Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Nse 1 - The Threat Landscape

    Încărcat de

    Karo
    93 vizualizări5 pagini
    NSE 1

    Titlu original

    Fortinet NSE 1

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    DOCX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    NSE 1

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    93 vizualizări5 pagini

    Nse 1 - The Threat Landscape

    Încărcat de

    Karo
    NSE 1

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 5

    NSE 1 --- The Threat Landscape

    MODULE 1.

    Q1. Attacking systems by exploiting otherwise unknown and unpatched vulnerabilities


    is also known as: Zero-day exploits

    Q2. What are the primary motivations of the “Hacktivist”?


    Political, social, or moral disagreements

    Q3. What central component is necessary to form a botnet?


    Command & Control (C&C) Server

    Q4. What is it called when a fraudulent email masquerades as a legitimate


    communication in an attempt to get a user to reveal sensitive information?
    Phishing

    Q5. What is the goal of the “Cyber Terrorist”?


    Intimidation through disruption and damage

    Q6. What is the motivation of the bad actor known as the “Explorer”?
    Money
    MODULE 2.

    Q1. How does implementing multiple security point products from multiple vendors
    affect managing an environment?
    More complicated and more expensive

    Q2. Internally to the CIO’s company, what is the overall impact when a cyber attack
    causes extended downtime, and employees’ time is diverted to post-attack activities?
    Productivity is reduced.

    Q3. On average, how can a CIO’s tenure be characterized?


    CIOs have the shortest tenures among C-level executives.

    Q4. Regulatory fines related to serious breaches can be characterized in which way?
    They can be enormous and seriously impact the bottom line.

    Q5. What is becoming a regular topic between CIOs, the other C-level executives,
    and the board of directors?
    Implementing cyber security

    Q6. What is the primary responsibility of a CIO?


    Controlling the Information Technology (IT) resources of a company.

    Q7. What will a CIO do once they understand the company’s business goals and
    priorities?
    Analyze and design the IT infrastructure so that it aligns with those
    business goals.

    Q8. When investments are made in IT infrastructure, what should a CIO do next?
    Show how these investments deliver measurable results.

    Q9. When the general public learns of a serious breach, what is their likely reaction?
    Select one:
    An erosion of trust leading to a decline in business with the breached
    company.

    Q10. Why must a CIO work closely with the other C-level executives?
    To understand the company’s business goals and priorities.
    MODULE 3

    Q1. How long has the role of CISO been present?


    The role of CISO is relatively new

    Q2. In many of the breaches, tens of millions of credit cards become compromised,
    and personally identifiable information for millions of individuals are stolen. What is one
    result?
    Class-action lawsuits

    Q3. In what ways are CISOs often expected to represent the company?
    Thought leadership, partnership development, and customer
    engagement.

    Q4. Originally, the role of CISO was mostly concerned with which topic?
    Compliance

    Q5. What can be said for a company’s data that resides outside their buildings?
    It must be secured and protected just the same.

    Q6. What do the other C-level executives want from a CISO?


    Select one:
    A concrete assessment of information risk and value.

    Q7. What is the result of these breaches becoming the targets of government
    regulators?
    Huge fines

    Q8. What is the term for when departments or individuals go outside the corporate
    policies and spin up their own applications, utilize unapproved or uncoordinated SaaS
    services, or otherwise allow what may be key information assets to be stored out of our
    control?
    Shadow IT

    Q9. What results from the loss of control of customers’ personally identifiable
    information?
    Select one:
    The loss of customer trust and lasting damage to brand reputation.

    Q10. Where are the information assets in a typical company today?


    Scattered all over the place.
    MODULE 5

    Q1. A CFO’s responsibility is to manage financial risk, and that covers which other
    element?
    All the information and data in the company.

    Q2. Being trustworthy with customer data is now a part of which outcome?
    Select one:
    Building brand loyalty.

    Q3. How does a CFO treat intangible assets such as intellectual property, trade
    secrets, manufacturing methods, and the information about customers?
    Just as responsible for the financial risks to those information assets as any
    others.

    Q4. Looking into the past, a CFO will create which kind of reports?
    Reporting on the prior financial performance of the company.

    Q5. Since it uses information from every corner of the business, what does a
    company’s Enterprise Resource Planning (ERP) system require to help the CFO
    understand what’s happening now, and plan for the future?
    Accurate and trustworthy information.

    Q6. What are the consequences if a CFO’s reports are not accurate?
    From having to re-state the data, to being found in violation of financial
    regulations.

    Q7. What does a CFO rely on to create forecasts of what will happen to the company
    in the future?
    Access to good information

    Q8. What is the primary responsibility of a CFO?


    To manage the finances and the financial risks of the company.

    Q9. What poses one of the greatest risks to the financial value of a company’s
    information assets?
    Cyber threats

    Q10. What role does a CFO play in new business initiatives, product launches and/or
    new service offerings?
    Analyzes the financial impact.
    MODULE 6

    Q1. Why is it a security problem if you use the same password for all the systems
    and websites you use?
    If the bad guys break into one of them, they have your password for all of
    them.

    Q2. Why is it risky to keep using an operating system that is no longer supported or
    updated?
    Many cyber attacks exploit unpatched vulnerabilities in old, unsupported
    operating systems.

    Q3. What is the recommendation for passwords on all the systems and websites that
    you use?
    Use different passwords for each system or website.

    Q4. What should you do if you get an unsolicited email from an otherwise trusted
    source that says to click a link?
    Launch a browser or app manually, then log into their website to investigate the
    issue.

    Q5. When you receive an unsolicited email, what should you do if it has an
    attachment?
    Don’t open the attachment.

    Q6. What action can be taken in advance to help protect your data from corruption
    from malware?
    Set up regular backups.

    Q7. How often should you change your passwords?


    On a regular basis

    Q8. Where can you download the highly-rated and free FortiClient security product
    from?
    forticlient.com

    Q9. What percentage of malware is distributed by email?


    99%

    Q10. If a vendor or website offers two-factor authentication, what is the recommended


    action?
    Enable and use two-factor authentication.

    S-ar putea să vă placă și