QCM : Cybersecurity Fundamentals and Strategies — 10 questions

Explication

Confidentiality in cybersecurity specifically refers to protecting sensitive information from unauthorized access or disclosure. It is one of the three core objectives of cybersecurity, along with integrity and availability, forming the CIA triad. The other options describe related but distinct concepts: integrity (accuracy and trustworthiness of data), availability (accessibility of data and resources), and risk (potential for loss or damage).

Explication

The CIA triad in cybersecurity stands for Confidentiality, Integrity, and Availability, which are the primary goals for protecting information systems. These objectives help organizations ensure data is protected properly in terms of privacy, accuracy, and accessibility.

Explication

NIST, the National Institute of Standards and Technology, is responsible for developing widely adopted cybersecurity frameworks and guidelines, such as the NIST Cybersecurity Framework. While CIS provides best practices and ISO develops international standards, NIST is the primary organization for creating comprehensive cybersecurity frameworks used in the United States and globally.

Explication

Hashing and digital signatures are tools that help verify that data has not been altered, thus maintaining data integrity. Encryption primarily focuses on confidentiality, while access controls and firewalls help restrict unauthorized access.

Explication

Malware's primary function is to damage, disrupt, or gain unauthorized access to computer systems. It includes viruses, worms, trojans, ransomware, and spyware, all designed to harm or exploit systems for malicious purposes. The other options describe specific functions of phishing, DoS attacks, and APTs, respectively, but malware's main role encompasses causing harm or unauthorized access.

Explication

Malware refers to malicious software such as viruses, worms, and trojans, created specifically to damage, disrupt, or gain unauthorized access to computer systems.

Explication

NIST is the organization responsible for developing cybersecurity standards, frameworks, and guidelines in the U.S., helping organizations improve their cybersecurity posture.

Explication

Phishing involves attackers impersonating trusted entities via emails or fake websites to trick victims into divulging sensitive information like passwords or credit card details.

Explication

Risk management helps organizations identify vulnerabilities and threats, evaluate their potential impact, and implement controls to mitigate risks, which is essential for a balanced cybersecurity strategy.

Explication

Artificial Intelligence and Machine Learning are increasingly used in cybersecurity to analyze data patterns, detect anomalies, and automate responses to threats, improving response times and effectiveness.