Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

Pass the IIBA Cybersecurity Analysis IIBA-CCA Questions and answers with CertsForce

Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions
Questions # 11:

How should categorization information be used in business impact analysis?

Options:

A.

To identify discrepancies between the security categorization and the expected business impact


B.

To assess whether information should be shared with other systems


C.

To determine the time and effort required for business impact assessment


D.

To ensure that systems are designed to support the appropriate security categorization


Expert Solution
Questions # 12:

Protecting data at rest secures data that is:

Options:

A.

moving from device to device.


B.

moving from network to network.


C.

stored on any device or network.


D.

less vulnerable to attack.


Expert Solution
Questions # 13:

What is the definition of privileged account management?

Options:

A.

Establishing and maintaining access rights and controls for users who require elevated privileges to an entity for an administrative or support function


B.

Applying identity and access management controls


C.

Managing senior leadership and executive accounts


D.

Managing independent authentication of accounts


Expert Solution
Questions # 14:

Which of the following challenges to embedded system security can be addressed through ongoing, remote maintenance?

Options:

A.

Processors being overwhelmed by the demands of security processing


B.

Deploying updated firmware as vulnerabilities are discovered and addressed


C.

Resource constraints due to limitations on battery, memory, and other physical components


D.

Physical security attacks that take advantage of vulnerabilities in the hardware


Expert Solution
Questions # 15:

What business analysis deliverable would be an essential input when designing an audit log report?

Options:

A.

Access Control Requirements


B.

Risk Log


C.

Future State Business Process


D.

Internal Audit Report


Expert Solution
Questions # 16:

An internet-based organization whose address is not known has attempted to acquire personal identification details such as usernames and passwords by creating a fake website. This is an example of?

Options:

A.

Breach


B.

Phishing


C.

Threat


D.

Ransomware


Expert Solution
Questions # 17:

Information classification of data is a level of protection that is based on an organization's:

Options:

A.

retention for auditing purposes.


B.

need for access by employees.


C.

timing of availability for automated systems.


D.

risk to loss or harm from disclosure.


Expert Solution
Questions # 18:

What term is defined as a fix to software programming errors and vulnerabilities?

Options:

A.

Control


B.

Release


C.

Log


D.

Patch


Expert Solution
Questions # 19:

Cybersecurity regulations typically require that enterprises demonstrate that they can protect:

Options:

A.

applications and technology systems.


B.

trade secrets and other intellectual property.


C.

personal data of customers and employees.


D.

business continuity and disaster recovery.


Expert Solution
Questions # 20:

How is a risk score calculated?

Options:

A.

Based on the confidentiality, integrity, and availability characteristics of the system


B.

Based on the combination of probability and impact


C.

Based on past experience regarding the risk


D.

Based on an assessment of threats by the cyber security team


Expert Solution
Viewing page 2 out of 3 pages
Viewing questions 11-20 out of questions