{WEEK 4} NPTEL Cyber Security and Privacy Assignment Answers 2023

NPTEL Cyber Security and Privacy Assignment Answer

Contents

NPTEL Cyber Security and Privacy Week 4 Assignment Answer 2023 NPTEL Cyber Security and Privacy Week 3 Assignment Answer 2023 NPTEL Cyber Security and Privacy Week 2 Assignment Answer 2023 NPTEL Cyber Security and Privacy Week 1 Assignment Answer 2023

NPTEL Cyber Security and Privacy Week 4 Assignment Answer 2023

1. Which term is used to describe detailed statements of what must be done to comply with policy?

Policies
Standards
Ethics
Governance

Answer :- For Answer Click Here

2. Management must use ——————-as the basis for all information security planning, design, and deployment.

Standards
Procedures
Policies
Best business practices

Answer :- For Answer Click Here

3. Which type of planning ensures that critical business functions continue if a catastrophic incident or disaster occurs?

Business continuity planning (BCP)
Contingency planning (CP)
Business resumption planning (BRP)
Disaster recovery planning (DRP)

Answer :- For Answer Click Here

4. ————– policy can be separated into two general groups (a) managerial guidance and (b) technical specifications. Select the correct options

Systems-Specific Security
Issue-Specific Security
Enterprise Information Security
None of these

Answer :- For Answer Click Here

5. The actions taken during and after a disaster falls under —————-

Impact assessment
Risk management
Crisis management
Both (a) & (b)

Answer :- For Answer Click Here

5. The actions taken during and after a disaster falls under —————-

Impact assessment
Risk management
Crisis management
Both (a) & (b)

Answer :- For Answer Click Here

6. Special Publication 800-14 of the National Institute of Standards and Technology (NIST) defines three types of security policy and chooses the

Violations of Policy, Business continuity planning, Response planning
A disaster recovery, Incident response planning, and Business continuity planning
Issue-specific security, Systems-specific security, Enterprise information security
Enterprise information security, Violations of Policy, Response planning

Answer :- For Answer Click Here

7. What are the elements of a business impact analysis?

Threat attack identification
Business unit analysis
Attack success scenario development
Potential damage assessment
Subordinate plan classification
Risk management
Disaster management

The elements of a business impact analysis are:

1,2,3,4,5 correct
1,2,3,5,6 correct
2,3,5,6,7 correct
All are correct

Answer :- For Answer Click Here

8. Access control lists (ACLs) that govern the rights and privileges of users consist of the

User access lists,
Matrices,
Capability, and
Dedicated hardware

Choose the correct answer

1,2,3,4 are true
1,2,3 are true
Only 4 is true
All are true

Answer :- For Answer Click Here

9. The instructions a system administrator codes into a server, networking device, or a device to specify how it operates is called

Administration rule
Configuration rules
Networking rules
Security rule

Answer :- For Answer Click Here

10. Information security safeguards focus on administrative planning, organizing, leading, and controlling and that are designed by strategic planners and implemented by the organization’s security administration. These safeguards include governance and risk management together known as

Managerial controls
Operational controls
Technical controls
None of these

Answer :- For Answer Click Here

11. A lattice-based access control with rows of attributes associated with a particular subject such as a user is called

Access control matrix
Capabilities table
Configuration table
All of above

Answer :-  For Answer Click Here

Course Name	Cyber Security and Privacy
Category	NPTEL Assignment Answer
Home	Click Here
Join Us on Telegram	Click Here

NPTEL Cyber Security and Privacy Week 3 Assignment Answer 2023

1. Which of the following terms best describe the specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls?

Blueprint
NIST handbook
An information security framework
Security plan

Answer :-  For Answer Click Here

2. True or False: SP 800-18, Guide for Developing Security Plans, is considered the foundation for a comprehensive security blueprint and framework.

True
False

Answer :-

3. One of the foundations of security architectures is the requirement to implement security in layers. This layered approach is referred to as:

managerial controls
security domain
redundancy
defense in depth

Answer :- For Answer Click Here

4. Control Objectives for Information and Related Technologies is a framework created by —— for information technology (IT) management and ————-

HIPPA, & Information officer
ISO, & Security officer
ISACA, & IT governance
CISO, & Chief officer

Answer :-

5. Three approaches to cyber security management are

Governance-Risk-Compliance (GRC) approach
——————————————————–

rganizational planning approach
Information-driven approach
Security-driven approach
Standards-driven approach
Procedure-driven approach

Answer :- For Answer Click Here

6. ISO/IEC 27032:2012 involves guidelines for —————–

Network security
Cyber security
Risk Management
Governance of information security

Answer :-

7. The five goals of information security governance are

—————–of information security with business strategy to support organizational objectives
—————- by executing appropriate measures to manage and mitigate threats to information resources
—————–by utilizing information security knowledge and infrastructure efficiently and effectively
—————–by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved
—————–by optimizing information security investments in support of organizational objectives.

