Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CTAINASL_Week 6
| Question | Answer |
|---|---|
| Technical Security Architecture only focuses on installing firewalls at the network perimeter. | False. Technical Security Architecture is broader than firewalls because it includes the systematic design and implementation of security controls for systems, networks, and data to prevent unauthorized access, misuse, and threats. The real answer is that |
| Defense-in-depth assumes that one strong security control is enough if it is properly configured. | False. Defense-in-depth requires multiple layers of security controls so that if one layer fails, other controls can still prevent or reduce the impact of an attack. The real answer is that security should be layered across technical, procedural, and phys |
| A firewall placed between network segments can support defense-in-depth by controlling traffic between internal areas. | True. |
| Intrusion Detection and Prevention Systems are used only after an attack has already succeeded. | False. IDS and IPS monitor and detect malicious activities, and IPS can take proactive measures to prevent attacks. The real answer is that they support both detection and prevention. |
| Anti-malware solutions are part of defense-in-depth because they help protect against viruses, worms, and Trojans. | True. |
| Secure coding practices are unrelated to Technical Security Architecture because they only apply to programmers. | False. Secure coding practices are part of Technical Security Architecture because they reduce software vulnerabilities and lower the chance of successful exploitation. The real answer is that security must be integrated into development practices. |
| The principle of least privilege means users should receive all access rights they may possibly need in the future. | False. Least privilege means users and systems should receive only the minimum privileges needed to perform their assigned tasks. The real answer is that access should be limited based on role and responsibility. |
| Role-Based Access Control supports least privilege by assigning permissions according to job responsibilities. | True. |
| Privilege escalation prevention allows users to increase their permissions whenever they need faster access. | False. Privilege escalation prevention limits users from gaining higher privileges without proper authorization. The real answer is that privilege escalation must be controlled to protect sensitive systems and data. |
| Just-in-Time access reduces security risk by granting temporary access only when needed and removing it afterward. | True. |
| Separation of Duties reduces risk by preventing one individual from having complete control over critical operations. | True. |
| Separation of Duties is mainly designed to make work faster by giving one person full authority over every process. | False. Separation of Duties distributes responsibilities among multiple people or teams to create checks and balances. The real answer is that it helps prevent insider threats, unauthorized modifications, and errors. |
| Code review and deployment should ideally be handled by the same person to reduce delays. | False. Under Separation of Duties, one team member may review code while another deploys it. The real answer is that separating these tasks reduces the risk of unauthorized or unsafe changes. |
| Perimeter security focuses on protecting the external boundaries of an organization's network. | True. |
| A Virtual Private Network protects remote access by encrypting communication between remote devices and the organization network. | True. |
| Network segmentation increases risk because it allows attackers to move freely across all network areas. | False. Network segmentation divides a network into separate parts to limit the attack surface and contain breaches. The real answer is that segmentation helps prevent lateral movement and reduces incident impact. |
| Zoning assigns security policies and controls to different network segments based on their security requirements. | True. |
| Authentication determines what actions an already verified user is allowed to perform. | False. Authentication verifies the identity of a user or system. The real answer is that authorization determines access rights after identity is verified. |
| Authorization grants or denies access rights based on authenticated identity and predefined permissions. | True. |
| Multi-factor Authentication strengthens access control by requiring more than one form of verification. | True. |
| IDPS can only be deployed at the network level. | False. IDPS can be deployed at the network, host, or application level. The real answer is that deployment depends on the monitoring and protection needs of the organization. |
| Security Information and Event Management systems collect, correlate, and analyze security event data from multiple sources. | True. |
| SIEM tools are mainly used to encrypt stored files and databases. | False. SIEM tools provide monitoring, threat detection, log management, correlation, analysis, and reporting. The real answer is that encryption is handled under data encryption and protection controls. |
| Data encryption protects sensitive information by converting it into a form that requires the correct decryption key to access. | True. |
| Encryption can be applied only to data stored on devices or databases. | False. Encryption can be applied to data at rest and data in transit. The real answer is that sensitive data should be protected both when stored and when transmitted. |
| Data protection may include access controls, Data Loss Prevention solutions, and data classification. | True. |
| Incident response begins only after the organization has fully recovered from the attack. | False. Incident response starts with identification and reporting, followed by analysis, containment, recovery, and evidence preservation. The real answer is that response must begin promptly after detection. |
| Incident analysis and containment help prevent further damage while preserving evidence for investigation. | True. |
| Risk assessment identifies vulnerabilities, threats, and their possible impact on the organization. | True. |
| Threat modeling helps prioritize security measures by analyzing possible attack vectors. | True. |
| Industry standards such as ISO 27001 and the NIST Cybersecurity Framework can guide the design of secure technical architecture. | True. |
| Secure coding input validation helps prevent vulnerabilities such as injection attacks. | True. |
| Error and exception handling should reveal detailed system information so users can understand the problem. | False. Error and exception handling should avoid leaking sensitive information that attackers could exploit. The real answer is that errors must be handled securely. |
| Secure configuration management includes hardening systems by removing unnecessary services, changing default settings, and enabling needed security features. | True. |
| Least privilege also applies to system and application configuration, not only to user accounts. | True. |
| Change management helps ensure configuration changes are assessed, approved, documented, and tested for security implications. | True. |
| Patch management is a systematic process for identifying, testing, and applying security updates to systems, applications, and firmware. | True. |
| End-of-Life systems may remain in production safely as long as users are trained properly. | False. End-of-Life systems should be phased out or upgraded because they may no longer receive security support. The real answer is that EOL management is necessary to maintain a secure environment. |
| Balancing security with usability and performance is a challenge because strict security controls may affect user experience or system speed. | True. |
| A risk-based approach considers the organization’s unique requirements and risk tolerance when balancing security controls with usability and performance. | True. |
| Organizations do not need to update security policies after new technologies are introduced. | False. Security policies, procedures, and technologies should be regularly updated to address emerging threats and evolving technologies. The real answer is that adaptation is required because the threat landscape constantly changes. |
| Compliance with legal and regulatory requirements is part of Technical Security Architecture. | True. |
| Regular compliance assessments and gap analyses help identify areas that need improvement. | True. |
| Complex interconnected systems are easier to secure because every dependency automatically shares the same security level. | False. Interconnected systems increase complexity and require layered defenses, segmentation, monitoring, penetration testing, vulnerability assessments, and incident response. The real answer is that security must be managed across the entire ecosystem. |
| A layered defense approach protects complex infrastructures by applying multiple security measures across network, application, and data layers. | True. |
| Network segmentation and zoning can reduce the impact of a breach by isolating critical systems. | True. |
| Regular vulnerability assessments and penetration testing help evaluate the security posture of interconnected systems. | True. |
| Technical Security Architecture should include continuous monitoring and response capabilities to identify and respond to security incidents effectively. | True. |
Created by:
MamurMD