NPTEL Cyber Security and Privacy Week 3 Assignment Answers 2024

admin
By admin

NPTEL Cyber Security and Privacy Week 3 Assignment Answers 2024

1. The process of defining and specifying the long-term direction to be taken by an organization, and the allocation and acquisition of resources needed to pursue this effort is known as:

  • Governance
  • Security Management
  • Strategic Planning
  • Objectives
Answer :- For Answers Click Here

2. Which of the following statements best describes the relationship between GRC (Governance, Risk, and Compliance) and cybersecurity ?

  • GRC focuses solely on cybersecurity management and overlooks other risk management initiatives.
  • Cybersecurity is the primary focus of GRC, with minimal consideration for other risks.
  • GRC integrates cybersecurity as one component within the broader framework of enterprise risk management (ERM).
  • GRC is a standalone framework independent of cybersecurity and risk management.
Answer :- For Answers Click Here

3. A written document provided by management that inform employees and others in the workplace about proper behavior regarding the use of information and information assets are known as:

  • Guidelines
  • Information Security Policy
  • De facto standard
  • Practices
Answer :- 

4. Which approach to cybersecurity management treats cybersecurity as a separate category distinct from other risks an organization may face, and focuses solely on cybersecurity, depending on the size and nature of the organization?

  • Standard Driven Approach
  • Organization Planning Approach
  • GRC Framework
  • Risk Management Framework
Answer :- 

5. Benefits of implementing a GRC in an organization include:

  • Responsible operations
  • Data-driven decision-making
  • Improved cybersecurity
  • All the above
Answer :- For Answers Click Here

6. What is the purpose of the COBIT maturity model?

  • To assess an organization’s maturity in IT governance processes
  • To rank organizations based on their financial performance
  • To determine the efficiency of network infrastructure
  • To evaluate employee satisfaction levels in the IT department
Answer :- 

7. COSO’s ERM framework emphasizes:

  • Operational efficiency
  • Risk identification and assessment
  • Regulatory compliance
  • Human resource management
Answer :- 

8. Which characteristic distinguishes the approaches of COBIT, COSO, and COSO-ERM from specific standards like ISO or NIST?

  • They prioritize cybersecurity over other risk management aspects.
  • They focus exclusively on small to medium-sized enterprises (SMEs).
  • They operate at the enterprise level rather than focusing on specific standards.
  • They are primarily developed by governmental regulatory bodies.
Answer :- For Answers Click Here

9. Why might some countries be hesitant to adopt the ISO 27001 model?

  • It is a mandatory standard with strict compliance requirements.
  • It is not recognized as a valid security framework by international organizations.
  • There are concerns about the model’s overall effectiveness compared to existing approaches.
  • It prioritizes specific security vendors or technologies.
Answer :- 

10. Which of the following is not considered a principle or practice for securing IT systems?

  • Implement layered security to ensure there is no single point of vulnerability.
  • Do not implement unnecessary security mechanisms.
  • Maximize the system elements to be trusted.
  • Assume that external systems are insecure.
Answer :- For Answers Click Here
Share This Article
Leave a comment