Cyber Security and Privacy | Week 6

1 month ago
user
4 minutes

Session: JULY-DEC 2023

Course Name: Cyber Security and Privacy

Course Link: Click Here

These are Cyber Security and Privacy Nptel Week 6 Assignment 6 Answers

Q1. Match 1 & 2 with A& B following
1. Residual risk
2. Risk appetite
A: The risk to information assets that remains even after current controls have been applied.
B: The quantity and nature of risk that organizations are willing to accept as they evaluate the trade-offs between perfect security and unlimited accessibility.
Choose the correct answer:
1-A, 2-B
1-B, 2-A

Answer: 1-A, 2-B

Q2. True or False:
The information technology community of interest must assist in risk management by configuring and operating information systems in a secure fashion.
True
False

Answer: True

These are Cyber Security and Privacy Nptel Week 6 Assignment 6 Answers

Q3. The process of examining how each threat will affect an organization is called:
Risk assessment
Data classification
Threat assessment
Vulnerability classification

Answer: Threat assessment

Q4. The probability that a specific vulnerability within an organization will be the target of an attack is known as:
Loss Magnitude
Manageability
Likelihood
Practicability

Answer: Likelihood

These are Cyber Security and Privacy Nptel Week 6 Assignment 6 Answers

Q5. The calculation of the value associated with the most likely loss from an attack is called:
Annualised Rate of Occurrence (ARO)
Annualised Loss Expectancy (ALE)
Cost Benefit Analysis (CBA)
Single Loss Expectancy (SLE)

Answer: Single Loss Expectancy (SLE)

Q6. ———————-is the formal assessment and presentation of the economic expenditures needed for particular security control, contrasted with its projected value to the organization.
Feasibility analysis
Cost-benefit analysis
Risk-benefit analysis
Economic impact analysis

Answer: Cost-benefit analysis

These are Cyber Security and Privacy Nptel Week 6 Assignment 6 Answers

Q7. A document that compares the relative importance of prioritised assets to prioritised threats and highlights any weaknesses in the asset/threat pairs.
Threats-Vulnerabilities document
Threats-Vulnerabilities-Assets (TVA) worksheet
Threats-Vulnerabilities-Assets log file
Attack Vulnerability Asset document

Answer: Threats-Vulnerabilities-Assets (TVA) worksheet

These are Cyber Security and Privacy Nptel Week 6 Assignment 6 Answers

Q8. Match the following:
(A) Internal Used for the most sensitive corporate information that must be tightly controlled, even
within the company. Access to information with this classification is strictly on a
need-to-know basis or as required by the terms of a contract. Information with
this classification may also be referred to as “sensitive” or “proprietary.”
(B) Confidential Used for all internal information that does not meet the criteria
for the confidential category. Internal information is to be
viewed only by corporate employees, authorized contractors,
and other third parties.
(C) External All information that has been approved by management for public release.
A-2, B-1, C-3
A-1, B-2, C-3
A-3, B-2, C-1
A-1, B-3, C-2

Answer: A-2, B-1, C-3

Q9. ——————- varies among organisations because they maintain different balances between the expense of controlling vulnerabilities and the possible losses if the vulnerabilities are exploited. The key for each organisation is to find the proper balance in its decision-making and feasibility analyses, to use experience and facts instead of ignorance or wishful thinking.
Risk appetite
Risk control
Residual Risk
Risk Assessment

Answer: Risk appetite

These are Cyber Security and Privacy Nptel Week 6 Assignment 6 Answers

Q10. Malware dictation Software has its own (Asset) internal personnel database behind a firewall. Industry reports indicate a 5 % chance of an attack. The information security and IT departments report that if the organization is attacked, the attack has a 15 % chance of success based on current asset vulnerabilities and protection mechanisms. The asset is valued at a score of 35 on a scale of 0 to 100, and information security and IT staff expect that 60 % of the asset would be lost or compromised by a successful attack, because not all of the asset is stored in a single location. You estimate that the assumptions and data are 90 % accurate. Calculating Risk.
0.1575
0.1733
0.2887
0.5575

Answer: 0.1733

These are Cyber Security and Privacy Nptel Week 6 Assignment 6 Answers

Q11. xyzbuy.com has an estimated value of Rs 50,00,000, as determined by an asset valuation and a cracker defacement scenario indicates that a deliberate act of sabotage or vandalism could damage 25 per cent of xyzbuy.com, then the single loss expectancy for the xyzbuy.com would be?
16,50,000
15,20,000
11,11,000
12,50,000

Answer: 12,50,000

These are Cyber Security and Privacy Nptel Week 6 Assignment 6 Answers

More Weeks of Cyber Security and Privacy: Click here

More Nptel Courses: Click here

These are Cyber Security and Privacy Nptel Week 6 Assignment 6 Answers

This content is uploaded for study, general information, and reference purpose only.