MISY 5325 - Cybersecurity Management - Midterm EXAM NEWEST 2026 WITH COMPLETE
QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A+||BRAND NEW VERSION!!
_______ are acts that are hostile to an organization. - (answer)Intentional threats
________ help(s) prevent a hard drive from being a single point of failure.
__________ help(s) prevent a server from being a single point of failure.
_________ help(s) prevent a person from being a single point of failure. - (answer)RAID, Failover
clusters, Cross-training
_________ is the process of creating a list of threats. - (answer)Threat identification
__________ damage for the sake of doing damage, and they often choose targets of opportunity.
A. Vandals
B. Saboteurs
C. Advanced persistent threats (APTs)
D. Disgruntled employees - (answer)Vandals
____________ assessments are objective, while ___________ assessments are subjective. -
(answer)Quantitative, qualitative
_____________ is the likelihood that a threat will exploit a vulnerability. - (answer)Probability
A __________ is a computer joined to a botnet. - (answer)zombie
A ___________ plan can help ensure that mission-critical systems continue to function after a disaster. -
(answer)business continuity
A ___________ plan can help you identify steps needed to restore a failed system. - (answer)disaster
recovery
,MISY 5325 - Cybersecurity Management - Midterm EXAM NEWEST 2026 WITH COMPLETE
QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A+||BRAND NEW VERSION!!
A _____________ policy governs how patches are understood, tested, and rolled out to systems and
clients. - (answer)patch management
A business impact analysis (BIA) is an important part of a _____________, and it can also be part of a
__________. - (answer)business continuity plan, disaster recovery plan
A new company does not have a lot of revenue for the first year. Installing antivirus software for all the
company's computers would be very costly, so the owners decide to forgo purchasing antivirus software
for the first year of the business. In what domain of a typical IT infrastructure is a vulnerability created? -
(answer)Workstation Domain
A technician in a large corporation fixes a printer that was not receiving an IP address automatically by
manually assigning it an address. The address was assigned to a server that was offline and being
upgraded. When the server was brought online, it was no longer accessible. How could this problem
have been avoided? - (answer)Through change management
A warm site is: - (answer)a compromise between a hot site and a cold site.
A(n) _________ is the likelihood that something unexpected is going to occur. - (answer)risk
A(n) _________ provides secure access to a private network over a public network such as the Internet.
- (answer)virtual private network (VPN)
A(n) _____________ is a process used to determine how to manage risk. - (answer)cost-benefit analysis
(CBA)
A(n) ___________________ is performed to identify and evaluate risks. - (answer)risk assessment
According to the World Intellectual Property Organization (WIPO), the two categories of intellectual
property (IP) are _______________ and _______________. - (answer)industrial property, copyright
, MISY 5325 - Cybersecurity Management - Midterm EXAM NEWEST 2026 WITH COMPLETE
QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A+||BRAND NEW VERSION!!
Aditya is assessing the value of IT systems. His company sells sporting goods online. One factor of his
evaluation is the required availability of each system. Some systems must be available 24/7, while
others must be available during regular business hours Monday through Friday. Which of the following
would have the highest availability requirements? - (answer)E-commerce website server
Alice is an aspiring hacker. She wants to get information on computer and network vulnerabilities and
ways to exploit applications. Which of the following is the best source?
A. Common Vulnerabilities and Exposures (CVE) list
B. Dark web
C. United States Computer Emergency Readiness Team (US-CERT) website
D. National Institute of Standards and Technology (NIST) website - (answer)Dark web
All of following are examples of hardware assets, except: - (answer)operating system.
All of the following are reasons why configuration management is an important risk management
process, except: - (answer)it reduces unintended outages.
All of the following are true of risk assessment critical area identification, except:
A. identifying critical areas helps the risk assessment team focus on what's important.
B. when critical areas are identified, areas that are least critical to the business should be the first
priority.
C. the risk assessment needs to balance potential profits and losses.
D. losses that threaten an organization's survivability are critical. - (answer)when critical areas are
identified, areas that are least critical to the business should be the first priority.
