Cybersecurity Audit Certificate

Which of the following is the BEST method of maintaining the confidentiality of digital information?A . Use of access controls, file permissions, and encryptionB . Use of backups and business continuity planningC . Use of logging digital signatures, and write protectionD . Use of the awareness tracing programs and related...

Which of the following backup procedure would only copy files that have changed since the last backup was made?A . Incremental backupB . Daily backupC . Differential backupD . Full backupView AnswerAnswer: A Explanation: The backup procedure that would only copy files that have changed since the last backup was...

What is the FIRST phase of the ISACA framework for auditors reviewing cryptographic environments?A . Evaluation of implementation detailsB . Hands-on testingC . Risk-based shakeoutD . Inventory and discoveryView AnswerAnswer: D Explanation: The FIRST phase of the ISACA framework for auditors reviewing cryptographic environments is inventory and discovery. This is...

The protection of information from unauthorized access or disclosure is known as:A . access control.B . cryptographC . media protect on.D . confidentiality.View AnswerAnswer: D Explanation: The protection of information from unauthorized access or disclosure is known as confidentiality. This is because confidentiality is one of the three main objectives...

Which of the following is MOST critical to guiding and managing security activities throughout an organization to ensure objectives are met?A . Allocating a significant amount of budget to security investmentsB . Adopting industry security standards and frameworksC . Establishing metrics to measure and monitor security performanceD . Conducting annual...

Which of the following is the BEST indication that an organization’s vulnerability management process is operating effectively?A . Remediation efforts are communicated to managementB . The vulnerability program is formally approvedC . The vulnerability program is reviewed annually.D . Remediation efforts are prioritized.View AnswerAnswer: D Explanation: The BEST indication that...

Availability can be protected through the use of:A . user awareness training and related end-user training.B . access controls. We permissions, and encryption.C . logging, digital signatures, and write protection.D . redundancy, backups, and business continuity managementView AnswerAnswer: D Explanation: Availability can be protected through the use of redundancy, backups,...

Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?A . Single classification level allocationB . Business process re-engineeringC . Business dependency assessmentD . Comprehensive cyber insurance procurementView AnswerAnswer: C Explanation: The BEST basis for allocating proportional protection activities when...

Which of the following describes specific, mandatory controls or rules to support and comply with a policy?A . FrameworksB . GuidelinesC . BasedineD . StandardsView AnswerAnswer: D Explanation: Specific, mandatory controls or rules to support and comply with a policy are known as standards. This is because standards define the...

The second line of defense in cybersecurity includes:A . conducting organization-wide control self-assessments.B . risk management monitoring, and measurement of controls.C . separate reporting to the audit committee within the organization.D . performing attack and breach penetration testing.View AnswerAnswer: B Explanation: The second line of defense in cybersecurity includes risk...