A. Strategic alignment
B. Risk management
C. Resource management
D. Performance measurement
E. Value delivery

Match the following

1-B,2-C,3-D,4-C,5-A,
1-C,2-B,3-A,4-B,5-E
1-E,2-C,3-A,4-B,5-D
1-A,2-B,3-C,4-D,5-E,

Answer :- For Answer Click Here

8. Match ISO Series with the corresponding topic

(A) 27000 (1)Series Overview and Terminology
(B) 27003 (2)Information Security Management Systems Implementation Guidelines
(C) 27004 (3) Information Security Measurements and Metrics
(D) 27005 (4) ISMS Risk Management
(E) 27006 (5) Requirements for Bodies Providing Audit and Certification of ISMS

A-1, B-2,C-3, D-4, E-5
A-4, B-2, C-3, D-1, E-5
A-2,B-1,C-3,D-5,E-4
A-3,B-2,C-1,D-5,E-4

Answer :-

9. (1)—————— is authorized by policy from senior management and is usually carried out by senior IT and information security executives, such as the(2)———and-(3)——-

1- ISG 2- CIO, 3- CISO
1-CO,2, 2-CIO,3- CISO
1-CISO, 2-CIO, 3-CO
1-CISO, 2-ISG, 3-CO

Answer :- For Answer Click Here

Course Name	Cyber Security and Privacy
Category	NPTEL Assignment Answer
Home	Click Here
Join Us on Telegram	Click Here

NPTEL Cyber Security and Privacy Week 2 Assignment Answer 2023

1. What term describes the quality or state of ownership or control of information?

confidentiality
possession
authenticity
integrity

Answer :- possession

2. Fill in the blanks
The McCumber Cube has ——————-dimensions with ——-cells representing areas that must be addressed to secure today’s information systems.

7 and 21
4 and 27
3 and 18
3 and 27

Answer :- 3 and 27

3. ——————is a weakness or fault in a system or protection mechanism that opens it to attack or damage.

Threat
Vulnerability
Risk
Attack

Answer :- Vulnerability

4. Which of the following is not a component of an organization’s Information System?
(1) Software (2) Vendors (3) People (4) Government (5) ISPs

1&3
1,2 &4
4 & 5
2,4, & 5

Answer :- 2,4, & 5

5. True or False:
The person responsible for the storage, maintenance, and protection of information is the data custodian.

True
False

Answer :- True

6. Biometric data collected from users is used for—————————- process.

Authentication
Authorization
Accountability
Privacy

Answer :- Authentication

7. Select the right options of the C.I.A. triad
(1) Assurance that information is shared only among authorized people or organizations
(2) Assurance that the information is complete and uncorrupted
(3) Assurance that information systems and the necessary data are not available for use when needed

(1) True (2) False (3) True
(1) False (2) False (3) True
(1) True (2) True (3) True
(1) True (2) True (3) False

Answer :- (1) True (2) True (3) False

8. Match the following:

A-1, B-3, C-4, D-2, E-5
A-3, B-4, C-5, D-1, E-2
A-5, B-4, C-3, D-2, E-1
A-1, B-2, C-3, D-4, E-5

Answer :- A-5, B-4, C-3, D-2, E-1

9. Who are responsible for the security and use of a particular set of information?

Data users
Data exporter
Data custodians
Data owner

Answer :- Data custodians

10. True or False:
If information has a state of being genuine or original and is not a fabrication, it has the characteristic of authenticity.

True
False

Answer :- True

NPTEL Cyber Security and Privacy Week 1 Assignment Answer 2023

1. Security is a state or quality of being secure to be free from–————-.

Vulnerability
Threat
Attack
Danger

Answer :- d (Danger)

2. Which term among the following is correct?

Cybersecurity
Cyber-security
Cyber security
All are correct

Answer :- d (All are correct)

3. What does “cyber” meanin the context of Information Technology?

Software
Hardware
Network
Online World

Answer :- D (Online World)

4. Cyber security affects individuals, organizations, society and ——————–.

Government
Institution
Department
Firms

Answer :- a (Government)

5. Choose the odd one

Phishing attack
Denial of Service attack
SQL Injection
Man in the middle attack
Importing data

Answer :- e (Importing data)

6. Restricting unauthorized access and misuse of physical assets helps in achieving physical security of an organization.

True
False

Answer :- a (True)

7. Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment , organization and