<![CDATA[CS205 Grand Quiz Solution and Discussion]]>Please share you Grand Quiz or Download File
[center]images.png[/center]

]]>https://community.secnto.com//topic/1970/cs205-grand-quiz-solution-and-discussionRSS for NodeMon, 08 Jun 2026 20:00:18 GMTWed, 01 Jul 2020 14:06:07 GMT60<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:45:13 GMT]]>The verizon and symantec reports show that_______________.
Web is the most vulnerable vector
Email is the most attacked vector
IOT is more secure than other technologies
Malicious internal users or disgruntled employees cause most damage

e70ae74c-ca3e-4082-9e55-de065a8e5ab4-image.png

]]>https://community.secnto.com//post/5611https://community.secnto.com//post/5611Wed, 01 Jul 2020 14:45:13 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:44:18 GMT]]>If account lockout feature value is set to “0” on a ms 2012 member server than?
The account will never be locked despite of several failed login attempts
The account will be locked and system will have to be rebooting
Will require administrator to unlock the account
Will have to disconnect from network

ed3c9961-d8e5-46d9-8bb1-ded50eaba42a-image.png

]]>https://community.secnto.com//post/5610https://community.secnto.com//post/5610Wed, 01 Jul 2020 14:44:18 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:43:38 GMT]]>Which of the following statement is correct?
CVE is superset of NVD
NVD is an open standard for assigning vulnerability impacts
NVD is superset of CVSS
NVD is superset of CVE

d20bea56-bfb8-4fdd-b308-c76868eba8c0-image.png

]]>https://community.secnto.com//post/5609https://community.secnto.com//post/5609Wed, 01 Jul 2020 14:43:38 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:42:44 GMT]]>_________________is the part of Information Security Awareness.
Procedure
Standard
Policy
Training

b77d655b-9722-4ea9-bce3-037812548eee-image.png

]]>https://community.secnto.com//post/5608https://community.secnto.com//post/5608Wed, 01 Jul 2020 14:42:44 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:42:03 GMT]]>What does check content explain about rule in DISA STIG?
Describes the control
Describes the benefit of implementing control
Tells how to check whether control is implemented or not
Tells how to apply control

7c8066f2-89a3-4155-8c53-3ed4d3e53607-image.png

]]>https://community.secnto.com//post/5607https://community.secnto.com//post/5607Wed, 01 Jul 2020 14:42:03 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:41:08 GMT]]>One of the challenges in effective implementation of a security transformation project in a small-sized organization is_______________.
Adhoc culture and lack of discipline
Old and outdated IT environment
Multiple data center sites
Lack of a disaster recovery (DR) site

d21a6327-0f3c-41f7-a09b-a65d3ee77d47-image.png

]]>https://community.secnto.com//post/5606https://community.secnto.com//post/5606Wed, 01 Jul 2020 14:41:08 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:40:17 GMT]]>The purpose of the information security lifecycle is to ensure that___________________.
Project management is conducted adequately
The sequence is documented
There is a completion date to security projects
All security projects & activities consistently follow the same sequence and steps

d39d41e5-ad60-42ba-bcd4-6e6e3facb8ae-image.png

]]>https://community.secnto.com//post/5605https://community.secnto.com//post/5605Wed, 01 Jul 2020 14:40:17 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:39:28 GMT]]>For effective information security implementation, the security journey should start with___________.
Developing comprehensive policies and procedures
Management commitment
Security hardening and vulnerability management of IT assets
A penetration test

2bc1c8fb-000e-4d7a-b125-583fa923a4f8-image.png

]]>https://community.secnto.com//post/5604https://community.secnto.com//post/5604Wed, 01 Jul 2020 14:39:28 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:38:41 GMT]]>A policy is___________________.
Mandatory and limited in scope to a department
Mandatory and applies to entire organization; signed off by senior management
Not mandatory but a guideline only
Signed off by information security department

92bf93ae-4804-4d54-bb12-859b57ea9f57-image.png

]]>https://community.secnto.com//post/5603https://community.secnto.com//post/5603Wed, 01 Jul 2020 14:38:41 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:37:44 GMT]]>In an enterprise which software should be allowed to install and execute?
Softwares included in white-list.
Any freely available software.
Only paid software.
Softwares displayed on notice board.

2c3351c1-dd8b-4ab9-af2f-5789b59c35f6-image.png

]]>https://community.secnto.com//post/5602https://community.secnto.com//post/5602Wed, 01 Jul 2020 14:37:44 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:36:55 GMT]]>Which activity is carried out in security hardening layer?
Address security configuration of all it assets
Scanning to inspect patching of all it assets
Aggregative controls involving people, process, and technology
Ensure the proper utilization, ROI and audits of purchased devices

3b066eb3-4224-46cf-a1e2-1a10d917b43d-image.png

]]>https://community.secnto.com//post/5601https://community.secnto.com//post/5601Wed, 01 Jul 2020 14:36:55 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:35:56 GMT]]>What are the three types of redundant site models in an enterprise network?
Hot site, cold site and warm site
Primary site, secondary site and DR site
Highly available site, fault tolerant site and DR site
Both a & b

f02eb931-b086-4c36-852d-984bf87495bd-image.png

]]>https://community.secnto.com//post/5600https://community.secnto.com//post/5600Wed, 01 Jul 2020 14:35:56 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:34:46 GMT]]>Anthem insurance breach 2014 was initiated through?
Windows vulnerability
Phishing email
Man in the middle attack
Sql injection attack

9a2c81c1-4615-4701-bf3d-3a5e0dd26eda-image.png

]]>https://community.secnto.com//post/5599https://community.secnto.com//post/5599Wed, 01 Jul 2020 14:34:46 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Tue, 21 Nov 2023 10:20:22 GMT]]>What do you mean by RTO in a business continuity plan?
Minimum frequency of backups
Maximum downtime an organization can handle
Maximum age of files that an organization must recover from backup storage for normal operations to resume after disaster
Both a & b

3ebe0ea0-1ddf-45c2-9595-753ea9e81950-image.png
[center]images.png[/center]

]]>https://community.secnto.com//post/5598https://community.secnto.com//post/5598Tue, 21 Nov 2023 10:20:22 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:29:26 GMT]]>The 4 layer security transformation model and isms requirements and controls__________________.
Are both separate security programs
Are both separate security projects
May form essential elements of the security program
None of the given

93c60250-46a0-4249-9220-0fe0744684da-image.png

]]>https://community.secnto.com//post/5597https://community.secnto.com//post/5597Wed, 01 Jul 2020 14:29:26 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:28:36 GMT]]>As per carneige mellon university computing consortium commercial software contains?
20 to 30 bugs for every 1000 lines of code
20 to 30 bugs for every 10,000 lines of code
40 to 50 bugs for every 1000 lines of code
40 to 50 bugs for every 10,000 lines of code

d93859ec-9356-4f4a-b5b4-2b3a5a46150eimage.png

]]>https://community.secnto.com//post/5596https://community.secnto.com//post/5596Wed, 01 Jul 2020 14:28:36 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:27:12 GMT]]>Checklist of applicable security controls step includes?
Make a checklist for progress tracking and share with it teams
Document controls in sop
Research for applicable controls
Both b and C

3e83c643-ce23-4820-9843-00cbf52a37c3-image.png

]]>https://community.secnto.com//post/5595https://community.secnto.com//post/5595Wed, 01 Jul 2020 14:27:12 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:26:26 GMT]]>Policy & compliance practice of “governance” function of software assurance maturity model is focused on________________.

On arming personnel involved in software lifecycle with knowledge and resources to design develop and deploy secure software
Understanding and meeting external legal and regulatory requirements
On establishing a framework within an organization for a software security assurance program
On proactively specifying the expected behavior of software with respect to security

a0a25f34-cdcc-4b12-b30b-0288ffde97fc-image.png

]]>https://community.secnto.com//post/5594https://community.secnto.com//post/5594Wed, 01 Jul 2020 14:26:26 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:25:34 GMT]]>How security of outsourced services can be evaluated?
Include outsourced scope in internal audit
Ask for 3rd party security review
Vulnerability assessment and penetration testing
Spot security checks

4eee97c2-d033-4c42-9877-9e5c6aad4b60-image.png

]]>https://community.secnto.com//post/5593https://community.secnto.com//post/5593Wed, 01 Jul 2020 14:25:34 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:24:49 GMT]]>What should standard secure configuration images represent?
Default configuration version of OS only.
Hardened versions of OS only.
Hardened versions of application installed on system only.
Hardened versions of underlying OS and application installed on system.

5572590b-535d-459c-aea3-b895be467dd4-image.png

]]>https://community.secnto.com//post/5592https://community.secnto.com//post/5592Wed, 01 Jul 2020 14:24:49 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:24:01 GMT]]>Which team tests the patches in test environment in vulnerability management process?
Risk & compliance team
Business team
IT operations team
Audit team

65e7c885-97a7-45a0-b446-bc78b737b31a-image.png

]]>https://community.secnto.com//post/5591https://community.secnto.com//post/5591Wed, 01 Jul 2020 14:24:01 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:23:09 GMT]]>It would be correct to say that the security posture in Pakistan can be improved by____________.
More awareness and training
Effective actions taken by regulators, organizations, and building an effective cyber security eco-system
Regular technical security audits
Learning from regional countries
c4d62ef2-cd15-4d8e-9f08-af50f54afb03-image.png

]]>https://community.secnto.com//post/5590https://community.secnto.com//post/5590Wed, 01 Jul 2020 14:23:09 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:21:43 GMT]]>IT/ Infosec Teams require information security project report at ________basis.
Daily
Weekly
monthly
Quarterly

5fca6575-91de-4f88-a150-e80a9546e3e7-image.png

]]>https://community.secnto.com//post/5589https://community.secnto.com//post/5589Wed, 01 Jul 2020 14:21:43 GMT<![CDATA[Reply to CS205 Grand Quiz Solution and Discussion on Wed, 01 Jul 2020 14:20:54 GMT]]>Which one of the following is considered the first step in a vulnerability scan?
Port scanning
Firewall detection
TCP/UDP service delivery
Checking if the remote host is alive

af22a64d-7a3b-4726-a958-113a69d1af3a-image.png

]]>https://community.secnto.com//post/5588https://community.secnto.com//post/5588Wed, 01 Jul 2020 14:20:54 GMT