Soru 1: What are playbooks used for?

The plan an analyst creates to complete a task manually.
To automate actions an analyst typically would have to complete manually.
To optimize manual processes.
To describe the order analyst’s complete tasks.

Soru 2: What is alert fatigue?

When the number of alerts decline.
When an analyst is overwhelmed from the number of alerts coming in.
When a team reduces the number of alerts coming in using SOAR.
When a SOAR solution is overloaded with alerts.

Soru 3: What does the acronym SOAR stand for?

Security, Orchestration, Automation, & Response
Situation, Opportunity, Action, & Result
Single out, On the board, Asked, & Repeated
Situation, Orientation, Adroit, & Replication

Soru 4: Why is SOAR used?

To collaborate with other analysts during investigations.
To synchronize tools, accelerate response times, reduce alert fatigue, and compensate for the skill shortage gap.
To replace tier 1 analysts and automate all of their tasks.
To analyze workload, organize an analysts tasks, and allow teams to respond using their own processes.

Soru 5: Identify a benefit of SOAR.

Reports on all endpoints that require patching.
Elevates the security team’s sense of success.
Analyzes and generates a security score to better measure improvements in network security.
Increases your security teams efficiency by automating repetitive manual processes.

Soru 1: What do you call an unsolicited email message that masquerades as coming from a legitimate sender, and attempts to get you to disclose sensitive information or click on a link?

Trojan
Phishing
Malware
Virus

Soru 2: Why is it a security problem if you use the same password for all the systems and websites you use?

If the bad guys break into one of them, they have your password for all of them.
There will be uneven wear on your keyboard.
It increases the difficulty of brute force password attacks.
The bad guys will give up too easily.

Soru 3: Two-factor authentication uses the combination of “something you know” with which other element?

Something you will never know.
Something you want.
Something you have forgotten.
Something you have.

Soru 4: If a vendor or website offers two-factor authentication, what is the recommended action?

Wait for everyone else to do it.
Immediately reboot your computer.
Politely decline.
Enable and use two-factor authentication.

Soru 5: What is the recommendation for passwords on all the systems and websites that you use?

Use “123456” as your password on all systems and websites.
Use different passwords for each system or website.
Use the same password for each system or website.
Never change your passwords.

Soru 6: What percentage of malware is distributed by email?

10%
99%
5%
Over 50%

Soru 7: What tool can you use to help “remember” all your passwords?

A rubber band.
A password manager.
Vitamin E
Yellow sticky notes.

Soru 8: Why is it risky to keep using an operating system that is no longer supported or updated?

The latest social media tools may not work on the old operating system.
Many cyber attacks exploit unpatched vulnerabilities in old, unsupported operating systems.
The hard drive may fail.
The computer may reboot.

Soru 9: When you receive an unsolicited email, what should you do if it has an attachment?

Don’t open the attachment.
Immediately reboot your computer.
Forward the email to all your friends.
Open the attachment to learn how to make money online.

Soru 10: Where can you download the highly-rated and free FortiClient security product from?

forticlientfree.com
freeforticlient.com
Your favorite malware marketplace.
forticlient.com

Soru 1: A CFO’s responsibility is to manage financial risk, and that covers which other element?

All the information and data in the company.
The after-hours card games.
Costs associated with the building’s janitorial contractor.
The catered lunch in the boardroom.

Soru 2: Being trustworthy with customer data is now a part of which outcome?

Crafting a better user experience.
Building brand loyalty.
Decreasing revenues.
Regulatory fines.

Soru 3: How does a CFO treat intangible assets such as intellectual property, trade secrets, manufacturing methods, and the information about customers?

More responsible for the financial risks to those information assets than any others.
Paper assets
Not responsible at all.
Just as responsible for the financial risks to those information assets as any others.

Soru 4: Looking into the past, a CFO will create which kind of reports?

Billable hours
Timecard reports for individual employees.
TPS reports
Reporting on the prior financial performance of the company.

Soru 5: Since it uses information from every corner of the business, what does a company’s Enterprise Resource Planning (ERP) system require to help the CFO understand what’s happening now, and plan for the future?

Last quarter’s TPS reports.
Accurate and trustworthy information.
A gaggle of consultants.
Several reams of paper.

Soru 6: What are the consequences if a CFO’s reports are not accurate?

There are no consequences since nobody actually reads those reports.
From having to re-state the data, to being found in violation of financial regulations.
The next report must have an offsetting error to compensate.
Other CFOs in the area will catch the error and help fix it.

Soru 7: What does a CFO rely on to create forecasts of what will happen to the company in the future?

Access to good information.
Advice of Wall Street analysts.
Accurate inventory data.
An endless supply of coffee.

Soru 8: What is the primary responsibility of a CFO?

To develop new products and services.
To manage the finances and the financial risks of the company.
To manage the company’s payroll.
To oversee the factory floor.

Soru 9: What poses one of the greatest risks to the financial value of a company’s information assets?

Earthquakes
Cyber threats
Floods
Spelling errors

Soru 10: What role does a CFO play in new business initiatives, product launches and/or new service offerings?

Provides advice on engineering.
Provides advice on marketing.
Conducts focus group research.
Analyzes the financial impact.

Soru 1: How long has the role of CISO been present?

The role of CISO does not exist yet.
The role of CISO has existed for 129 years.
The role of CISO is relatively new.
The role of CISO is the oldest C-level position.

Soru 2: In many of the breaches, tens of millions of credit cards become compromised, and personally identifiable information for millions of individuals are stolen. What is one result?

