Cyber Security and Privacy Week 5 Nptel Answers 2024

Are you looking for Cyber Security and Privacy Week 5 NPTEL Answers? You’ve come to the right place! Access the latest and most accurate solutions for your Week 5 assignment in the Cyber Security and Privacy course.

Course Link: Click Here


Correct Cyber Security and Privacy Week 5 Nptel Answers 2024 image
Cyber Security and Privacy Nptel Week 5 Assignment Answers

Cyber Security and Privacy Week 5 Nptel Answers (July-Dec 2024)


1. The primary function of a cybersecurity policy within an organization is to:

a) Define a rigid set of penalties for security violations.
b) Eliminate the need for ongoing security awareness training programs.
c) Dictate specific technical security controls for implementation.
d) Establish a comprehensive reference point for organizational cybersecurity practices.

Answer: d) Establish a comprehensive reference point for organizational cybersecurity practices.


2. Which type of policy is related to an organization’s strategic purpose, mission, and vision?

a) Issue-specific information security policies (ISSP)
b) Systems-specific information security policies (SysSP)
c) Enterprise information security policy (EISP)
d) Technical implementation policy

Answer: c) Enterprise information security policy (EISP)


3. True or False: Standards are broad, abstract documents that provide detailed procedures for employees to comply with policies.

a) True
b) False

Answer: b) False


4. Which of the following reflects the hierarchical top-down order of information security policies?

a) Enterprise > Issue-Specific > Systems-Specific
b) Systems-Specific > Issue-Specific > Enterprise
c) Issue-Specific > Enterprise > Systems-Specific
d) All three policy types are independent and unconnected

Answer: a) Enterprise > Issue-Specific > Systems-Specific


5. Which of the following components is typically included in the Enterprise Information Security Policy (EISP)?

a) Incident response procedures
b) Statement of purpose
c) Software development guidelines
d) Employee performance evaluations

See also  Nptel Database Management System Assignment 5 Answers

Answer: b) Statement of purpose


6. True or False: Systems-specific security policies (SysSPs) can be separated into two general groups, managerial guidance SysSPs and technical specifications SysSPs

a) True
b) False

Answer: b) False


7. _ consists of details about user access and use permissions and privileges for an organizational asset or resource.

a) Access Control Lists
b) Configuration rules
c) Authorized access and usage of equipment
d) Authorization rules

Answer: d) Authorization rules


8. True or False: Consequence-driven Cyber-informed Engineering (CCE) is a cyber defense concept that focuses on the lowest consequence events from an engineering perspective so that resource-constrained organizations receive the greatest return on their security investments.

a) True
b) False

Answer: b) False


9. __ are nonmandatory recommendations the employee may use as a reference in complying with a policy.

a) Practices
b) Procedures
c) Standards
d) Guidelines

Answer: d) Guidelines


10. Creating “air gaps” to isolate critical systems is a cyber hygiene practice that focuses on:

a) Installing the latest security patches.
b) Strengthening user authentication.
c) Segmenting networks for improved security
d) Keeping complex passwords up-to-date.

Answer: c) Segmenting networks for improved security


These are Cyber Security and Privacy Week 5 Nptel Answers

All Weeks of Cyber Security and Privacy: Click here

For answers to additional Nptel courses, please refer to this link: NPTEL Assignment


Cyber Security and Privacy Week 5 Nptel Answers (Jan-Apr 2023)

Course Name: Cyber Security and Privacy

Course Link: Click Here


Q1. What type of policy addresses specific areas of technology, requires frequent updates, and contains a statement on the organization’s position on a specific issue?
Enterprise information security policy (EISP)
Systems-specific security policy (SysSP)
Automated policy (AP)
Issue-specific security policy (ISSP)

See also  Computer Architecture Week 5 Assignment Nptel Answers 2024

Answer: Issue-specific security policy (ISSP)


Q2. What are the defence strategies’ three common methods?
1. Application of policy
2. Education and training
3. Business impact analysis
4. Risk management
5. Application of technology
Choose the correct answer.

1,2,3
1,2,4
2,4,5
1,2,5

Answer: 1,2,5


These are Cyber Security and Privacy Nptel Week 5 Assignment Answers


Q3. Policy administrator is responsible for ———–
1. creation,
2. revision,
3. implementation
4. distribution, and
5. storage
of policy in an organization. Choose the correct option

1,2
3
3,4
5

Answer: 3,4


Q4. Which type of policy is frequently codified as standards and procedures to be used when configuring or maintaining systems?
Enterprise information security policy (EISP)
Systems-specific security policy (SysSP)
Automated policy (AP)
Issue-specific security policy (ISSP)

Answer: Systems-specific security policy (SysSP)


These are Cyber Security and Privacy Nptel Week 5 Assignment Answers


Q5. Which of the following is used to direct how issues should be addressed and technologies must be used in an organization?
policies
standards
ethics
governance

Answer: policies


Q6. The boundary in the network within which an organization attempts to maintain security controls for securing information from threats from untrusted network areas is called —-
Security peripheral
Security perimeter
Security measure
Security principle

Answer: Security perimeter


These are Cyber Security and Privacy Nptel Week 5 Assignment Answers


Q7. Consider the following statements
1. Statement of Purpose -What the policy is for
2. Information Technology Security Elements – Defines information security
3. Need for Information Technology Security – Justifies the irrelevance of information security in the organization
4. Information Technology Security Responsibilities and Roles – Defines organizational overall business planning and security investment plan. Identify the components of the EISP

3, 4
2, 3, 4
1, 2
all are true

See also  Cyber Security and Privacy | Week 9

Answer: 1, 2


These are Cyber Security and Privacy Nptel Week 5 Assignment Answers


Q8. Access Control Lists specify
1. who can ——–the system
2. what ———users can access
3. when authorised users can ——–the system
4. where authorised users can access the system from
Chose the correct words or expressions to fill in the blanks, in sequence:

use, authorised, access
authorised, access, create
authorised, access, use
administer, access, accountable

Answer: use, authorised, access


Q9. The goals of (A)—————————— are:
1.—————— of information security with business strategy to support organizational objectives
2 —————— by executing appropriate measures to manage and mitigate threats to information resources
3. —————— by using information security knowledge and infrastructure efficiently and effectively
Choose the correct answer:

A-Financial security gov, 1- Tactical alignment, 2- Performance mgmt., 3- Resource mgmt.,
A-Information security governance,1-Strategic alignment, 2- Risk mgmt., 3- Resource mgmt.,
A-Data security gov, 1-Operational management, 2- Resource mgmt., 3- Risk mgmt.,
A-Bord of governance,1-Operational alignment, 2- Risk mgmt., 3- Resource mgmt.

Answer: A-Information security governance,1-Strategic alignment, 2- Risk mgmt., 3- Resource mgmt.,


These are Cyber Security and Privacy Nptel Week 5 Assignment Answers


More Weeks of Cyber Security and Privacy: Click here