Cyber Security and Privacy | Week 3

Session: JULY-DEC 2023

Course Name: Cyber Security and Privacy

Course Link: Click Here

These are Cyber Security and Privacy Nptel Week 3 Assignment 3 Answers

---

Q1. Which of the following terms best describe the specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls?
Blueprint
NIST handbook
An information security framework
Security plan

Answer: An information security framework

---

Q2. True or False: SP 800-18, Guide for Developing Security Plans, is considered the foundation for a comprehensive security blueprint and framework.
True
False

Answer: True

---

These are Cyber Security and Privacy Nptel Week 3 Assignment 3 Answers

---

Q3. One of the foundations of security architectures is the requirement to implement security in layers. This layered approach is referred to as:
managerial controls
security domain
redundancy
defense in depth

Answer: defense in depth

---

Q4. Control Objectives for Information and Related Technologies is a framework created by —— for information technology (IT) management and ————-
HIPPA, & Information officer
ISO, & Security officer
ISACA, & IT governance
CISO, & Chief officer

Answer: ISACA, & IT governance

---

These are Cyber Security and Privacy Nptel Week 3 Assignment 3 Answers

---

Q5. Three approaches to cyber security management are
1. Governance-Risk-Compliance (GRC) approach
2. —————————————————
3. Organizational planning approach
Information-driven approach
Security-driven approach
Standards-driven approach
Procedure-driven approach

Answer: Standards-driven approach

---

Q6. ISO/IEC 27032:2012 involves guidelines for —————–
Network security
Cyber security
Risk Management
Governance of information security

Answer: Cyber security

---

These are Cyber Security and Privacy Nptel Week 3 Assignment 3 Answers

---

Q7. The five goals of information security governance are
1. —————–of information security with business strategy to support organizational objectives
2. —————- by executing appropriate measures to manage and mitigate threats to information resources
3. —————–by utilizing information security knowledge and infrastructure efficiently and effectively
4. —————–by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved
5. —————–by optimizing information security investments in support of organizational objectives.
A. Strategic alignment
B. Risk management
C. Resource management
D. Performance measurement
E. Value delivery
Match the following
1-B,2-C,3-D,4-C,5-A,
1-C,2-B,3-A,4-B,5-E
1-E,2-C,3-A,4-B,5-D
1-A,2-B,3-C,4-D,5-E,

Answer: 1-A,2-B,3-C,4-D,5-E,

---

These are Cyber Security and Privacy Nptel Week 3 Assignment 3 Answers

---

Q8. Match ISO Series with the corresponding topic
(A) 27000 (1)Series Overview and Terminology
(B) 27003 (2)Information Security Management Systems Implementation Guidelines
(C) 27004 (3) Information Security Measurements and Metrics
(D) 27005 (4) ISMS Risk Management
(E) 27006 (5) Requirements for Bodies Providing Audit and Certification of ISMS
A-1, B-2,C-3, D-4, E-5
A-4, B-2, C-3, D-1, E-5
A-2,B-1,C-3,D-5,E-4
A-3,B-2,C-1,D-5,E-4

Answer: A-1, B-2,C-3, D-4, E-5

---

Q9. (1)—————— is authorized by policy from senior management and is usually carried out by senior IT and information security executives, such as the(2)———and-(3)——-
1- ISG 2- CIO, 3- CISO
1-CO,2, 2-CIO,3- CISO
1-CISO, 2-CIO, 3-CO
1-CISO, 2-ISG, 3-CO

Answer: 1- ISG 2- CIO, 3- CISO

---

These are Cyber Security and Privacy Nptel Week 3 Assignment 3 Answers

---

More Weeks of Cyber Security and Privacy: Click here

More Nptel Courses: Click here