CMIT 320 Final Exam Test Bank Latest Update 2026 |
Comprehensive Prep
1. Discuss how reputation damage can affect an organization following a data
breach.
Reputation damage has no impact on financial performance.
Reputation damage can lead to loss of customer trust and
decreased business opportunities.
Reputation damage only affects the marketing department.
Reputation damage is easily recoverable within a month.
2. If a company executive lacks awareness of their organization's assets and
threats, what potential impact could this have on the company's
cybersecurity strategy?
Improved incident response capabilities.
Increased technical proficiency among staff.
Enhanced compliance with security regulations.
Inadequate risk management and resource allocation.
3. In a scenario where multiple systems were compromised at different times,
how would recording time offsets assist in the incident response process?
It would only be useful for future reference.
It would complicate the analysis of the attack.
It would allow the incident response team to prioritize remediation
efforts based on the timeline of the attacks.
It would provide no additional benefit to the response process.
,4. Why is it crucial for company executives to have an overall awareness of their
organization's assets and threats?
It allows them to perform technical tasks related to cybersecurity.
It ensures compliance with industry regulations.
It helps them understand the technical details of security protocols.
It enables them to make informed decisions regarding risk
management and resource allocation.
5. Which of the following protocols is primarily used to establish a secure
connection between browsers and servers so that no data is lost?
HTTP
SSL/TLS
TCP/IP
SMTP
6. Which duty is the primary focus of data loss prevention (DLP)?
Stopping exfiltration of sensitive data during a breach
Deterring credential theft through layered obfuscation
Wiping company data from mobile devices of employees as they
leave the company
Preventing unauthorized sharing of privileged information
7. What is the primary focus of security training for company executives?
Technical skills in cybersecurity tools
Incident response procedures
, Overall awareness of the organization's assets and threats to them
Compliance with legal regulations
8. If an administrator discovers vulnerabilities during a security audit of a
virtualization server, what should be the next step?
Ignore the findings if the server is functioning well.
Change the server's physical location.
Increase the server's processing power.
Implement recommended security measures to address the
vulnerabilities.
9. Advanced persistent threat (APT) attackers want to _.
Remain unnoticed so they can continue to steal data
Create awareness for their causes
Conduct cyberwarfare
Reveal weaknesses in business and government websites and then
force them offline.
10. What tool or method can an administrator use to assess the security of a
virtualization server?
User authentication
Data encryption
Security audit
Firewall configuration
11. You try to access a website using the Google Chrome browser, but the
following message appears: "Your connection is not private." What is the
, MOST LIKELY source of the problem?
The website no longer exists.
The website you are accessing has recently been set up and is not
trustworthy.
There is an issue with the website's SSL certificate.
There is an internal server error when requesting information from the
website.
12. If a company experiences a data breach due to inadequate cloud security
policies, how could implementing instance awareness mitigate future risks?
By providing real-time visibility and control over cloud resources,
instance awareness can help identify vulnerabilities and enforce
security policies.
By focusing solely on user training, instance awareness can reduce
the risk of breaches.
By limiting access to only a few users, instance awareness can prevent
all data breaches.
By ensuring all data is stored on-premises, instance awareness
eliminates the need for cloud security.
13. What is the term for the security method that combines multiple forms of
verification for user access?
single sign on
two-factor authentication
password protection
multifactor authentication
Comprehensive Prep
1. Discuss how reputation damage can affect an organization following a data
breach.
Reputation damage has no impact on financial performance.
Reputation damage can lead to loss of customer trust and
decreased business opportunities.
Reputation damage only affects the marketing department.
Reputation damage is easily recoverable within a month.
2. If a company executive lacks awareness of their organization's assets and
threats, what potential impact could this have on the company's
cybersecurity strategy?
Improved incident response capabilities.
Increased technical proficiency among staff.
Enhanced compliance with security regulations.
Inadequate risk management and resource allocation.
3. In a scenario where multiple systems were compromised at different times,
how would recording time offsets assist in the incident response process?
It would only be useful for future reference.
It would complicate the analysis of the attack.
It would allow the incident response team to prioritize remediation
efforts based on the timeline of the attacks.
It would provide no additional benefit to the response process.
,4. Why is it crucial for company executives to have an overall awareness of their
organization's assets and threats?
It allows them to perform technical tasks related to cybersecurity.
It ensures compliance with industry regulations.
It helps them understand the technical details of security protocols.
It enables them to make informed decisions regarding risk
management and resource allocation.
5. Which of the following protocols is primarily used to establish a secure
connection between browsers and servers so that no data is lost?
HTTP
SSL/TLS
TCP/IP
SMTP
6. Which duty is the primary focus of data loss prevention (DLP)?
Stopping exfiltration of sensitive data during a breach
Deterring credential theft through layered obfuscation
Wiping company data from mobile devices of employees as they
leave the company
Preventing unauthorized sharing of privileged information
7. What is the primary focus of security training for company executives?
Technical skills in cybersecurity tools
Incident response procedures
, Overall awareness of the organization's assets and threats to them
Compliance with legal regulations
8. If an administrator discovers vulnerabilities during a security audit of a
virtualization server, what should be the next step?
Ignore the findings if the server is functioning well.
Change the server's physical location.
Increase the server's processing power.
Implement recommended security measures to address the
vulnerabilities.
9. Advanced persistent threat (APT) attackers want to _.
Remain unnoticed so they can continue to steal data
Create awareness for their causes
Conduct cyberwarfare
Reveal weaknesses in business and government websites and then
force them offline.
10. What tool or method can an administrator use to assess the security of a
virtualization server?
User authentication
Data encryption
Security audit
Firewall configuration
11. You try to access a website using the Google Chrome browser, but the
following message appears: "Your connection is not private." What is the
, MOST LIKELY source of the problem?
The website no longer exists.
The website you are accessing has recently been set up and is not
trustworthy.
There is an issue with the website's SSL certificate.
There is an internal server error when requesting information from the
website.
12. If a company experiences a data breach due to inadequate cloud security
policies, how could implementing instance awareness mitigate future risks?
By providing real-time visibility and control over cloud resources,
instance awareness can help identify vulnerabilities and enforce
security policies.
By focusing solely on user training, instance awareness can reduce
the risk of breaches.
By limiting access to only a few users, instance awareness can prevent
all data breaches.
By ensuring all data is stored on-premises, instance awareness
eliminates the need for cloud security.
13. What is the term for the security method that combines multiple forms of
verification for user access?
single sign on
two-factor authentication
password protection
multifactor authentication
