that a loss may occur?


a. Exposure
b. Vulnerability
c. Threat
d. Risk

11. Which entity is considered to be an internal threat?


a. Script-kiddie
b. Nation-state
c. Hacker
d. Consultant

12. What is something that increases likelihood of risk?


a. Vulnerability
b. Uncertainty
c. Threat
d. Exposure

13. The Sony or Target attack is an example of which type of target?


a. Telecommunications
b. Electronic
c. Manufacturing
d. Consumer
14. Which type of mobile threat does not use the security features that are built into a
mobile?
a. Insecure data storage
b. Insecure authentication
c. Insufficient cryptography
d. Improper platform usage

15. Which type of cloud threat can lead to consumers seeing each other’s data?
a. Misconfigurations
b. Management plane failure
c. Weak authentication
d. Multi-tenancy

 Cybersecurity Awareness: Exposure to Security Risks


1. Which model is designed to meet the security directive of the CIA triad?
a. PASTA
b. PCI-DSS
c. ISO
d. STRIDE

2. Which entity is responsible for security in an organization?


a. Executive Management
b. Senior Information Security Management
c. Board of Directors
d. Everyone

3. Which threat identification source requires you to review the logs on regular basis?
a. Business continuity planning
b. Disaster recovery planning
c. Risk assessment
d. Continuous monitoring

4. Which stage is the first one in the PASTA model?


a. Definition of the Technical Scope (DTS)
b. Threat Analysis (TA)
c. Application Decomposition and Analysis (ADA)
d. Definition of the Objectives (DO) for the Analysis of Risks
5. Which methods can help you reduce the security risks?
a. Limit the number of users
b. Protect the inbound data
c. Use complex passwords
d. Encrypt the data
e. Protect outbound data
f. Limit the number of login attempts

6. Which security threat is considered a human error?


a. Shoulder surfing
b. Phishing
c. Tailgating
d. Procedural error

7. Which component is impacted if your confidential data is made public?


a. Availability
b. Trust
c. Non-repudiation
d. Privacy

8. Which two components make up a risk?


a. Uncertainty
b. Exposure
c. Threat
d. Vulnerability

9. What is the measure of potential future loss resulting from an undesirable event or
incident?
a. Vulnerability
b. Threat
c. Uncertainty
d. Exposure

 Cybersecurity Awareness: Getting Started with Security


Foundations

1. Which entity is responsible for instituting the processes to integrate security with
the business objectives?
a. Auditors
b. Board of directors
c. Senior information security management
d. Executive management
2. Which are the benefits of security governance?
a. Focused security project initiations
b. Reduced accountability
c. Protection from legal liabilities
d. Increased market value
e. Reduced operational costs
f. Lowered security risks

3. Which entity oversees and guides the actions of security and operations for an
organization?
a. Executive management
b. Auditors
c. Senior information security management
d. Board of directors

4. Which are the components that make up the CIA triad?


a. Authenticity
b. Non-repudiation
c. Integrity
d. Confidentiality
e. Availability

5. Which statements describe the benefits of strategic planning?


a. Provides a better understanding of the project scope
b. Streamlines the project execution
c. Defines directions to accomplish the roadmap
d. Defines the organization's priorities
e. Defines an organization's future roadmap
f. Clarifies business objectives agreed among stakeholders

6. In the RACI acronym, what does the letter C denote?


a. Conformed
b. Confidential
c. Confirmed
d. Consulted

7. Which statements describe the benefits of effective communication?


a. Reduce the project overload on the users
b. Helps to reduce the security implementation time
c. Helps bridge the gap between users and security teams
d. Helps build trust with users
e. Helps convey a clear message
f. Helps in good decision making
8. Which expectations does an organization have from its users?
a. Have everything open, such as Internet access, without restrictions
b. Use assets and services as deemed acceptable
c. Understand the business goals of security
d. Have open communication regarding new implementations

9. Which security governance activity allows you to perform actions to reduce the risk
of system failures and compromises?
a. Event Identification
b. Improved Compliance
c. Incident Response
d. Risk Management

10. Which statements describe the business objectives of an organization?


a. Meet internal users’ requirements
b. Reduce the overall project scope
c. Generate profit
d. Grow the business
e. Keep customers happy

 Hospital Administration & Healthcare

1. Importance of ethics in medical field is:


a. It ensures legal compliance
b. It increases profits for healthcare institutions
c. It reduces paperwork for medical professionals
d. It fosters trust between doctors and patients

2. The philosophical underpinning of medical ethics are:


a. Ethical theories
b. Teleology
c. Deontology
d. All the above

3. Identify the ethical theory that focuses on the inherent nature of actions rather
than their consequences.
a. Utilitarianism
b. Teleology
c. Virtue ethics
d. Deontology

4. The ethical principle that emphasizes the obligation to do no harm to patients is:
a. Autonomy
b. Justice
c. Beneficence
d. Non-maleficence
5. HIS supports all hospital functions and activites such as:
a. Patient records
b. charge-back and billing
c. scheduling
d. All the above

6. The development step(s) involved in HIS is/are:


a. Geographical Management Information system
b. Management Information system
c. Clinical Information system
d. All of the above

7. The categories of informations in Hospital management information system


includes:
a. Image
b. Video
c. Text
d. All of the above

8. The technology that connects the Speciality hospital with the rural hospital can be
understood as part of
a. EMR System selection
b. Cross infection
c. Medical ethics
d. Telemedicine

9. The statement which cannot be related as benefits of EMR is


a. Participation in clinical trials
b. Increased operational efficiency
c. Increased operational cost

 Hospital Management:05 - Intensive Care Unit (ICU)

1. Monitoring is necessary for general anesthesia.


a. False
b. True

2. The concept of ICU has its origins from...


a. India
b. Australia
c. Europe
d. USA
3. The first coronary care unit in India was initiated at...
a. 1955, Hinduja Hospital
b. 1996, JJ Hospital
c. None of the above
d. 1968, King Edward VIl Memorial Hospital,Mumbai

4. Neonatal patients refer to...


a. A patient who is under age of 2 years
b. A patient of 2-5 yaers
c. A patient who is of 1 year
d. A patient who is less than of a 40 days

5. MICU stands for...


a. Modern Intensive Care Unit
b. Monitoring Intensive Care Unit
c. Medicine Intensive Care
d. Medical Intensive Care Unit

6. PICU and OICU are managed by...


a. ICCU
b. SICU
c. BICU
d. MICU

7. The function of a pulse oximeter is to...


a. Measure the blood pressure
b. Measure the heart beat
c. All of the above
d. Measure the oxygen level in blood

You might also like