FedVTE Cyber Risk Management for Technicians Quiz
Fall 2023 with complete solution
In order to automate host characteristic monitoring you can compare baselines
and snapshots with syslog.
False
The following should be taken into account when accepting the residual risk
inherent in the project.
All of the above
What is the high water mark for an information system?
Highest Potential Impact value assigned to each Security Objective (AIC) for all Security
Categories resident on the system and the overall classification of the system.
Which of the following describes NetScan Tools Pro?
D. A collection of Internet information gathering and network troubleshooting utilities
FIPS 200 is:
A short document that describes the minimum security requirements for information and
information systems
Which risk comes from a failure of the controls to properly mitigate risk?
C. Control Risk
Open Source Security (OSSEC) is what?
A host based security system that monitors for changes
What tool would be best to automatically detect your network and construct a
complete and easy to view network map?
LANsurveyor
Which NIST special publication is a guide for Applying the Risk Management
Framework to Federal Information Systems: A Security Life Cycle Approach?
NIST SP 800 37
Which of the following is a part of the Examine Method?
Inspecting the physical security measures
If the cost of controls exceeds the benefit the organization may choose to accept
the risk instead.
True
Which of the following families of controls belongs to the technical class of
controls?
Identification and Authentication
Which tier of Risk Management is associated with Enterprise Architecture?
Tier 2 Mission (Business Process)
In NIST SP 800 53 the security control structure consists of all the following
components except for:
All of these are in the security control structure:
- Priority and baseline allocation
- Supplemental guidance
- Control enhancements
Kismet is different from a normal network sniffer such as Wireshark or tcpdump
because it separates and identifies different wireless networks in the area.
Fall 2023 with complete solution
In order to automate host characteristic monitoring you can compare baselines
and snapshots with syslog.
False
The following should be taken into account when accepting the residual risk
inherent in the project.
All of the above
What is the high water mark for an information system?
Highest Potential Impact value assigned to each Security Objective (AIC) for all Security
Categories resident on the system and the overall classification of the system.
Which of the following describes NetScan Tools Pro?
D. A collection of Internet information gathering and network troubleshooting utilities
FIPS 200 is:
A short document that describes the minimum security requirements for information and
information systems
Which risk comes from a failure of the controls to properly mitigate risk?
C. Control Risk
Open Source Security (OSSEC) is what?
A host based security system that monitors for changes
What tool would be best to automatically detect your network and construct a
complete and easy to view network map?
LANsurveyor
Which NIST special publication is a guide for Applying the Risk Management
Framework to Federal Information Systems: A Security Life Cycle Approach?
NIST SP 800 37
Which of the following is a part of the Examine Method?
Inspecting the physical security measures
If the cost of controls exceeds the benefit the organization may choose to accept
the risk instead.
True
Which of the following families of controls belongs to the technical class of
controls?
Identification and Authentication
Which tier of Risk Management is associated with Enterprise Architecture?
Tier 2 Mission (Business Process)
In NIST SP 800 53 the security control structure consists of all the following
components except for:
All of these are in the security control structure:
- Priority and baseline allocation
- Supplemental guidance
- Control enhancements
Kismet is different from a normal network sniffer such as Wireshark or tcpdump
because it separates and identifies different wireless networks in the area.
