Cyber Security and Privacy Week 3 Nptel Answers 2024
Are you looking for Cyber Security and Privacy Week 3 NPTEL 2024 Answers? You’ve come to the right place! Access the latest and most accurate solutions for your Week 3 assignment in the Cyber Security and Privacy course.
Cyber Security and Privacy Week 3 Nptel Answers (July-Dec 2024)
Session: JUL-DEC 2024
Q1.The process of defining and specifying the long-term direction to be taken by an organization, and the allocation and acquisition of resources needed to pursue this effort is known as: Governance Security Management Strategic Planning Objectives
Answer: Updating soon(in progress)
Q2.Which of the following statements best describes the relationship between GRC (Governance, Risk, and Compliance) and cybersecurity ? GRC focuses solely on cybersecurity management and overlooks other risk management initiatives. Cybersecurity is the primary focus of GRC, with minimal consideration for other risks. GRC integrates cybersecurity as one component within the broader framework of enterprise risk management (ERM). GRC is a standalone framework independent of cybersecurity and risk management.
These are Cyber Security and Privacy Week 3 Nptel Answers
Q3.A written document provided by management that inform employees and others in the workplace about proper behavior regarding the use of information and information assets are known as: Guidelines Information Security Policy De facto standard Practices
Answer: Updating soon(in progress)
Q4.Which approach to cybersecurity management treats cybersecurity as a separate category distinct from other risks an organization may face, and focuses solely on cybersecurity, depending on the size and nature of the organization? Standard Driven Approach Organization Planning Approach GRC Framework Risk Management Framework
These are Cyber Security and Privacy Week 3 Nptel Answers
Q5.Benefits of implementing a GRC in an organization include: Responsible operations Data-driven decision-making Improved cybersecurity All the above
Answer: Updating soon(in progress)
Q6. What is the purpose of the COBIT maturity model? To assess an organization’s maturity in IT governance processes To rank organizations based on their financial performance To determine the efficiency of network infrastructure To evaluate employee satisfaction levels in the IT department
These are Cyber Security and Privacy Week 3 Nptel Answers
Q7.COSO’s ERM framework emphasizes: Operational efficiency Risk identification and assessment Regulatory compliance Human resource management
Answer: Updating soon(in progress)
Q8. Which characteristic distinguishes the approaches of COBIT, COSO, and COSO-ERM from specific standards like ISO or NIST? They prioritize cybersecurity over other risk management aspects. They focus exclusively on small to medium-sized enterprises (SMEs). They operate at the enterprise level rather than focusing on specific standards. They are primarily developed by governmental regulatory bodies.
These are Cyber Security and Privacy Week 3 Nptel Answers
Q9. Why might some countries be hesitant to adopt the ISO 27001 model? It is a mandatory standard with strict compliance requirements. It is not recognized as a valid security framework by international organizations. There are concerns about the model’s overall effectiveness compared to existing approaches. It prioritizes specific security vendors or technologies.
Answer:
Q10. Which of the following is not considered a principle or practice for securing IT systems? Implement layered security to ensure there is no single point of vulnerability. Do not implement unnecessary security mechanisms. Maximize the system elements to be trusted. Assume that external systems are insecure.
These are Cyber Security and Privacy Nptel Week 3 Assignment 3 Answers
Q1. Which of the following terms best describe the specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls? Blueprint NIST handbook An information security framework Security plan
Answer: An information security framework
Q2. True or False: SP 800-18, Guide for Developing Security Plans, is considered the foundation for a comprehensive security blueprint and framework. True False
Answer: True
These are Cyber Security and Privacy Nptel Week 3 Assignment Answers
Q3. One of the foundations of security architectures is the requirement to implement security in layers. This layered approach is referred to as: managerial controls security domain redundancy defense in depth
Answer: defense in depth
Q4. Control Objectives for Information and Related Technologies is a framework created by —— for information technology (IT) management and ————- HIPPA, & Information officer ISO, & Security officer ISACA, & IT governance CISO, & Chief officer
Answer: ISACA, & IT governance
These are Cyber Security and Privacy Nptel Week 3 Assignment Answers
Q5. Three approaches to cyber security management are 1. Governance-Risk-Compliance (GRC) approach 2. ————————————————— 3. Organizational planning approach Information-driven approach Security-driven approach Standards-driven approach Procedure-driven approach
Answer: Standards-driven approach
Q6. ISO/IEC 27032:2012 involves guidelines for —————– Network security Cyber security Risk Management Governance of information security
Answer: Cyber security
These are Cyber Security and Privacy Nptel Week 3 Assignment Answers
Q7. The five goals of information security governance are 1. —————–of information security with business strategy to support organizational objectives 2. —————- by executing appropriate measures to manage and mitigate threats to information resources 3. —————–by utilizing information security knowledge and infrastructure efficiently and effectively 4. —————–by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved 5. —————–by optimizing information security investments in support of organizational objectives. A. Strategic alignment B. Risk management C. Resource management D. Performance measurement E. Value delivery Match the following 1-B,2-C,3-D,4-C,5-A, 1-C,2-B,3-A,4-B,5-E 1-E,2-C,3-A,4-B,5-D 1-A,2-B,3-C,4-D,5-E,
Answer: 1-A,2-B,3-C,4-D,5-E,
These are Cyber Security and Privacy Nptel Week 3 Assignment Answers
Q8. Match ISO Series with the corresponding topic (A) 27000 (1)Series Overview and Terminology (B) 27003 (2)Information Security Management Systems Implementation Guidelines (C) 27004 (3) Information Security Measurements and Metrics (D) 27005 (4) ISMS Risk Management (E) 27006 (5) Requirements for Bodies Providing Audit and Certification of ISMS A-1, B-2,C-3, D-4, E-5 A-4, B-2, C-3, D-1, E-5 A-2,B-1,C-3,D-5,E-4 A-3,B-2,C-1,D-5,E-4
Answer: A-1, B-2,C-3, D-4, E-5
Q9. (1)—————— is authorized by policy from senior management and is usually carried out by senior IT and information security executives, such as the(2)———and-(3)——- 1- ISG 2- CIO, 3- CISO 1-CO,2, 2-CIO,3- CISO 1-CISO, 2-CIO, 3-CO 1-CISO, 2-ISG, 3-CO
Answer: 1- ISG 2- CIO, 3- CISO
These are Cyber Security and Privacy Nptel Week 3 Assignment Answers
More Weeks of Cyber Security and Privacy: Click here
