Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

FedVTE Cyber Risk Management for Technicians Assessment: Questions and Answers, Exams of Human Resource Management

Dallas Nursing InstituteHuman Resource Management

A series of questions and answers related to cyber risk management for technicians. It covers topics such as host characteristic monitoring, residual risk acceptance, information system security objectives, network analysis tools, security standards, risk assessment methodologies, and change control processes. Useful for individuals seeking to understand and apply cyber risk management principles in a technical context.

Typology: Exams

2024/2025

Available from 02/11/2025

dillon-cole
dillon-cole 🇺🇸

4.3

(6)

1.9K documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
FedVTE Cyber Risk Management for Technicians Assessment
Questions and Answers
In order to automate host characteristic monitoring you can compare baselines and
snapshots with syslog. - Correct AnswersFalse
The following should be taken into account when accepting the residual risk inherent in
the project. - Correct AnswersAll of the above
What is the high water mark for an information system? - Correct AnswersHighest
Potential Impact value assigned to each Security Objective (AIC) for all Security
Categories resident on the system and the overall classification of the system.
Which of the following describes NetScan Tools Pro? - Correct AnswersB. A powerful
command line packet analyzer
C. A tool that provides advanced network trace routing
D. A collection of Internet information gathering and network troubleshooting utilities
FIPS 200 is: - Correct AnswersA short document that describes the minimum security
requirements for information and information systems
Which risk comes from a failure of the controls to properly mitigate risk? - Correct
AnswersA. Inherent risk
C. Control Risk
D. All of the above
Open Source Security (OSSEC) is what? - Correct AnswersA host based security
system that monitors for changes
What tool would be best to automatically detect your network and construct a complete
and easy to view network map? - Correct AnswersLANsurveyor
Which NIST special publication is a guide for Applying the Risk Management
Framework to Federal Information Systems: A Security Life Cycle Approach? - Correct
AnswersNIST SP 800 37
Which of the following is a part of the Examine Method? - Correct AnswersInspecting
the physical security measures
pf3

Partial preview of the text

Download FedVTE Cyber Risk Management for Technicians Assessment: Questions and Answers and more Exams Human Resource Management in PDF only on Docsity!

FedVTE Cyber Risk Management for Technicians Assessment

Questions and Answers

In order to automate host characteristic monitoring you can compare baselines and snapshots with syslog. - Correct AnswersFalse The following should be taken into account when accepting the residual risk inherent in the project. - Correct AnswersAll of the above What is the high water mark for an information system? - Correct AnswersHighest Potential Impact value assigned to each Security Objective (AIC) for all Security Categories resident on the system and the overall classification of the system. Which of the following describes NetScan Tools Pro? - Correct AnswersB. A powerful command line packet analyzer C. A tool that provides advanced network trace routing D. A collection of Internet information gathering and network troubleshooting utilities FIPS 200 is: - Correct AnswersA short document that describes the minimum security requirements for information and information systems Which risk comes from a failure of the controls to properly mitigate risk? - Correct AnswersA. Inherent risk C. Control Risk D. All of the above Open Source Security (OSSEC) is what? - Correct AnswersA host based security system that monitors for changes What tool would be best to automatically detect your network and construct a complete and easy to view network map? - Correct AnswersLANsurveyor Which NIST special publication is a guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach? - Correct AnswersNIST SP 800 37 Which of the following is a part of the Examine Method? - Correct AnswersInspecting the physical security measures

If the cost of controls exceeds the benefit the organization may choose to accept the risk instead. - Correct AnswersTrue Which of the following families of controls belongs to the technical class of controls? - Correct AnswersIdentification and Authentication Which tier of Risk Management is associated with Enterprise Architecture? - Correct AnswersTier 2 Mission (Business Process) In NIST SP 800 53 the security control structure consists of all the following components except for: - Correct AnswersAll of these are in the security control structure:

  • Priority and baseline allocation
  • Supplemental guidance
  • Control enhancements Kismet is different from a normal network sniffer such as Wireshark or tcpdump because it separates and identifies different wireless networks in the area. - Correct AnswersTrue What is the order of the Change Control Process? - Correct AnswersA. Request : Approval : Build : Impact Assessment : If successful Implement B. Request : Impact Assessment : Approval : Build and or Test : Implement D. Request : Impact Assessment : Build and or Test : Approval : Implement The threat source is highly motivated and sufficiently capable and controls to prevent the vulnerability from being exercised are ineffective. Which likelihood rating does this describe? - Correct AnswersHigh Which of the following is not part of the process for assessing security controls according to NIST SP 800 53A 1? - Correct AnswersA. Study C. Conduct D. Analyze Which step of a risk assessment uses the history of system attacks? - Correct AnswersStep 2: Threat Identification In risk management people and information and technology are examples of? - Correct AnswersAssets