Wednesday, September 28, 2022

CyberSecurity Compliance Frameworks and Industry Standards Answers | Cybersecurity Compliance Framework & System Administration Week 1 | Coursera | IBM

Compliance Frameworks and Industry Standards Answers | Cybersecurity Compliance Framework & System Administration Week 1 | Coursera | IBM

by on in

Compliance Frameworks and Industry Standards Quiz Answers | Cybersecurity Compliance Framework & System Administration Week 1 |  IBM | Coursera

Compliance Frameworks and Industry Standards


Greetings!! Today, we'll publish the complete week's worth of quiz answers from Coursera's Cybersecurity Compliance Framework & System Administration course. This blog will specifically answer Week 1 i.e. Compliance Frameworks and Industry Standards course.


Cybersecurity Scope


Cybersecurity is a rapidly growing field with a wide range of job titles and positions. Here are some of the most common positions related to cybersecurity and their probable earnings:


  • Information Security Analyst: Information security analysts are responsible for analyzing and monitoring an organization's computer networks and systems for potential security threats. The average salary for an information security analyst is around $80,000 to $100,000 per year.
  • Cybersecurity Consultant: Cybersecurity consultants provide expert advice and guidance to organizations on how to protect their computer networks and systems from cyber threats. The average salary for a cybersecurity consultant is around $100,000 to $140,000 per year.
  • Security Engineer: Security engineers are responsible for designing, implementing, and maintaining an organization's computer security systems and processes. The average salary for a security engineer is around $100,000 to $130,000 per year.
  • Security Architect: Security architects are responsible for designing and implementing an organization's overall security strategy and ensuring that its computer networks and systems are properly secured. The average salary for a security architect is around $120,000 to $160,000 per year.
  • Chief Information Security Officer (CISO): CISOs are responsible for developing and implementing an organization's overall information security strategy. They also oversee all aspects of an organization's cybersecurity program. The average salary for a CISO is around $200,000 to $300,000 per year.
  • Ethical Hacker/Penetration Tester: Ethical hackers and penetration testers are responsible for identifying vulnerabilities in an organization's computer networks and systems and testing them for potential security threats. The average salary for an ethical hacker or penetration tester is around $100,000 to $140,000 per year.


It's important to note that these salaries are estimates and can vary based on factors such as industry, company size, location, and level of experience. Additionally, the demand for cybersecurity professionals is expected to continue to grow as cyber threats become more sophisticated, and as organizations increasingly rely on technology to conduct their business.


About the Course:


This course provides you with the foundational knowledge required to understand the key cybersecurity industry and compliance criteria. No matter what cybersecurity position you already have or wish to hold in an organization, it will be crucial for you to acquire this knowledge. You will become familiar with the fundamental user and server administration commands as they relate to security. You'll require this ability to understand operating system vulnerabilities in your organization. The ideas of endpoint security and patch management will be covered. To keep systems up to date and prevent cybersecurity incidents against a business, both these topics are crucial.

Finally, you will get in-depth knowledge of cryptography and encryption so that you can understand how these concepts impact software in an organization. This course is intended for anybody who wishes to get a fundamental grasp of Security Frameworks, Compliance, endpoint management, encryption, or cryptography.


What will you learn:

  • List and discuss many important NIST, GDPR, HIPAA, SANS, and PCI compliance and industry standards.
  • Give a brief description of the design, function, and roles of server and user administration.
  • Understand the relationship between client system administration and the concepts of patching and endpoint security.
  • Give definitions of cryptography terms such as encryption, encoding, hashing, and digital certificates.


Compliance and Regulations for Cybersecurity ( PRACTICE QUIZ )



Q1) Which of the bad guys are described as "They are "in" an organization but are human and make mistakes"?

  • Inadvertant Actor

 

Q2) Which is NOT one of the security controls?

  • Testing

 

Q3) What year did the GDPR come into effect?

  • 2018

 

Q4) Which three (3) of these obligations are part of the 5 key GDPR obligations? Check all that apply

  • Accountability of Compliance
  • Consent
  • Rights of EU Data Subject 


System and Organization Controls Report (SOC) Overview ( PRACTICE QUIZ )


Q1) Which is the foundational principle that everyone will get during a SOC audit?

  • Security



Industry Standards ( PRACTICE QUIZ )


Q1) The HIPAA security rule requires covered entites to maintain which two (2) reasonable safeguards for protecting e-PHI ?

  • Physical
  • Technical

 

Q2) HIPAA Administrative safeguards include which two (2) of the following ?

  • Security Personnel
  • Workforce Training and Management

 

Q3) PCI includes 264 requirements grouped under how many main requirements ?

  • 12

 

 

CIS Critical Security Controls ( PRACTICE QUIZ )


Q1) If you are a mature organization which CIS Controls Implementation Group would you use?

  • Implementation Group 3

 


Compliance Frameworks and Industry Standards ( MAIN QUIZ)


Q1) A security attack is defined as which of the following?

  • An event that has been identified by correlation and analytics tools as a malicious activity.

 

Q2) Which order does a typical compliance process follow?

  • Establish scope, readiness assessment, gap remediation, testing/auditing, management reporting

 

Q3) Under GDPR who determines the purpose and means of processing of personal data?

  • Controller

 

Q4) Under the International Organization for Standardization (ISO) which standard focuses on Privacy?

  • ISO 27018

 

Q5) Which SOC report is closest to an ISO report?

  • Type 1

 

Q6) What is an auditor looking for when they test control the control for implementation over an entire offering with no gaps?

  • Completeness

 

Q7) The HIPAA Security Rule requires covered entities to maintain which three (3) reasonable safeguards for protecting e-PHI?

  • physical
  • technical
  • administrative

 

Q8) HIPAA Administrative safeguards include which two (2) of the following?

  • Workforce training and management
  • Security Personnel

 

Q9) Who is the governing entity for HIPAA?

  • US Department of Health and Human Services Office of Civil Rights

 

Q10) HIPAA Physical safeguards include which two (2) of the following?

  • Workstation and Device Security
  • Facility Access and Control

 

Q11) PCI uses which three (3) of the following Card Holder Data Environment categories to determine scope?

  • Technology
  • Processes
  • People

 

Q12) One PCI Requirement is using an approved scanning vendor to scan at what frequency?

  • Quarterly

 

Q13) In which CIS control category will you find Incident Response and Management?

  • Organizational

Conclusion

 

With any luck, this post will help you quickly and easily uncover Week 1 assessment answers for Coursera's Cybersecurity Compliance Framework & System Administration Quiz. If this article has been helpful to you in any way, please let your friends and family know on social media about this wonderful training. Be patient with us as we release a tonne more free courses along with the exam/quiz solutions, and keep checking our QueHelp Blog for updates.

By -
Tags

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)