#Cyber Resilience During COVID-19
A.Get to Know the Changed Landscape
Q.1)Which of the following best describes the new reality during COVID-19?
I)The new reality is accelerating business model transformation due to increased reliance on work from home, cloud, and online services.
II)The new reality has decreased the reliance on the internet and increased the prevalence of in-person meetings.
III)The new reality has slowed down the adoption of remote access and cloud technologies.
IV)The new reality has decreased the attack surface and prevalence of vulnerabilities.
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
I)The new reality is accelerating business model transformation due to increased reliance on work from home, cloud, and online services.
[/bg_collapse]
Q.2)Which of the following best describes an escalated risk for cybersecurity operations?
I)Zero trust architecture is implemented properly with all users, devices, and resource access validated.
II)Cyber criminals are using social engineering tactics related to COVID-19 to try to steal money and personal information.
III)Vulnerabilities are increasing due to the nature of working in a new and unfamiliar remote environment.
IV)Both B and C
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
IV)Both B and C
[/bg_collapse]
B.Foster a Culture of Cyber Resilience
Q.1)Which of the following best describes a strategy for implementing cyber-resilience governance?
I)Plan for onsite operations only.
II)Plan for remote operations only.
III)Plan for regulatory compliance and reassess cyber risk amid new process changes that may become permanent.
IV)Allow IT, OT, and physical security to each implement independent cyber capabilities, strategies, and priorities.
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
III)Plan for regulatory compliance and reassess cyber risk amid new process changes that may become permanent.
[/bg_collapse]
Q.2)Which of the following describes a possible threat to cybersecurity resulting from employee behaviors?
I)Using VPN to access company resources while working from home.
II)Using approved conferencing tools to host a team meeting.
III)Clicking on an email impersonating the World Health Organization with information about donating to COVID-19.
IV)Taking training on how to identify suspicious emails and malicious links.
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
III)Clicking on an email impersonating the World Health Organization with information about donating to COVID-19.
[/bg_collapse]
C.Protect Your Critical Assets and Services
Q.1)Which of the following best describes a strategy for enforcing strong cyber hygiene?
I)Provide workers access to company data on unmanaged personal devices no matter their location.
II)Allow each part of the business to manage and use its own separate asset inventory system.
III)Be vigilant in rolling out software patches in a timely manner.
IV)Both A and B
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
III)Be vigilant in rolling out software patches in a timely manner.
[/bg_collapse]
Q.2)Which of the following describes the advantage of using a Domain Name System (DNS) service?
I)It blocks malicious websites and filters out harmful or inappropriate content.
II)It enables you to develop and maintain an inventory of digital assets.
III)It enhances your identity and access management system.
IV)It automatically installs software patches.
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
I)It blocks malicious websites and filters out harmful or inappropriate content.
[/bg_collapse]
D.Make Risk-Informed Decisions
Q.1)Which of the following best describes a zero-trust approach to securing your supply chain?
I)Automatically trust devices and users accessing data within the network boundary.
II)Only allow access to resources from verified, secured devices and users.
III)Require users to be on the company network in order to access data.
IV)Require users to use a strong password to access data.
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
II)Only allow access to resources from verified, secured devices and users.
[/bg_collapse]
Q.2)Which of the following best describes a meaningful cyber-resilience metric aligned with business strategic objectives?
I)Number of viruses blocked.
II)Results of simulated phishing attacks.
III)Mean time to recover from an incident.
IV)Both B and C
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
IV)Both B and C
[/bg_collapse]
E.Update Response Plans and Collaborate Effectively
Q.1)Which of the following best describes a comprehensive crisis management plan?
I)It helps leaders maintain business continuity.
II)It orients individuals with different roles and responsibilities towards a common goal.
III)It details the company’s identity and access management policy.
IV)Both A and B
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
IV)Both A and B
[/bg_collapse]
Q.2)Which of the following best describes a benefit of collective situational awareness?
I)It increases the divide between law enforcement and private business.
II)It can slow down the sharing of actionable information.
III)It can help drive collective action in response to a shared threat.
IV)Both A and B
[bg_collapse view=”button-orange” color=”#4a4949″ expand_text=”Show Answers” collapse_text=”Close Answer” ]
III)It can help drive collective action in response to a shared threat.
[/bg_collapse]