Class-action lawsuits
Clearance sales
Market capitalization increase
Increase in share price

Soru 3: In what ways are CISOs often expected to represent the company?

Presenting new products at a trade show booth.
Thought leadership, partnership development, and customer engagement.
Public relations, advertising, and marketing.
Career day at a local school.

Soru 4: Originally, the role of CISO was mostly concerned with which topic?

Operations
Budgeting
Compliance
Finance

Soru 5: What can be said for a company’s data that resides outside their buildings?

It is already secured and protected by the very nature of the cloud.
It must be secured and protected just the same.
It is impossible to even find.
It is impossible to secure or protect.

Soru 6: What do the other C-level executives want from a CISO?

A concrete assessment of information risk and value.
A concrete assessment of vendor performance.
A concrete assessment of website costs.
A concrete assessment of database performance.

Soru 7: What is the result of these breaches becoming the targets of government regulators?

Huge fines
Unexpected tax audits
Increased health department inspections
Lower insurance rates

Soru 8: What is the term for when departments or individuals go outside the corporate policies and spin up their own applications, utilize unapproved or uncoordinated SaaS services, or otherwise allow what may be key information assets to be stored out of our control?

Dodgy IT
Vapor IT
Ninja IT
Shadow IT

Soru 9: What results from the loss of control of customers’ personally identifiable information?

The loss of customer trust and a strengthening of brand reputation.
A rise in customer-created crowdfunding initiatives.
The loss of customer trust and lasting damage to brand reputation.
An increase in customer sympathy and a strengthening of brand reputation.

Soru 10: Where are the information assets in a typical company today?

Consolidated in a central mainframe.
Inside the main building.
Scattered all over the place.
Stored in carefully controlled servers.

Soru 1: How does implementing multiple security point products from multiple vendors affect managing an environment?

More complicated and more expensive.
Simpler and less expensive.
Requires fewer staff members.
Saves money on rackspace and cooling costs.

Soru 2: Internally to the CIO’s company, what is the overall impact when a cyber attack causes extended downtime, and employees’ time is diverted to post-attack activities?

Productivity is reduced.
Overtime pay is approved.
Productivity is increased.
Morale is increased.

Soru 3: On average, how can a CIO’s tenure be characterized?

CIOs have the longest tenures among C-level executives.
The tenure of a CIO is a step on the path to CFO.
The tenure of a CIO is generally stress-free and relaxing.
CIOs have the shortest tenures among C-level executives.

Soru 4: Regulatory fines related to serious breaches can be characterized in which way?

The proceeds help stimulate the economy.
They are insignificant in all respects.
They can be enormous and seriously impact the bottom line.
Fines are never imposed due to any form of cyber attacks.

Soru 5: What is becoming a regular topic between CIOs, the other C-level executives, and the board of directors?

The relative value of various SaaS offerings.
Executive compensation
Implementing cyber security
The allocation of window and corner offices.

Soru 6: What is the primary responsibility of a CIO?

Controlling the Information Technology (IT) resources of a company.
Creating all the information in a company.
Determining where each information resource will be routed in a company.
Choosing which laptop models to purchase for a company.

Soru 7: What will a CIO do once they understand the company’s business goals and priorities?

Create alternative business plans.
Analyze and design the IT infrastructure so that it aligns with those business goals.
Attend many industry conferences.
Analyze and design new products.

Soru 8: When investments are made in IT infrastructure, what should a CIO do next?

Fill out the warranty cards right away.
Compare budgets with other C-level executives.
Show how these investments deliver measurable results.
Negotiate for quantity discounts.

Soru 9: When the general public learns of a serious breach, what is their likely reaction?

Apathy leading to an increase in business with the breached company.
Empathy and compassion.
Disbelief followed shortly by acceptance.
An erosion of trust leading to a decline in business with the breached company.

Soru 10: Why must a CIO work closely with the other C-level executives?

The other C-level execs always need help with their computers.
To understand the company’s business goals and priorities.
To help choose which laptops to purchase for the company.
To make sure they use strong passwords.

Soru 1: Attacking systems by exploiting otherwise unknown and unpatched vulnerabilities is also known as:

Secret sauce
Zero-day exploits
Phishing
First-day exploits

Soru 2: What are the primary motivations of the “Hacktivist”?

Political, social, or moral disagreements
The cost of commercial software and support
The appreciation of their country’s leaders
Food, wine, and gambling

Soru 3: What central component is necessary to form a botnet?

Transformer
DNS server
Command & Control (C&C) Server
Ethernet switch

Soru 4: What is it called when a fraudulent email masquerades as a legitimate communication in an attempt to get a user to reveal sensitive information?

Trolling
Harpooning
Baselining
Phishing

Soru 5: What is the goal of the “Cyber Terrorist”?

Stable world markets
Intimidation through disruption and damage
Peace through understanding
Adoption of Bitcoin as a primary national currency

Soru 6: What is the motivation of the bad actor known as the “Explorer”?

Money
Ideology
Notoriety
Food

Soru 7: What is the motivation of the “Cyber Terrorist”?

Fame
Compassion
Fortune
Ideology

Soru 8: What is the name of the malware that takes over a computer system and holds hostage the disk drives or other data?

Scareware
Ransomware
Phishingware
Kidnapware

Soru 9: What is the primary motivation of the “Cyber Warrior”?

Money
Fame
The political interest of their country’s government
The adoption of Bitcoin as a national currency

Soru 10: What is the motive of the “Cyber Criminal”?

Ideology
Intimidation
Fame
Money