All of the following are true of risk assessment scope identification, except:
QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A+||BRAND NEW VERSION!!
_______ are acts that are hostile to an organization. - (answer)Intentional threats
________ help(s) prevent a hard drive from being a single point of failure.
__________ help(s) prevent a server from being a single point of failure.
_________ help(s) prevent a person from being a single point of failure. - (answer)RAID, Failover
clusters, Cross-training
_________ is the process of creating a list of threats. - (answer)Threat identification
__________ damage for the sake of doing damage, and they often choose targets of opportunity.
A. Vandals
B. Saboteurs
C. Advanced persistent threats (APTs)
D. Disgruntled employees - (answer)Vandals
____________ assessments are objective, while ___________ assessments are subjective. -
(answer)Quantitative, qualitative
_____________ is the likelihood that a threat will exploit a vulnerability. - (answer)Probability
A __________ is a computer joined to a botnet. - (answer)zombie
A ___________ plan can help ensure that mission-critical systems continue to function after a disaster. -
(answer)business continuity
A ___________ plan can help you identify steps needed to restore a failed system. - (answer)disaster
recovery
,MISY 5325 - Cybersecurity Management - Midterm EXAM NEWEST 2026 WITH COMPLETE
QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A+||BRAND NEW VERSION!!
A _____________ policy governs how patches are understood, tested, and rolled out to systems and
clients. - (answer)patch management
A business impact analysis (BIA) is an important part of a _____________, and it can also be part of a
__________. - (answer)business continuity plan, disaster recovery plan
A new company does not have a lot of revenue for the first year. Installing antivirus software for all the
company's computers would be very costly, so the owners decide to forgo purchasing antivirus software
for the first year of the business. In what domain of a typical IT infrastructure is a vulnerability created? -
(answer)Workstation Domain
A technician in a large corporation fixes a printer that was not receiving an IP address automatically by
manually assigning it an address. The address was assigned to a server that was offline and being
upgraded. When the server was brought online, it was no longer accessible. How could this problem
have been avoided? - (answer)Through change management
A warm site is: - (answer)a compromise between a hot site and a cold site.
A(n) _________ is the likelihood that something unexpected is going to occur. - (answer)risk
A(n) _________ provides secure access to a private network over a public network such as the Internet.
- (answer)virtual private network (VPN)
A(n) _____________ is a process used to determine how to manage risk. - (answer)cost-benefit analysis
(CBA)
A(n) ___________________ is performed to identify and evaluate risks. - (answer)risk assessment
According to the World Intellectual Property Organization (WIPO), the two categories of intellectual
property (IP) are _______________ and _______________. - (answer)industrial property, copyright
, MISY 5325 - Cybersecurity Management - Midterm EXAM NEWEST 2026 WITH COMPLETE
QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY
GRADED A+||BRAND NEW VERSION!!
Aditya is assessing the value of IT systems. His company sells sporting goods online. One factor of his
evaluation is the required availability of each system. Some systems must be available 24/7, while
others must be available during regular business hours Monday through Friday. Which of the following
would have the highest availability requirements? - (answer)E-commerce website server
Alice is an aspiring hacker. She wants to get information on computer and network vulnerabilities and
ways to exploit applications. Which of the following is the best source?
A. Common Vulnerabilities and Exposures (CVE) list
B. Dark web
C. United States Computer Emergency Readiness Team (US-CERT) website
D. National Institute of Standards and Technology (NIST) website - (answer)Dark web
All of following are examples of hardware assets, except: - (answer)operating system.
All of the following are reasons why configuration management is an important risk management
process, except: - (answer)it reduces unintended outages.
All of the following are true of risk assessment critical area identification, except:
A. identifying critical areas helps the risk assessment team focus on what's important.
B. when critical areas are identified, areas that are least critical to the business should be the first
priority.
C. the risk assessment needs to balance potential profits and losses.
D. losses that threaten an organization's survivability are critical. - (answer)when critical areas are
identified, areas that are least critical to the business should be the first priority.
All of the following are true of risk assessment scope identification, except:
