Which statement best describes an attack surface?

Reachable and exploitable vulnerabilities in a system

Which outcome would be classified as a confidentiality violation?

Exposure of customer data to unauthorised users

What is the primary purpose of the Common Vulnerabilities and Exposures (CVE) system?

To identify and track publicly disclosed vulnerabilities using unique reference numbers

Which scenario best represents a violation of integrity?

A medical record is altered without authorisation

Which scenario represents a confidentiality requirement rather than an integrity requirement?

Ensuring only authorised staff can view exam results

Which of the following best demonstrates system integrity?

A system performs its intended function without manipulation

Which scenario best represents a violation of availability?

A service is offline due to a DDoS attack

Which example primarily relates to authenticity rather than confidentiality?

Verifying a user’s identity using multi-factor authentication

Which example primarily relates to accountability?

Logging user actions with unique user IDs

Help

Options

focusNode

Didn't know it?
click below

Knew it?
click below

Don't Know

Remaining cards (0)

Know

retry

shuffle

restart

0:00

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

Normal Size Small Size show me how

Stack #4658869

Question	Answer
Which breach threat involves denying that an action or receipt occurred?	Repudiation
Which attack involves modifying data or creating a false data stream?	Active attack
Which category best fits “unlocked server rooms”?	Physical vulnerabilities
Which statement best describes an attack surface?	Reachable and exploitable vulnerabilities in a system
Which outcome would be classified as a confidentiality violation?	Exposure of customer data to unauthorised users
What is the primary purpose of the Common Vulnerabilities and Exposures (CVE) system?	To identify and track publicly disclosed vulnerabilities using unique reference numbers
Which scenario best represents a violation of integrity?	A medical record is altered without authorisation
Which source of threat involves using an employee’s credentials without being an employee?	Insider affiliate
Which breach threat involves intercepting information during transmission?	Eavesdropping
Which situation would require the highest level of integrity?	Hospital patient records
Which vulnerability is most closely linked to misconfigured firewalls?	Configuration
Which source of threat involves exploiting open access channels from outside the organisation?	Outsider affiliate
Which breach threat involves pretending to be someone else?	Masquerading
Which outcome would be classified as an availability violation?	Loss of service access
Which scenario represents a confidentiality requirement rather than an integrity requirement?	Ensuring only authorised staff can view exam results
Which of the following best demonstrates system integrity?	A system performs its intended function without manipulation
Which attack involves learning information without changing system resources?	Passive attack
Which scenario best represents a violation of availability?	A service is offline due to a DDoS attack
Which threat category includes phishing and baiting?	Social engineering
Which asset is most likely to be classified as intangible?	Intellectual property
Which example primarily relates to authenticity rather than confidentiality?	Verifying a user’s identity using multi-factor authentication
Which example primarily relates to accountability?	Logging user actions with unique user IDs
Which type of vulnerability is most associated with weak passwords?	Human
Which threat type is most associated with long-term, state-sponsored espionage?	Advanced persistent threats
Which source of threat involves a contractor with limited authorised access?	Insider associate

Created by: user-2034432

"Know" box contains:
Time elapsed:
Retries: